User can delete his own 2FA login history

2022-11-12 11:50:32 +01:00
parent 7887ccaa41
commit cc4a8a962b
5 changed files with 80 additions and 20 deletions
--- a/templates/settings/two_factors_page.html
+++ b/templates/settings/two_factors_page.html
@ -35,26 +35,31 @@
 </table>

 {% if !user.last_successful_2fa.is_empty() %}
-<h5 style="margin-top: 50px">Successful 2FA login history</h5>
-<table class="table table-hover" style="max-width: 800px;" aria-describedby="Factors list">
-    <thead>
-    <tr>
-        <th scope="col">IP address</th>
-        <th scope="col">Date</th>
-        <th scope="col">Bypass 2FA</th>
-    </tr>
-    </thead>
-    <tbody>
-    {% for e in user.get_formatted_2fa_successful_logins() %}
-    <tr>
-        <td>{{ e.ip }}</td>
-        <td>{{ e.fmt_time() }}</td>
-        <td>{% if e.can_bypass_2fa %}YES{% else %}NO{% endif %}</td>
-    </tr>
-    {% endfor %}
-    </tbody>
-</table>
-{% endif %}
+<div id="2fa_history_container">
+    <h5 style="margin-top: 50px">Successful 2FA login history</h5>
+    <p>
+        <a type="button" class="btn btn-danger btn-sm" onclick="clear_login_history()">Clear history</a>
+    </p>
+    <table class="table table-hover" style="max-width: 800px;" aria-describedby="Factors list">
+        <thead>
+        <tr>
+            <th scope="col">IP address</th>
+            <th scope="col">Date</th>
+            <th scope="col">Bypass 2FA</th>
+        </tr>
+        </thead>
+        <tbody>
+        {% for e in user.get_formatted_2fa_successful_logins() %}
+        <tr>
+            <td>{{ e.ip }}</td>
+            <td>{{ e.fmt_time() }}</td>
+            <td>{% if e.can_bypass_2fa %}YES{% else %}NO{% endif %}</td>
+        </tr>
+        {% endfor %}
+        </tbody>
+    </table>
+    {% endif %}
+</div>

 <script>
    async function delete_factor(id) {
@ -83,5 +88,25 @@
        }
    }

+    async function clear_login_history() {
+        if (!confirm("Do you really want to clear your 2FA login history?"))
+            return;
+
+        try {
+            const res = await fetch("/settings/api/two_factor/clear_login_history", {
+                method: "post"
+            });
+
+            let text = await res.text();
+            alert(text);
+
+            if (res.status == 200)
+                document.getElementById("2fa_history_container").remove();
+        } catch(e) {
+            console.error(e);
+            alert("Failed to clear 2FA history!");
+        }
+    }
+
 </script>
 {% endblock content %}