[admin] remove two-step authentication

app/Http/Controllers/UserController.php

@@ -287,4 +287,14 @@ class UserController extends Controller
         return $this->success(['success' => $result]);
     }
 
+    public function removeTwoStepAuthentication(Request $request): array
+    {
+        $user = Auth::user();
+        $request->validate([
+            'uid' => 'required',
+        ]);
+        $result = $this->repository->removeTwoStepAuthentication($user, $request->uid, );
+        return $this->success(['success' => $result]);
+    }
+
 }

app/Http/Resources/UserResource.php

@@ -53,6 +53,11 @@ class UserResource extends JsonResource
             $out['completed_torrents_count'] = $this->completed_torrents_count;
             $out['incomplete_torrents_count'] = $this->incomplete_torrents_count;
         }
+
+        if (nexus()->isPlatformAdmin() && $request->routeIs('users.show')) {
+            $out['two_step_secret'] = $this->two_step_secret;
+        }
+
         return $out;
     }
 }

app/Repositories/UserRepository.php

@@ -48,7 +48,7 @@ class UserRepository extends BaseRepository
             'inviter' => function ($query) {return $query->select(User::$commonFields);},
             'valid_medals'
         ];
-        $user = User::query()->with($with)->findOrFail($id, User::$commonFields);
+        $user = User::query()->with($with)->findOrFail($id);
         $userResource = new UserResource($user);
         $baseInfo = $userResource->response()->getData(true)['data'];
 
@@ -60,9 +60,6 @@ class UserRepository extends BaseRepository
         } else {
             $examInfo = null;
         }
-
-
-
         return [
             'base_info' => $baseInfo,
             'exam_info' => $examInfo,
@@ -284,9 +281,7 @@ class UserRepository extends BaseRepository
 
     public function removeLeechWarn($operator, $uid): bool
     {
-        if (!$operator instanceof User) {
-            $operator = User::query()->findOrFail(intval($operator), User::$commonFields);
-        }
+        $operator = $this->getOperator($operator);
         $classRequire = Setting::get('authority.prfmanage');
         if ($operator->class < $classRequire) {
             throw new \RuntimeException("No permission.");
@@ -298,6 +293,25 @@ class UserRepository extends BaseRepository
         return $user->save();
     }
 
+    public function removeTwoStepAuthentication($operator, $uid): bool
+    {
+        $operator = $this->getOperator($operator);
+        if (!$operator->canAccessAdmin()) {
+            throw new \RuntimeException("No permission.");
+        }
+        $user = User::query()->findOrFail($uid, User::$commonFields);
+        $user->two_step_secret = '';
+        return $user->save();
+    }
+
+    private function getOperator($operator)
+    {
+        if (!$operator instanceof User) {
+            $operator = User::query()->findOrFail(intval($operator), User::$commonFields);
+        }
+        return $operator;
+    }
+
 
 
 }