v1.0 Initial commit of project

pub/api/classes/API_mfa.php

@@ -0,0 +1,40 @@
+<?php
+
+namespace api\classes;
+
+use api\classes\API;
+
+require_once 'API.php';
+
+class API_mfa extends API
+{
+    public function disableMFA()
+    {
+        # Users cannot, by default disable MFA of other users
+        if ($this->getUserUuid() != $this->data['user_uuid']) {
+            $this->checkPermissions('admin-access-admins-mfa', 'RW');
+        }
+
+        $query = "UPDATE vc_users SET user_two_factor_enabled = 0, user_two_factor_secret = NULL WHERE user_uuid = ?";
+        $stmt = $this->prepareStatement($query);
+        $stmt->bind_param("s", $this->data['user_uuid']);
+        $this->executeStatement($stmt);
+
+        $this->apiOutput(200, ['success' => 'mfa is disabled']);
+    }
+
+    public function enableMFA()
+    {
+        # Users cannot, create MFA of other users
+        if ($this->getUserUuid() != $this->data['user_uuid']) {
+            $this->apiOutput(401, ['error' => 'you are not allowed to enable mfa for others']);
+        }
+
+        $query = "UPDATE vc_users SET user_two_factor_enabled = 1, user_two_factor_secret = ? WHERE user_uuid = ?";
+        $stmt = $this->prepareStatement($query);
+        $stmt->bind_param("ss", $this->data['user_two_factor_secret'], $this->data['user_uuid']);
+        $this->executeStatement($stmt);
+
+        $this->apiOutput(200, ['success' => 'mfa is enabled']);
+    }
+}