Fix recover-2fa not working.

When audit logging was introduced there entered a small bug preventing the recover-2fa from working. This PR fixes that by add a new headers check to extract the device-type when possible and use that for the logging. Fixes #2985
2025-09-13 03:55:58 +03:00 · 2022-12-15 15:57:30 +01:00
parent b60a4a68c7
commit 8e5f03972e
3 changed files with 41 additions and 10 deletions
--- a/src/api/core/two_factor/mod.rs
+++ b/src/api/core/two_factor/mod.rs
@@ -6,7 +6,7 @@ use serde_json::Value;

 use crate::{
    api::{core::log_user_event, JsonResult, JsonUpcase, NumberOrString, PasswordData},
-    auth::{ClientIp, Headers},
+    auth::{ClientHeaders, ClientIp, Headers},
    crypto,
    db::{models::*, DbConn, DbPool},
    mail, CONFIG,
@@ -73,7 +73,12 @@ struct RecoverTwoFactor {
 }

 #[post("/two-factor/recover", data = "<data>")]
-async fn recover(data: JsonUpcase<RecoverTwoFactor>, headers: Headers, mut conn: DbConn, ip: ClientIp) -> JsonResult {
+async fn recover(
+    data: JsonUpcase<RecoverTwoFactor>,
+    client_headers: ClientHeaders,
+    mut conn: DbConn,
+    ip: ClientIp,
+) -> JsonResult {
    let data: RecoverTwoFactor = data.into_inner().data;

    use crate::db::models::User;
@@ -97,7 +102,7 @@ async fn recover(data: JsonUpcase<RecoverTwoFactor>, headers: Headers, mut conn:
    // Remove all twofactors from the user
    TwoFactor::delete_all_by_user(&user.uuid, &mut conn).await?;

-    log_user_event(EventType::UserRecovered2fa as i32, &user.uuid, headers.device.atype, &ip.ip, &mut conn).await;
+    log_user_event(EventType::UserRecovered2fa as i32, &user.uuid, client_headers.device_type, &ip.ip, &mut conn).await;

    // Remove the recovery code, not needed without twofactors
    user.totp_recover = None;