added destroyOTPSession, so that one can remove OTP account

2 years ago · 4ac56f1315
3 changed files with 16 additions and 6 deletions
--- a/app/services/otp-auth.js
+++ b/app/services/otp-auth.js
@ -217,6 +217,11 @@ class OtpAuthService extends SiteService {
    return true;
  }

+  async destroyOtpSession (req, serviceName) {
+    delete req.session.otp[serviceName];
+    await this.saveSession(req)
+  }
+
  async removeForUser (user) {
    return await OtpAccount.deleteMany({ user: user });
  }
--- a/app/views/admin/otp/index.pug
+++ b/app/views/admin/otp/index.pug
@ -5,13 +5,17 @@ block content
  div(uk-grid).uk-flex-middle
    .uk-width-expand
      h1.margin-remove Tokens
-        .uk-width-auto
+        section.uk-section.uk-section-default.uk-section-xsmall
+          .uk-container 
+            .uk-text-small
+              h4 This is where you will regenerate OTP tokens for your admin account and destroy your old OTP account.
+        //- .uk-width-auto
          button(
              type="button",
-              data-user= user,
+              data-user= user._id,
              onclick="return dtp.adminApp.generateOTPTokens(event);",
            ).uk-button.dtp-button-danger
-              +renderButtonIcon('fa-repeat', 'Generate OTP Tokens')    
+              +renderButtonIcon('fa-repeat', 'Generate OTP Tokens')
      //- regenerate route should set this so tokens can be viewed once.
      if otpRegen 
        section.uk-section.uk-section-default.uk-section-xsmall
@ -21,4 +25,4 @@ block content
            each token of tokens
              ul.uk-list.uk-list-divider
                li
-                  .uk-text-small= token.token
+                  .uk-text-small= token.token
--- a/app/views/otp/new-account.pug
+++ b/app/views/otp/new-account.pug
@ -17,5 +17,6 @@ block content

  section.uk-section.uk-section-default.uk-section-xsmall
    .uk-container
-      p Your account is now enabled with access to #{site.name} #{otpServiceName}.
-      a(href= otpRedirectURL, title="Continue").uk-button.uk-button-primary.uk-border-pill Continue
+      p Your account is now enabled with access to #{site.name} #{otpAccount.service}.
+      a(href= otpRedirectURL, title="Continue").uk-button.uk-button-primary.uk-border-pill Continue
+