summary refs log tree commit diff
path: root/api/src/routes/users/@me/mfa/totp/enable.ts
diff options
context:
space:
mode:
Diffstat (limited to 'api/src/routes/users/@me/mfa/totp/enable.ts')
-rw-r--r--api/src/routes/users/@me/mfa/totp/enable.ts11
1 files changed, 7 insertions, 4 deletions
diff --git a/api/src/routes/users/@me/mfa/totp/enable.ts b/api/src/routes/users/@me/mfa/totp/enable.ts
index bc5f16ad..87f36d55 100644
--- a/api/src/routes/users/@me/mfa/totp/enable.ts
+++ b/api/src/routes/users/@me/mfa/totp/enable.ts
@@ -1,10 +1,9 @@
 import { Router, Request, Response } from "express";
-import { User, generateToken, BackupCode, generateMfaBackupCodes } from "@fosscord/util";
+import { User, generateToken, BackupCode, generateMfaBackupCodes, Config } from "@fosscord/util";
 import { route } from "@fosscord/api";
 import bcrypt from "bcrypt";
 import { HTTPError } from "lambert-server";
 import { verifyToken } from 'node-2fa';
-import crypto from "crypto";
 
 const router = Router();
 
@@ -35,8 +34,12 @@ router.post("/", route({ body: "TotpEnableSchema" }), async (req: Request, res:
 	if (verifyToken(body.secret, body.code)?.delta != 0)
 		throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
 
-	let backup_codes = generateMfaBackupCodes(req.user_id);
-	await Promise.all(backup_codes.map(x => x.save()));
+	let backup_codes: BackupCode[] = [];
+	if (Config.get().security.twoFactor.generateBackupCodes) {
+		backup_codes = generateMfaBackupCodes(req.user_id);
+		await Promise.all(backup_codes.map(x => x.save()));
+	}
+
 	await User.update(
 		{ id: req.user_id },
 		{ mfa_enabled: true, totp_secret: body.secret }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-09 23:37:58 +0000