fix: Notify user stream when enabling/disabling TOTP 2FA (#35188)

d918dfa2 · Yash Rajpal · GitHub · 599fd932 · d918dfa2 · d918dfa2
Unverified Commit d918dfa2 authored 2 months ago by Yash Rajpal Committed by GitHub 2 months ago
--- a/.changeset/five-wolves-destroy.md
+++ b/.changeset/five-wolves-destroy.md
+---
+'@rocket.chat/meteor': patch
+---
+
+Fixes a UI issue where enabling/disabling TOTP two factor authentication didn't update in real-time.
--- a/apps/meteor/app/2fa/server/methods/disable.ts
+++ b/apps/meteor/app/2fa/server/methods/disable.ts
@@ -2,6 +2,7 @@ import type { ServerMethods } from '@rocket.chat/ddp-client';
 import { Users } from '@rocket.chat/models';
 import { Meteor } from 'meteor/meteor';

+import { notifyOnUserChange } from '../../../lib/server/lib/notifyListener';
 import { TOTP } from '../lib/totp';

 declare module '@rocket.chat/ddp-client' {
@@ -26,7 +27,7 @@ Meteor.methods<ServerMethods>({
 			});
 		}

-		if (!user.services?.totp) {
+		if (!user.services?.totp?.enabled) {
 			return false;
 		}

@@ -41,6 +42,14 @@ Meteor.methods<ServerMethods>({
 			return false;
 		}

-		return (await Users.disable2FAByUserId(userId)).modifiedCount > 0;
+		const { modifiedCount } = await Users.disable2FAByUserId(userId);
+
+		if (!modifiedCount) {
+			return false;
+		}
+
+		void notifyOnUserChange({ clientAction: 'updated', id: user._id, diff: { 'services.totp.enabled': false } });
+
+		return true;
 	},
 });
--- a/apps/meteor/app/2fa/server/methods/validateTempToken.ts
+++ b/apps/meteor/app/2fa/server/methods/validateTempToken.ts
@@ -2,7 +2,7 @@ import type { ServerMethods } from '@rocket.chat/ddp-client';
 import { Users } from '@rocket.chat/models';
 import { Meteor } from 'meteor/meteor';

-import { notifyOnUserChangeAsync } from '../../../lib/server/lib/notifyListener';
+import { notifyOnUserChange, notifyOnUserChangeAsync } from '../../../lib/server/lib/notifyListener';
 import { TOTP } from '../lib/totp';

 declare module '@rocket.chat/ddp-client' {
@@ -56,13 +56,18 @@ Meteor.methods<ServerMethods>({
 					if (!this.userId) {
 						return;
 					}
-					const userTokens = await Users.findOneById(this.userId, { projection: { 'services.resume.loginTokens': 1 } });
+					const user = await Users.findOneById(this.userId, { projection: { 'services.resume.loginTokens': 1, 'services.totp': 1 } });
 					return {
 						clientAction: 'updated',
 						id: this.userId,
-						diff: { 'services.resume.loginTokens': userTokens?.services?.resume?.loginTokens },
+						diff: {
+							'services.resume.loginTokens': user?.services?.resume?.loginTokens,
+							...(user?.services?.totp && { 'services.totp.enabled': user.services.totp.enabled }),
+						},
 					};
 				});
+			} else {
+				void notifyOnUserChange({ clientAction: 'updated', id: user._id, diff: { 'services.totp.enabled': true } });
 			}
 		}


--- a/apps/meteor/client/views/account/security/TwoFactorTOTP.tsx
+++ b/apps/meteor/client/views/account/security/TwoFactorTOTP.tsx
@@ -92,12 +92,13 @@ const TwoFactorTOTP = (props: TwoFactorTOTPProps): ReactElement => {
 					return dispatchToastMessage({ type: 'error', message: t('Invalid_two_factor_code') });
 				}

+				setRegisteringTotp(false);
 				setModal(<BackupCodesModal codes={result.codes} onClose={closeModal} />);
 			} catch (error) {
 				dispatchToastMessage({ type: 'error', message: error });
 			}
 		},
-		[closeModal, dispatchToastMessage, setModal, t, verifyCodeFn],
+		[closeModal, dispatchToastMessage, setModal, t, verifyCodeFn, setRegisteringTotp],
 	);

 	const handleRegenerateCodes = useCallback(() => {