Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reintroduce notion of MFAEnabled #588

Merged
merged 3 commits into from
Aug 10, 2022
Merged

Reintroduce notion of MFAEnabled #588

merged 3 commits into from
Aug 10, 2022

Conversation

J0
Copy link
Contributor

@J0 J0 commented Aug 3, 2022

What kind of change does this PR introduce?

MFAEnabled is no longer a variable on the User model that can be toggled. Rather, a user can only call special MFA methods(like delete factor, unenroll factor) when they have at least one verified factor. It is more a safeguard than anything (and partially for security) because users calling the endpoints without a verified factor would still get an actor but perhaps with a more obscure message.

What is the current behavior?

Please link any relevant issues here.

What is the new behavior?

Feel free to include screenshots if it includes visual changes.

Additional context

Add any other context or screenshots.

@J0 J0 merged commit 258d669 into mfa Aug 10, 2022
@J0 J0 deleted the j0/reintroduce_mfa_enabled_checks branch August 10, 2022 06:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant