Can enforce 2FA for specific clients

src/data/client.rs

@@ -28,6 +28,10 @@ pub struct Client {
     /// Specify whether a client is granted to all users
     #[serde(default = "bool::default")]
     pub granted_to_all_users: bool,
+
+    /// Specify whether recent Second Factor Authentication is required to access this client
+    #[serde(default = "bool::default")]
+    pub enforce_2fa_auth: bool,
 }
 
 impl PartialEq for Client {

src/data/critical_route.rs

@@ -20,10 +20,10 @@ impl FromRequest for CriticalRoute {
                 .await
                 .expect("Failed to extract user identity!");
 
-            if current_user.should_request_2fa_for_critical_function() {
-                let url = get_2fa_url(&LoginRedirect::from_req(&req), true);
+            if current_user.should_request_2fa_for_critical_functions() {
+                let uri = get_2fa_url(&LoginRedirect::from_req(&req), true);
 
-                return Err(FromRequestRedirect::new(url));
+                return Err(FromRequestRedirect::new(uri));
             }
 
             Ok(Self)

src/data/current_user.rs

@@ -22,7 +22,7 @@ pub struct CurrentUser {
 }
 
 impl CurrentUser {
-    pub fn should_request_2fa_for_critical_function(&self) -> bool {
+    pub fn should_request_2fa_for_critical_functions(&self) -> bool {
         self.user.has_two_factor()
             && self
                 .last_2fa_auth