* 🔒 feat: add Two-Factor Authentication (2FA) with backup codes & QR support (#5684)
* working version for generating TOTP and authenticate.
* better looking UI
* refactored + better TOTP logic
* fixed issue with UI
* fixed issue: remove initial setup when closing window before completion.
* added: onKeyDown for verify and disable
* refactored some code and cleaned it up a bit.
* refactored some code and cleaned it up a bit.
* refactored some code and cleaned it up a bit.
* refactored some code and cleaned it up a bit.
* fixed issue after updating to new main branch
* updated example
* refactored controllers
* removed `passport-totp` not used.
* update the generateBackupCodes function to generate 10 codes by default:
* update the backup codes to an object.
* fixed issue with backup codes not working
* be able to disable 2FA with backup codes.
* removed new env. replaced with JWT_SECRET
* ✨ style: improved a11y and style for TwoFactorAuthentication
* 🔒 fix: small types checks
* ✨ feat: improve 2FA UI components
* fix: remove unnecessary console log
* add option to disable 2FA with backup codes
* - add option to refresh backup codes
- (optional) maybe show the user which backup codes have already been used?
* removed text to be able to merge the main.
* removed eng tx to be able to merge
* fix: migrated lang to new format.
* feat: rewrote whole 2FA UI + refactored 2FA backend
* chore: resolving conflicts
* chore: resolving conflicts
* fix: missing packages, because of resolving conflicts.
* fix: UI issue and improved a11y
* fix: 2FA backup code not working
* fix: update localization keys for UI consistency
* fix: update button label to use localized text
* fix: refactor backup codes regeneration and update localization keys
* fix: remove outdated translation for shared links management
* fix: remove outdated 2FA code prompts from translation.json
* fix: add cursor styles for backup codes item based on usage state
* fix: resolve conflict issue
* fix: resolve conflict issue
* fix: resolve conflict issue
* fix: missing packages in package-lock.json
* fix: add disabled opacity to the verify button in TwoFactorScreen
* ⚙ fix: update 2FA logic to rely on backup codes instead of TOTP status
* ⚙️ fix: Simplify user retrieval in 2FA logic by removing unnecessary TOTP secret query
* ⚙️ test: Add unit tests for TwoFactorAuthController and twoFactorControllers
* ⚙️ fix: Ensure backup codes are validated as an array before usage in 2FA components
* ⚙️ fix: Update module path mappings in tests to use relative paths
* ⚙️ fix: Update moduleNameMapper in jest.config.js to remove the caret from path mapping
* ⚙️ refactor: Simplify import paths in TwoFactorAuthController and twoFactorControllers test files
* ⚙️ test: Mock twoFactorService methods in twoFactorControllers tests
* ⚙️ refactor: Comment out unused imports and mock setups in test files for two-factor authentication
* ⚙️ refactor: removed files
* refactor: Exclude totpSecret from user data retrieval in AuthController, LoginController, and jwtStrategy
* refactor: Consolidate backup code verification to apply DRY and remove default array in user schema
* refactor: Enhance two-factor authentication ux/flow with improved error handling and loading state management, prevent redirect to /login
---------
Co-authored-by: Marco Beretta <81851188+berry-13@users.noreply.github.com>
Co-authored-by: Danny Avila <danny@librechat.ai>
* chore: enforcing language keys to adhere to the new standard.
* chore: enforcing i18n forbids to write plain text in JSX markup
* chore: enforcing i18n forbids to write plain text in JSX markup
* fix: ci with checkbox for unused keys :)
* refactor: removed all the unused `i18n` keys
* feat: Refactor ChatForm and StopButton components for improved styling and localization
* feat: Refactor AudioRecorder, ChatForm, AttachFile, and SendButton components for improved styling and layout
* feat: Add RevokeAllKeys component and update styling for buttons and inputs
* feat: Refactor ClearChats component and update ClearConvos functionality for improved clarity and user experience
* feat: Remove ClearConvos component and update related imports and functionality in Avatar and DeleteCacheButton components
* feat: Rename DeleteCacheButton to DeleteCache and update related imports; enhance confirmation message in localization
* feat: Update ChatForm layout for RTL support and improve component structure
* feat: Adjust ChatForm layout for improved RTL support and alignment
* feat: Refactor Bookmark components to use new UI elements and improve styling
* feat: Update FileSearch and ShareAgent components for improved button styling and layout
* feat: Update ChatForm and TextareaHeader styles for improved UI consistency
* feat: Refactor Nav components for improved styling and layout adjustments
* feat: Update button sizes and padding for improved UI consistency across chat components
* feat: Remove ClearChatsButton test file as part of code cleanup
* feat: verification email
* chore: email verification invalid; localize: update
* fix: redirect to login when signup: fix: save emailVerified correctly
* docs: update ALLOW_UNVERIFIED_EMAIL_LOGIN; fix: don't accept login only when ALLOW_UNVERIFIED_EMAIL_LOGIN = true
* fix: user needs to be authenticated
* style: update
* fix: registration success message and redirect logic
* refactor: use `isEnabled` in ALLOW_UNVERIFIED_EMAIL_LOGIN
* refactor: move checkEmailConfig to server/utils
* refactor: use req as param for verifyEmail function
* chore: jsdoc
* chore: remove console log
* refactor: rename `createNewUser` to `createSocialUser`
* refactor: update typing and add expiresAt field to userSchema
* refactor: begin use of user methods over direct model access for User
* refactor: initial email verification rewrite
* chore: typing
* refactor: registration flow rewrite
* chore: remove help center text
* refactor: update getUser to getUserById and add findUser methods. general fixes from recent changes
* refactor: Update updateUser method to remove expiresAt field and use $set and $unset operations, createUser now returns Id only
* refactor: Update openidStrategy to use optional chaining for avatar check, move saveBuffer init to buffer condition
* refactor: logout on deleteUser mutatation
* refactor: Update openidStrategy login success message format
* refactor: Add emailVerified field to Discord and Facebook profile details
* refactor: move limiters to separate middleware dir
* refactor: Add limiters for email verification and password reset
* refactor: Remove getUserController and update routes and controllers accordingly
* refactor: Update getUserById method to exclude password and version fields
* refactor: move verification to user route, add resend verification option
* refactor: Improve email verification process and resend option
* refactor: remove more direct model access of User and remove unused code
* refactor: replace user authentication methods and token generation
* fix: add user.id to jwt user
* refactor: Update AuthContext to include setError function, add resend link to Login Form, make registration redirect shorter
* fix(updateUserPluginsService): ensure userPlugins variable is defined
* refactor: Delete all shared links for a specific user
* fix: remove use of direct User.save() in handleExistingUser
* fix(importLibreChatConvo): handle missing createdAt field in messages
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
* initial commit
* fix: UserController bugs; fix: lint errors
* fix: delete files
* language support
* style(DeleteAccount): update to the latest style
* style: fix after merge main
* chore: Add canDeleteAccount middleware for user deletion endpoint
* chore: renamed to ALLOW_ACCOUNT_DELETION
* fix(canDeleteAccount): use uppercase admin role
* chore: imports order
* chore: Enable account deletion by default if omitted/commented out
* chore: Add logging for user account deletion
* chore: Bump data-provider package version to 0.6.6
* chore: Import Transaction model in UserController
* chore: Update CONFIG_VERSION to 1.1.4
* chore: Update user account deletion logging
* chore: Refactor user account deletion logic
---------
Co-authored-by: Berry-13 <root@Berry>
Co-authored-by: Danny Avila <messagedaniel@protonmail.com>
Co-authored-by: Danny Avila <danny@librechat.ai>
