feat: reset user 2fa from admin panel (#1943)

2025-11-13 08:13:56 +10:00 · 2025-08-19 06:09:05 +03:00
parent a51110d276
commit 6f35342a83
5 changed files with 227 additions and 2 deletions
--- a/packages/trpc/server/admin-router/reset-two-factor-authentication.ts
+++ b/packages/trpc/server/admin-router/reset-two-factor-authentication.ts
@ -0,0 +1,50 @@
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
+import { prisma } from '@documenso/prisma';
+
+import { adminProcedure } from '../trpc';
+import {
+  ZResetTwoFactorRequestSchema,
+  ZResetTwoFactorResponseSchema,
+} from './reset-two-factor-authentication.types';
+
+export const resetTwoFactorRoute = adminProcedure
+  .input(ZResetTwoFactorRequestSchema)
+  .output(ZResetTwoFactorResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { userId } = input;
+
+    ctx.logger.info({
+      input: {
+        userId,
+      },
+    });
+
+    return await resetTwoFactor({ userId });
+  });
+
+export type ResetTwoFactorOptions = {
+  userId: number;
+};
+
+export const resetTwoFactor = async ({ userId }: ResetTwoFactorOptions) => {
+  const user = await prisma.user.findFirst({
+    where: {
+      id: userId,
+    },
+  });
+
+  if (!user) {
+    throw new AppError(AppErrorCode.NOT_FOUND, { message: 'User not found' });
+  }
+
+  await prisma.user.update({
+    where: {
+      id: user.id,
+    },
+    data: {
+      twoFactorEnabled: false,
+      twoFactorBackupCodes: null,
+      twoFactorSecret: null,
+    },
+  });
+};
--- a/packages/trpc/server/admin-router/reset-two-factor-authentication.types.ts
+++ b/packages/trpc/server/admin-router/reset-two-factor-authentication.types.ts
@ -0,0 +1,10 @@
+import { z } from 'zod';
+
+export const ZResetTwoFactorRequestSchema = z.object({
+  userId: z.number(),
+});
+
+export const ZResetTwoFactorResponseSchema = z.void();
+
+export type TResetTwoFactorRequest = z.infer<typeof ZResetTwoFactorRequestSchema>;
+export type TResetTwoFactorResponse = z.infer<typeof ZResetTwoFactorResponseSchema>;
--- a/packages/trpc/server/admin-router/router.ts
+++ b/packages/trpc/server/admin-router/router.ts
@ -21,6 +21,7 @@ import { deleteSubscriptionClaimRoute } from './delete-subscription-claim';
 import { findAdminOrganisationsRoute } from './find-admin-organisations';
 import { findSubscriptionClaimsRoute } from './find-subscription-claims';
 import { getAdminOrganisationRoute } from './get-admin-organisation';
+import { resetTwoFactorRoute } from './reset-two-factor-authentication';
 import {
  ZAdminDeleteDocumentMutationSchema,
  ZAdminDeleteUserMutationSchema,
@ -51,6 +52,9 @@ export const adminRouter = router({
  stripe: {
    createCustomer: createStripeCustomerRoute,
  },
+  user: {
+    resetTwoFactor: resetTwoFactorRoute,
+  },

  // Todo: migrate old routes
  findDocuments: adminProcedure.input(ZAdminFindDocumentsQuerySchema).query(async ({ input }) => {