Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-03-15 12:16:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
LibreChat/packages/data-provider
History
Danny Avila 71a3b48504
🔑 fix: Require OTP Verification for 2FA Re-Enrollment and Backup Code Regeneration (#12223) 
* fix: require OTP verification for 2FA re-enrollment and backup code regeneration

* fix: require OTP verification for account deletion when 2FA is enabled

* refactor: Improve code formatting and readability in TwoFactorController and UserController

- Reformatted code in TwoFactorController and UserController for better readability by aligning parameters and breaking long lines.
- Updated test cases in deleteUser.spec.js and TwoFactorController.spec.js to enhance clarity by formatting object parameters consistently.

* refactor: Consolidate OTP and backup code verification logic in TwoFactorController and UserController

- Introduced a new `verifyOTPOrBackupCode` function to streamline the verification process for TOTP tokens and backup codes across multiple controllers.
- Updated the `enable2FA`, `disable2FA`, and `deleteUserController` methods to utilize the new verification function, enhancing code reusability and readability.
- Adjusted related tests to reflect the changes in verification logic, ensuring consistent behavior across different scenarios.
- Improved error handling and response messages for verification failures, providing clearer feedback to users.

* chore: linting

* refactor: Update BackupCodesItem component to enhance OTP verification logic

- Consolidated OTP input handling by moving the 2FA verification UI logic to a more consistent location within the component.
- Improved the state management for OTP readiness, ensuring the regenerate button is only enabled when the OTP is ready.
- Cleaned up imports by removing redundant type imports, enhancing code clarity and maintainability.

* chore: lint

* fix: stage 2FA re-enrollment in pending fields to prevent disarmament window

enable2FA now writes to pendingTotpSecret/pendingBackupCodes instead of
overwriting the live fields. confirm2FA performs the atomic swap only after
the new TOTP code is verified. If the user abandons mid-flow, their
existing 2FA remains active and intact.
2026-03-14 01:51:31 -04:00
..
react-query 📦 chore: Bump Dependabot Packages (#11836) 2026-02-17 18:55:28 -05:00
specs 🔏 fix: MCP Server URL Schema Validation (#12204) 2026-03-12 23:19:31 -04:00
src 🔑 fix: Require OTP Verification for 2FA Re-Enrollment and Backup Code Regeneration (#12223) 2026-03-14 01:51:31 -04:00
.gitignore 🔄 refactor: Consolidate Ask/Edit Controllers (#1365) 2023-12-15 15:47:40 -05:00
babel.config.js chore: add back data-provider 2023-07-30 11:50:24 -04:00
check_updates.sh 🔧 feat: Initial MCP Support (Tools) (#5015) 2024-12-17 13:12:57 -05:00
jest.config.js refactor: Parallelize CI Workflows with Isolated Caching and Fan-Out Test Jobs (#12088) 2026-03-05 13:56:07 -05:00
package.json v0.8.3 (#12161) 2026-03-09 15:19:57 -04:00
rollup.config.js ⚙️ chore: Update Build Config due to Windows Tests (#9511) 2025-09-08 14:16:49 -04:00
server-rollup.config.js 🚀 feat: Add Code API Proxy Support and Update MCP SDK (#6203) 2025-03-06 12:47:59 -05:00
tsconfig.json feat: OAuth for Actions (#5693) 2025-02-10 15:56:08 -05:00
tsconfig.spec.json feat: Assistants API, General File Support, Side Panel, File Explorer (#1696) 2024-02-13 20:42:27 -05:00