#!/bin/bash
# info: delete 2fa of existing user
# options: USER
#
# example: v-delete-user-2fa admin
#
# This function deletes 2fa token of a user.

#----------------------------------------------------------#
#                Variables & Functions                     #
#----------------------------------------------------------#

# Argument definition
user=$1

# Includes
# shellcheck source=/etc/hestiacp/hestia.conf
source /etc/hestiacp/hestia.conf
# shellcheck source=/usr/local/hestia/func/main.sh
source $HESTIA/func/main.sh
# load config file
source_conf "$HESTIA/conf/hestia.conf"

#----------------------------------------------------------#
#                    Verifications                         #
#----------------------------------------------------------#

check_args '1' "$#" 'USER'
is_format_valid 'user' 'system'
is_object_valid 'user' 'USER' "$user"

# Perform verification if read-only mode is enabled
check_hestia_demo_mode

#----------------------------------------------------------#
#                       Action                             #
#----------------------------------------------------------#

# Reading user values
source $USER_DATA/user.conf

# Check if 2FA is enabled
if [ -z "$TWOFA" ]; then
	echo "Error: two-factor authentication is not enabled"
	exit "$E_NOTEXIST"
fi

# Remove 2FA from user config
update_user_value "$user" '$TWOFA' ""
update_user_value "$user" '$QRCODE' ""

#----------------------------------------------------------#
#                       Hestia                             #
#----------------------------------------------------------#

# Logging
$BIN/v-log-action "system" "Warning" "System" "Two-factor authentication disabled (User: $user)."
$BIN/v-log-action "$user" "Warning" "System" "Two-factor authentication disabled."
log_event "$OK" "$ARGUMENTS"

exit