vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README
commit 8f8d7418eddaa180535d112f4db9da67fe8ac5b8
parent af6d17b7013d4d82fac916cb867c0dd97da9c301
Author: Jonathan Elias Caicedo <jonathan@jcaicedo.com>
Date:   Fri, 24 Feb 2023 16:24:48 -0500

Add confirmation for removing 2FA and deauth sessions in admin panel

Diffstat:

Msrc/static/scripts/admin_users.js | 22++++++++++++++--------


1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/src/static/scripts/admin_users.js b/src/static/scripts/admin_users.js
@@ -32,10 +32,13 @@ function remove2fa(event) {
         alert("Required parameters not found!");
         return false;
     }
-    _post(`${BASE_URL}/admin/users/${id}/remove-2fa`,
-        "2FA removed correctly",
-        "Error removing 2FA"
-    );
+    const confirmed = confirm(`Are you sure you want to remove 2FA for "${email}"?`);
+    if (confirmed) {
+        _post(`${BASE_URL}/admin/users/${id}/remove-2fa`,
+            "2FA removed correctly",
+            "Error removing 2FA"
+        );
+    }
 }
 
 function deauthUser(event) {
@@ -46,10 +49,13 @@ function deauthUser(event) {
         alert("Required parameters not found!");
         return false;
     }
-    _post(`${BASE_URL}/admin/users/${id}/deauth`,
-        "Sessions deauthorized correctly",
-        "Error deauthorizing sessions"
-    );
+    const confirmed = confirm(`Are you sure you want to deauthorize sessions for "${email}"?`);
+    if (confirmed) {
+        _post(`${BASE_URL}/admin/users/${id}/deauth`,
+            "Sessions deauthorized correctly",
+            "Error deauthorizing sessions"
+        );
+    }
 }
 
 function disableUser(event) {