--resetaccount will now remove SMS and Device Push 2FA, #3455

This commit is contained in:
Ylian Saint-Hilaire 2022-01-13 17:34:24 -08:00
parent d48e41462e
commit e5ab311a0f

View File

@ -827,7 +827,7 @@ function CreateMeshCentralServer(config, args) {
if (err != null) { console.log("Database error: " + err); process.exit(); return; }
if ((docs == null) || (docs.length == 0)) { console.log("Unknown userid, usage: --resetaccount [userid] --domain (domain) --pass [password]."); process.exit(); return; }
var user = docs[0]; if ((user.siteadmin) && (user.siteadmin != 0xFFFFFFFF) && (user.siteadmin & 32) != 0) { user.siteadmin -= 32; } // Unlock the account.
delete user.otpekey; delete user.otpsecret; delete user.otpkeys; delete user.otphkeys; // Disable 2FA
delete user.phone; delete user.otpekey; delete user.otpsecret; delete user.otpkeys; delete user.otphkeys; delete user2.otpdev; delete user2.otpsms; // Disable 2FA
if (obj.args.hashpass) {
// Reset an account using a pre-hashed password. Use --hashpassword to pre-hash a password.
var hashpasssplit = obj.args.hashpass.split(',');