Add two factor events

Author: aarondl

CHANGELOG.md

@@ -3,6 +3,13 @@
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [3.2.0] - 2021-08-11
+
+### Added
+
+- Add additional events so users can take domain-specific actions when a user
+  adds or removes 2fa.
+
 ## [3.1.1] - 2021-07-01
 
 ### Fixed

events.go

@@ -30,6 +30,8 @@ const (
 	// Deprecated: EventPasswordReset is used nowhere
 	EventPasswordReset
 	EventLogout
+	EventTwoFactorAdded
+	EventTwoFactorRemoved
 )
 
 // EventHandler reacts to events that are fired by Authboss controllers.

otp/twofactor/sms2fa/sms.go

@@ -438,6 +438,14 @@ func (s *SMSValidator) validateCode(w http.ResponseWriter, r *http.Request, user
 
 		logger.Infof("user %s enabled sms 2fa", user.GetPID())
 		data = authboss.HTMLData{twofactor.DataRecoveryCodes: codes}
+
+		r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, user))
+		if handled, err := s.Authboss.Events.FireAfter(authboss.EventTwoFactorAdded, w, r); err != nil {
+			return err
+		} else if handled {
+			return nil
+		}
+
 	case PageSMSRemove:
 		user.PutSMSPhoneNumber("")
 		if err := s.Authboss.Config.Storage.Server.Save(r.Context(), user); err != nil {
@@ -446,6 +454,13 @@ func (s *SMSValidator) validateCode(w http.ResponseWriter, r *http.Request, user
 
 		authboss.DelSession(w, authboss.Session2FA)
 
+		r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, user))
+		if handled, err := s.Authboss.Events.FireAfter(authboss.EventTwoFactorRemoved, w, r); err != nil {
+			return err
+		} else if handled {
+			return nil
+		}
+
 		logger.Infof("user %s disabled sms 2fa", user.GetPID())
 	case PageSMSValidate:
 		authboss.PutSession(w, authboss.SessionKey, user.GetPID())

otp/twofactor/totp2fa/totp.go

@@ -310,6 +310,13 @@ func (t *TOTP) PostConfirm(w http.ResponseWriter, r *http.Request) error {
 	logger := t.RequestLogger(r)
 	logger.Infof("user %s enabled totp 2fa", user.GetPID())
 
+	r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, user))
+	if handled, err := t.Authboss.Events.FireAfter(authboss.EventTwoFactorAdded, w, r); err != nil {
+		return err
+	} else if handled {
+		return nil
+	}
+
 	data := authboss.HTMLData{twofactor.DataRecoveryCodes: codes}
 	return t.Authboss.Core.Responder.Respond(w, r, http.StatusOK, PageTOTPConfirmSuccess, data)
 }
@@ -346,6 +353,13 @@ func (t *TOTP) PostRemove(w http.ResponseWriter, r *http.Request) error {
 
 	logger.Infof("user %s disabled totp 2fa", user.GetPID())
 
+	r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, user))
+	if handled, err := t.Authboss.Events.FireAfter(authboss.EventTwoFactorRemoved, w, r); err != nil {
+		return err
+	} else if handled {
+		return nil
+	}
+
 	return t.Authboss.Core.Responder.Respond(w, r, http.StatusOK, PageTOTPRemoveSuccess, nil)
 }