From 0551f07d1553228e50938bc2b794ef3ceba14bfb Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Fri, 6 Feb 2026 11:50:49 +0100 Subject: [PATCH 1/7] allow for disabling specific MFA method --- crates/defguard_core/src/handlers/auth.rs | 34 +++++++++++++++ crates/defguard_core/src/lib.rs | 12 ++++-- .../ProfileAuthCard/ProfileAuthCard.tsx | 42 ++++++++++++++----- web/src/shared/api/api.ts | 3 ++ 4 files changed, 76 insertions(+), 15 deletions(-) diff --git a/crates/defguard_core/src/handlers/auth.rs b/crates/defguard_core/src/handlers/auth.rs index ac1ba97774..ad66562dd4 100644 --- a/crates/defguard_core/src/handlers/auth.rs +++ b/crates/defguard_core/src/handlers/auth.rs @@ -46,6 +46,7 @@ use crate::{ mail::{ send_email_mfa_activation_email, send_email_mfa_code_email, send_mfa_configured_email, }, + user::delete_security_key, user_for_admin_or_self, }, headers::{USER_AGENT_PARSER, check_new_device_login, get_user_agent_device}, @@ -402,6 +403,39 @@ pub async fn disable_user_mfa( Ok(ApiResponse::default()) } +pub async fn disable_specific_user_mfa_method( + session_info: SessionInfo, + context: ApiRequestContext, + State(appstate): State, + Path((username, mfa_method)): Path<(String, MFAMethod)>, +) -> ApiResult { + let mut user = user_for_admin_or_self(&appstate.pool, &session_info, &username).await?; + + match mfa_method { + MFAMethod::OneTimePassword => { + user.disable_totp(&appstate.pool).await?; + info!("Disabled TOTP for user {username}"); + return Ok(ApiResponse::default()); + } + MFAMethod::Email => { + user.disable_email_mfa(&appstate.pool).await?; + info!("Disabled TOTP for user {username}"); + return Ok(ApiResponse::default()); + } + MFAMethod::Webauthn => { + let keys = WebAuthn::all_for_user(&appstate.pool, user.id).await?; + for key in keys { + key.delete(&appstate.pool).await?; + } + info!("Disabled TOTP for user {username}"); + return Ok(ApiResponse::default()); + } + MFAMethod::None => { + return Ok(ApiResponse::default()); + } + } +} + /// Initialize WebAuthn registration pub async fn webauthn_init( mut session_info: SessionInfo, diff --git a/crates/defguard_core/src/lib.rs b/crates/defguard_core/src/lib.rs index 0a4a66bbff..bb4e92bf3f 100644 --- a/crates/defguard_core/src/lib.rs +++ b/crates/defguard_core/src/lib.rs @@ -111,10 +111,10 @@ use crate::{ handlers::{ app_info::get_app_info, auth::{ - authenticate, email_mfa_code, email_mfa_disable, email_mfa_enable, email_mfa_init, - logout, mfa_disable, mfa_enable, recovery_code, request_email_mfa_code, totp_code, - totp_disable, totp_enable, totp_secret, webauthn_end, webauthn_finish, webauthn_init, - webauthn_start, + authenticate, disable_specific_user_mfa_method, email_mfa_code, email_mfa_disable, + email_mfa_enable, email_mfa_init, logout, mfa_disable, mfa_enable, recovery_code, + request_email_mfa_code, totp_code, totp_disable, totp_enable, totp_secret, + webauthn_end, webauthn_finish, webauthn_init, webauthn_start, }, component_setup::setup_gateway_tls_stream, forward_auth::forward_auth, @@ -309,6 +309,10 @@ pub fn build_webapp( delete(delete_authorized_app), ) .route("/user/{username}/mfa", delete(disable_user_mfa)) + .route( + "/user/{username}/{method}", + delete(disable_specific_user_mfa_method), + ) // forward_auth .route("/forward_auth", get(forward_auth)) // group diff --git a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx index 368db73d42..5b453b7953 100644 --- a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx +++ b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx @@ -68,7 +68,12 @@ export const ProfileAuthCard = () => { }); const { mutate: disableMfaMutation } = useMutation({ - mutationFn: api.auth.mfa.disable, + mutationFn: () => { + if (user.username !== authUsername) { + return api.user.disableMfa(user.username); + } + return api.auth.mfa.disable(); + }, meta: invalidateAfterMfaChange, }); @@ -78,24 +83,39 @@ export const ProfileAuthCard = () => { }); const { mutate: mutateDisableEmailMfa } = useMutation({ - mutationFn: api.auth.mfa.email.disable, + mutationFn: () => { + if (user.username !== authUsername) { + return api.user.disableSpecificMFA(user.username, UserMfaMethod.Email); + } + return api.auth.mfa.email.disable(); + }, meta: invalidateAfterMfaChange, }); const { mutate: mutateDisableTotp } = useMutation({ - mutationFn: api.auth.mfa.totp.disable, + mutationFn: () => { + if (user.username !== authUsername) { + return api.user.disableSpecificMFA(user.username, UserMfaMethod.OneTimePassword); + } + return api.auth.mfa.totp.disable(); + }, meta: invalidateAfterMfaChange, }); const { mutate: mutateDisableWebauthn } = useMutation({ - mutationFn: () => { - const res = securityKeys.map((key) => - api.auth.mfa.webauthn.deleteKey({ - username: user.username, - keyId: key.id, - }), - ); - return Promise.all(res); + mutationFn: async (): Promise => { + if (user.username !== authUsername) { + await api.user.disableSpecificMFA(user.username, UserMfaMethod.Webauthn); + } else { + await Promise.all( + securityKeys.map((key) => + api.auth.mfa.webauthn.deleteKey({ + username: user.username, + keyId: key.id, + }), + ), + ); + } }, meta: invalidateAfterMfaChange, }); diff --git a/web/src/shared/api/api.ts b/web/src/shared/api/api.ts index fba2900e18..b3f2cd436d 100644 --- a/web/src/shared/api/api.ts +++ b/web/src/shared/api/api.ts @@ -83,6 +83,7 @@ import type { User, UserChangePasswordRequest, UserDevice, + UserMfaMethodValue, UserProfileResponse, UsersListItem, ValidateDeviceIpsRequest, @@ -189,6 +190,8 @@ const api = { deleteApiToken: ({ username, id }: DeleteApiTokenRequest) => client.delete(`/user/${username}/api_token/${id}`), disableMfa: (username: string) => client.delete(`/user/${username}/mfa`), + disableSpecificMFA: (username: string, method: UserMfaMethodValue) => + client.delete(`/user/${username}/${method}`), activeStateChange: async ({ active, username, From 3c21574a19e85be4930ea7e506f6f1a0ab43b55b Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Fri, 6 Feb 2026 11:57:40 +0100 Subject: [PATCH 2/7] remove unnecessary changes --- .../ProfileAuthCard/ProfileAuthCard.tsx | 22 +++++++------------ 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx index 5b453b7953..1b2ac96ff3 100644 --- a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx +++ b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx @@ -103,23 +103,17 @@ export const ProfileAuthCard = () => { }); const { mutate: mutateDisableWebauthn } = useMutation({ - mutationFn: async (): Promise => { - if (user.username !== authUsername) { - await api.user.disableSpecificMFA(user.username, UserMfaMethod.Webauthn); - } else { - await Promise.all( - securityKeys.map((key) => - api.auth.mfa.webauthn.deleteKey({ - username: user.username, - keyId: key.id, - }), - ), - ); - } + mutationFn: () => { + const res = securityKeys.map((key) => + api.auth.mfa.webauthn.deleteKey({ + username: user.username, + keyId: key.id, + }), + ); + return Promise.all(res); }, meta: invalidateAfterMfaChange, }); - const emailMenuItems = useMemo(() => { const items: MenuItemProps[] = []; if (!user.email_mfa_enabled) { From 624c8ad829bbd320c48e6966928491736a4bc1cc Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Fri, 6 Feb 2026 13:11:18 +0100 Subject: [PATCH 3/7] api change: always require username when deleting mfa method --- crates/defguard_core/src/handlers/auth.rs | 40 ++----------------- crates/defguard_core/src/lib.rs | 21 +++++----- .../ProfileAuthCard/ProfileAuthCard.tsx | 21 ++-------- web/src/shared/api/api.ts | 6 +-- 4 files changed, 18 insertions(+), 70 deletions(-) diff --git a/crates/defguard_core/src/handlers/auth.rs b/crates/defguard_core/src/handlers/auth.rs index ad66562dd4..c667776651 100644 --- a/crates/defguard_core/src/handlers/auth.rs +++ b/crates/defguard_core/src/handlers/auth.rs @@ -46,7 +46,6 @@ use crate::{ mail::{ send_email_mfa_activation_email, send_email_mfa_code_email, send_mfa_configured_email, }, - user::delete_security_key, user_for_admin_or_self, }, headers::{USER_AGENT_PARSER, check_new_device_login, get_user_agent_device}, @@ -403,39 +402,6 @@ pub async fn disable_user_mfa( Ok(ApiResponse::default()) } -pub async fn disable_specific_user_mfa_method( - session_info: SessionInfo, - context: ApiRequestContext, - State(appstate): State, - Path((username, mfa_method)): Path<(String, MFAMethod)>, -) -> ApiResult { - let mut user = user_for_admin_or_self(&appstate.pool, &session_info, &username).await?; - - match mfa_method { - MFAMethod::OneTimePassword => { - user.disable_totp(&appstate.pool).await?; - info!("Disabled TOTP for user {username}"); - return Ok(ApiResponse::default()); - } - MFAMethod::Email => { - user.disable_email_mfa(&appstate.pool).await?; - info!("Disabled TOTP for user {username}"); - return Ok(ApiResponse::default()); - } - MFAMethod::Webauthn => { - let keys = WebAuthn::all_for_user(&appstate.pool, user.id).await?; - for key in keys { - key.delete(&appstate.pool).await?; - } - info!("Disabled TOTP for user {username}"); - return Ok(ApiResponse::default()); - } - MFAMethod::None => { - return Ok(ApiResponse::default()); - } - } -} - /// Initialize WebAuthn registration pub async fn webauthn_init( mut session_info: SessionInfo, @@ -709,8 +675,9 @@ pub async fn totp_disable( session: SessionInfo, context: ApiRequestContext, State(appstate): State, + username: Path, ) -> ApiResult { - let mut user = session.user; + let mut user = user_for_admin_or_self(&appstate.pool, &session, &username).await?; debug!("Disabling TOTP for user {}", user.username); user.disable_totp(&appstate.pool).await?; user.verify_mfa_state(&appstate.pool).await?; @@ -874,8 +841,9 @@ pub async fn email_mfa_disable( session: SessionInfo, context: ApiRequestContext, State(appstate): State, + username: Path, ) -> ApiResult { - let mut user = session.user; + let mut user = user_for_admin_or_self(&appstate.pool, &session, &username).await?; debug!("Disabling email MFA for user {}", user.username); user.disable_email_mfa(&appstate.pool).await?; user.verify_mfa_state(&appstate.pool).await?; diff --git a/crates/defguard_core/src/lib.rs b/crates/defguard_core/src/lib.rs index bb4e92bf3f..6c973c290b 100644 --- a/crates/defguard_core/src/lib.rs +++ b/crates/defguard_core/src/lib.rs @@ -111,10 +111,10 @@ use crate::{ handlers::{ app_info::get_app_info, auth::{ - authenticate, disable_specific_user_mfa_method, email_mfa_code, email_mfa_disable, - email_mfa_enable, email_mfa_init, logout, mfa_disable, mfa_enable, recovery_code, - request_email_mfa_code, totp_code, totp_disable, totp_enable, totp_secret, - webauthn_end, webauthn_finish, webauthn_init, webauthn_start, + authenticate, email_mfa_code, email_mfa_disable, email_mfa_enable, email_mfa_init, + logout, mfa_disable, mfa_enable, recovery_code, request_email_mfa_code, totp_code, + totp_disable, totp_enable, totp_secret, webauthn_end, webauthn_finish, webauthn_init, + webauthn_start, }, component_setup::setup_gateway_tls_stream, forward_auth::forward_auth, @@ -242,14 +242,12 @@ pub fn build_webapp( .route("/auth/webauthn/start", post(webauthn_start)) .route("/auth/webauthn", post(webauthn_end)) .route("/auth/totp/init", post(totp_secret)) - .route("/auth/totp", post(totp_enable).delete(totp_disable)) + .route("/auth/totp", post(totp_enable)) .route("/auth/totp/verify", post(totp_code)) .route("/auth/email/init", post(email_mfa_init)) .route( "/auth/email", - get(request_email_mfa_code) - .post(email_mfa_enable) - .delete(email_mfa_disable), + get(request_email_mfa_code).post(email_mfa_enable), ) .route("/auth/email/verify", post(email_mfa_code)) .route("/auth/recovery", post(recovery_code)) @@ -267,6 +265,9 @@ pub fn build_webapp( .route("/user/change_password", put(change_self_password)) .route("/user/{username}/password", put(change_password)) .route("/user/{username}/reset_password", post(reset_password)) + // disable mfa + .route("/user/{username}/email", delete(email_mfa_disable)) + .route("/user/{username}/totp", delete(totp_disable)) // auth keys .route( "/user/{username}/auth_key", @@ -309,10 +310,6 @@ pub fn build_webapp( delete(delete_authorized_app), ) .route("/user/{username}/mfa", delete(disable_user_mfa)) - .route( - "/user/{username}/{method}", - delete(disable_specific_user_mfa_method), - ) // forward_auth .route("/forward_auth", get(forward_auth)) // group diff --git a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx index 1b2ac96ff3..c4b6d26d18 100644 --- a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx +++ b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx @@ -68,12 +68,7 @@ export const ProfileAuthCard = () => { }); const { mutate: disableMfaMutation } = useMutation({ - mutationFn: () => { - if (user.username !== authUsername) { - return api.user.disableMfa(user.username); - } - return api.auth.mfa.disable(); - }, + mutationFn: api.auth.mfa.disable, meta: invalidateAfterMfaChange, }); @@ -83,22 +78,12 @@ export const ProfileAuthCard = () => { }); const { mutate: mutateDisableEmailMfa } = useMutation({ - mutationFn: () => { - if (user.username !== authUsername) { - return api.user.disableSpecificMFA(user.username, UserMfaMethod.Email); - } - return api.auth.mfa.email.disable(); - }, + mutationFn: () => api.auth.mfa.email.disable(user.username), meta: invalidateAfterMfaChange, }); const { mutate: mutateDisableTotp } = useMutation({ - mutationFn: () => { - if (user.username !== authUsername) { - return api.user.disableSpecificMFA(user.username, UserMfaMethod.OneTimePassword); - } - return api.auth.mfa.totp.disable(); - }, + mutationFn: () => api.auth.mfa.totp.disable(user.username), meta: invalidateAfterMfaChange, }); diff --git a/web/src/shared/api/api.ts b/web/src/shared/api/api.ts index b3f2cd436d..17a26e4779 100644 --- a/web/src/shared/api/api.ts +++ b/web/src/shared/api/api.ts @@ -190,8 +190,6 @@ const api = { deleteApiToken: ({ username, id }: DeleteApiTokenRequest) => client.delete(`/user/${username}/api_token/${id}`), disableMfa: (username: string) => client.delete(`/user/${username}/mfa`), - disableSpecificMFA: (username: string, method: UserMfaMethodValue) => - client.delete(`/user/${username}/${method}`), activeStateChange: async ({ active, username, @@ -235,7 +233,7 @@ const api = { client.post('/auth/totp/verify', { code, }), - disable: () => client.delete('/auth/totp'), + disable: (username: string) => client.delete(`/user/${username}/totp`), }, email: { init: () => client.post('/auth/email/init'), @@ -243,7 +241,7 @@ const api = { client.post('/auth/email', { code, }), - disable: () => client.delete('/auth/email'), + disable: (username: string) => client.delete(`/user/${username}/email`), resend: () => client.get('/auth/email'), verify: (code: string) => client.post('/auth/email/verify', { code }), From 5b4a93720d52957c3b2f54b81ab50f4327764a4e Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Fri, 6 Feb 2026 13:15:12 +0100 Subject: [PATCH 4/7] remove unused import --- web/src/shared/api/api.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/web/src/shared/api/api.ts b/web/src/shared/api/api.ts index 17a26e4779..8aa6dfe771 100644 --- a/web/src/shared/api/api.ts +++ b/web/src/shared/api/api.ts @@ -83,7 +83,6 @@ import type { User, UserChangePasswordRequest, UserDevice, - UserMfaMethodValue, UserProfileResponse, UsersListItem, ValidateDeviceIpsRequest, From 06ee4e186b73c302cab7043fe2dd888874506588 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Fri, 6 Feb 2026 13:25:46 +0100 Subject: [PATCH 5/7] change paths --- .../ProfileAuthCard/ProfileAuthCard.tsx | 17 ++++++++++++----- web/src/shared/api/api.ts | 10 ++++++++-- 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx index c4b6d26d18..adf7c9df19 100644 --- a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx +++ b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx @@ -78,12 +78,12 @@ export const ProfileAuthCard = () => { }); const { mutate: mutateDisableEmailMfa } = useMutation({ - mutationFn: () => api.auth.mfa.email.disable(user.username), + mutationFn: api.user.mfa.email.disable, meta: invalidateAfterMfaChange, }); const { mutate: mutateDisableTotp } = useMutation({ - mutationFn: () => api.auth.mfa.totp.disable(user.username), + mutationFn: api.user.mfa.email.disable, meta: invalidateAfterMfaChange, }); @@ -120,7 +120,7 @@ export const ProfileAuthCard = () => { items.push({ text: m.controls_disable(), icon: 'minus-circle', - onClick: () => mutateDisableEmailMfa(), + onClick: () => mutateDisableEmailMfa(user.username), }); } const res: MenuItemsGroup = { @@ -132,6 +132,7 @@ export const ProfileAuthCard = () => { mutateDisableEmailMfa, mutateSetDefaultMfa, user.mfa_method, + user.username, ]); const mfaMenuItems = useMemo(() => { @@ -227,7 +228,7 @@ export const ProfileAuthCard = () => { icon: 'minus-circle', text: m.controls_disable(), onClick: () => { - mutateDisableTotp(); + mutateDisableTotp(user.username); }, }); } @@ -235,7 +236,13 @@ export const ProfileAuthCard = () => { return { items, }; - }, [mutateDisableTotp, user.totp_enabled, mutateSetDefaultMfa, user.mfa_method]); + }, [ + mutateDisableTotp, + user.totp_enabled, + mutateSetDefaultMfa, + user.mfa_method, + user.username, + ]); return ( diff --git a/web/src/shared/api/api.ts b/web/src/shared/api/api.ts index 8aa6dfe771..84a5ca8620 100644 --- a/web/src/shared/api/api.ts +++ b/web/src/shared/api/api.ts @@ -202,6 +202,14 @@ const api = { }); }, deleteUser: (username: string) => client.delete(`/user/${username}`), + mfa: { + totp: { + disable: (username: string) => client.delete(`/user/${username}/totp`), + }, + email: { + disable: (username: string) => client.delete(`/user/${username}/email`), + }, + }, }, webhook: { addWebhook: (data: AddWebhookRequest) => client.post('/webhook', data), @@ -232,7 +240,6 @@ const api = { client.post('/auth/totp/verify', { code, }), - disable: (username: string) => client.delete(`/user/${username}/totp`), }, email: { init: () => client.post('/auth/email/init'), @@ -240,7 +247,6 @@ const api = { client.post('/auth/email', { code, }), - disable: (username: string) => client.delete(`/user/${username}/email`), resend: () => client.get('/auth/email'), verify: (code: string) => client.post('/auth/email/verify', { code }), From d1036ebf18a8cb52527a826d4c3549f540221125 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Fri, 6 Feb 2026 13:32:39 +0100 Subject: [PATCH 6/7] typo --- .../components/ProfileAuthCard/ProfileAuthCard.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx index adf7c9df19..cefb00a868 100644 --- a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx +++ b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx @@ -83,7 +83,7 @@ export const ProfileAuthCard = () => { }); const { mutate: mutateDisableTotp } = useMutation({ - mutationFn: api.user.mfa.email.disable, + mutationFn: api.user.mfa.totp.disable, meta: invalidateAfterMfaChange, }); From 1f529ee1ce6098a2583e5dd558b872ec42886ff0 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Fri, 6 Feb 2026 13:34:38 +0100 Subject: [PATCH 7/7] remove braces --- .../components/ProfileAuthCard/ProfileAuthCard.tsx | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx index cefb00a868..36c514baf2 100644 --- a/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx +++ b/web/src/pages/user-profile/UserProfilePage/tabs/ProfileDetailsTab/components/ProfileAuthCard/ProfileAuthCard.tsx @@ -227,9 +227,7 @@ export const ProfileAuthCard = () => { items.push({ icon: 'minus-circle', text: m.controls_disable(), - onClick: () => { - mutateDisableTotp(user.username); - }, + onClick: () => mutateDisableTotp(user.username), }); }