Fixes#14125
Listen to 2FA disable event. If a provider is disabled for a user. We
check if there are no more providers. If there are no more providers we
Remove the backupcode reminder notification (if still present).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Now that we can enforce 2FA we also should notify users that have
enabled 2FA but do not yet have backup codes generated.
This adds a repair step that inserts a background job to do this.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Generate a notification to generate backup codes if you enable an other
2FA provider but backup codes are not yet generated.
* Add event listner
* Insert background job
* Background job tests and emits notification every 2 weeks
* If the backup codes are generated the next run will remove the job
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Starting with Nextcloud 14, the server knows the enabled/disabled
state of 2fa providers. While it will query that information if it's
unknown (on first use), it won't notice any changes. Thus, providers
have to propagate that information themselves.
Ref https://github.com/nextcloud/twofactor_totp/pull/263
Ref https://github.com/nextcloud/twofactor_u2f/pull/210
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Joas Schilling
Christoph Wurst
Roeland Jago Douma
Morris Jobke