Danny Avila 71a3b48504 🔑 fix: Require OTP Verification for 2FA Re-Enrollment and Backup Code Regeneration (#12223) ... * fix: require OTP verification for 2FA re-enrollment and backup code regeneration * fix: require OTP verification for account deletion when 2FA is enabled * refactor: Improve code formatting and readability in TwoFactorController and UserController - Reformatted code in TwoFactorController and UserController for better readability by aligning parameters and breaking long lines. - Updated test cases in deleteUser.spec.js and TwoFactorController.spec.js to enhance clarity by formatting object parameters consistently. * refactor: Consolidate OTP and backup code verification logic in TwoFactorController and UserController - Introduced a new `verifyOTPOrBackupCode` function to streamline the verification process for TOTP tokens and backup codes across multiple controllers. - Updated the `enable2FA`, `disable2FA`, and `deleteUserController` methods to utilize the new verification function, enhancing code reusability and readability. - Adjusted related tests to reflect the changes in verification logic, ensuring consistent behavior across different scenarios. - Improved error handling and response messages for verification failures, providing clearer feedback to users. * chore: linting * refactor: Update BackupCodesItem component to enhance OTP verification logic - Consolidated OTP input handling by moving the 2FA verification UI logic to a more consistent location within the component. - Improved the state management for OTP readiness, ensuring the regenerate button is only enabled when the OTP is ready. - Cleaned up imports by removing redundant type imports, enhancing code clarity and maintainability. * chore: lint * fix: stage 2FA re-enrollment in pending fields to prevent disarmament window enable2FA now writes to pendingTotpSecret/pendingBackupCodes instead of overwriting the live fields. confirm2FA performs the atomic swap only after the new TOTP code is verified. If the user abandons mid-flow, their existing 2FA remains active and intact.		2026-03-14 01:51:31 -04:00
..
__tests__	🧠 feat: User Memories for Conversational Context (#7760)	2025-06-07 18:52:22 -04:00
Agents	👤 feat: Agent Avatar Removal and Decouple upload/reset from Agent Updates (#10527)	2025-11-17 17:04:01 -05:00
Auth	🔑 fix: Require OTP Verification for 2FA Re-Enrollment and Backup Code Regeneration (#12223)	2026-03-14 01:51:31 -04:00
Endpoints	🎨 feat: UI Refresh for Enhanced UX (#6346)	2025-03-25 18:50:58 -04:00
Files	🤖 refactor: Side Panel Agent UI To Account For Ephemeral Agents (#9763)	2025-09-22 09:48:05 -04:00
MCP	♻️ refactor: On-demand MCP connections: remove proactive reconnect, default to available (#11839)	2026-02-17 22:33:57 -05:00
Memories	🧠 feat: User Memories for Conversational Context (#7760)	2025-06-07 18:52:22 -04:00
Messages	⏸ refactor: Improve UX for Parallel Streams (Multi-Convo) (#11096)	2025-12-25 01:43:54 -05:00
Misc	💸 feat: Balance Tab in Settings Dialog (#6537)	2025-05-29 08:25:37 -04:00
SSE	🧭 fix: Correct Subpath Routing for SSE and Favorites Endpoints (#11339)	2026-01-13 10:53:14 -05:00
Tools	🔌 feat: MCP Reinitialization and OAuth in UI (#8598)	2025-07-22 22:52:45 -04:00
connection.ts	🧩 feat: Web Search Config Validations & Clipboard Citation Processing (#7530)	2025-05-24 10:23:17 -04:00
Favorites.ts	📌 feat: Pin Agents and Models in the Sidebar (#10634)	2025-12-11 16:38:20 -05:00
index.ts	🌊 feat: Resumable LLM Streams with Horizontal Scaling (#10926)	2025-12-19 12:14:19 -05:00
mutations.ts	🌊 feat: Resumable LLM Streams with Horizontal Scaling (#10926)	2025-12-19 12:14:19 -05:00
prompts.ts	🗨️ feat: Granular Prompt Permissions via ACL and Permission Bits	2025-08-13 16:24:20 -04:00
queries.ts	🧭 fix: Robust 404 Conversation Not Found Redirect (#11853)	2026-02-18 11:41:53 -05:00
roles.ts	🛸 feat: Remote Agent Access with External API Support (#11503)	2026-01-28 17:44:33 -05:00
tags.ts	🏷️ fix: Address Statefulness Issues for Bookmarks (#3590)	2024-08-08 21:25:10 -04:00