Browse Source

add notification for OTP being disabled

Andrew Dolgov 1 month ago
parent
commit
2820f41a4b
2 changed files with 35 additions and 0 deletions
  1. 25 0
      classes/pref/prefs.php
  2. 10 0
      templates/otp_disabled_template.txt

+ 25 - 0
classes/pref/prefs.php

@@ -1008,6 +1008,31 @@ class Pref_Prefs extends Handler_Protected {
 
 		if ($authenticator->check_password($_SESSION["uid"], $password)) {
 
+			$sth = $this->pdo->prepare("SELECT email, login FROM ttrss_users WHERE id = ?");
+			$sth->execute([$_SESSION['uid']]);
+
+			if ($row = $sth->fetch()) {
+				$mailer = new Mailer();
+
+				require_once "lib/MiniTemplator.class.php";
+
+				$tpl = new MiniTemplator;
+
+				$tpl->readTemplateFromFile("templates/otp_disabled_template.txt");
+
+				$tpl->setVariable('LOGIN', $row["login"]);
+				$tpl->setVariable('TTRSS_HOST', SELF_URL_PATH);
+
+				$tpl->addBlock('message');
+
+				$tpl->generateOutputToString($message);
+
+				$mailer->mail(["to_name" => $row["login"],
+					"to_address" => $row["email"],
+					"subject" => "[tt-rss] OTP change notification",
+					"message" => $message]);
+			}
+
 			$sth = $this->pdo->prepare("UPDATE ttrss_users SET otp_enabled = false WHERE
 				id = ?");
 			$sth->execute([$_SESSION['uid']]);

+ 10 - 0
templates/otp_disabled_template.txt

@@ -0,0 +1,10 @@
+<!-- $BeginBlock message -->
+Hello, ${LOGIN}.
+
+Checking of one time passwords (2FA) on this Tiny Tiny RSS instance has been disabled for your account.
+
+If you haven't requested this change, consider contacting your instance owner or resetting your password.
+
+-- 
+Sent by tt-rss mailer daemon at ${TTRSS_HOST}.
+<!-- $EndBlock message -->