scripte/archivmail
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(PROJ-25): User-Profil & Einstellungen — Passwort, E-Mail, 2FA

Browse Source 
Backend:
- PATCH /api/auth/password — Passwort ändern (bcrypt, LDAP-Guard, Audit-Log)
- PATCH /api/auth/email — E-Mail ändern (Unique-Check, LDAP-Guard, Audit-Log)
- userstore: UpdatePassword, UpdateEmail, GetPasswordHash

Frontend:
- UserNav.tsx: Dropdown-Menü (Profil & Einstellungen, Abmelden)
- navbar.tsx: UserNav eingebunden
- /settings: Passwort ändern, E-Mail ändern, 2FA verwalten (QR-Code + Deaktivieren)
- api.ts: changePassword, changeEmail, getTOTPSetup, confirmTOTPSetup, disableTOTP

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
sysops
2026-03-18 01:05:33 +01:00
parent 89a6651b62
commit 280034679e
7 changed files with 753 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/lib/api.ts
+41
View File
@@ -799,3 +799,44 @@ export async function testAdminTenantLDAPConfig(
body: JSON.stringify(payload),
});
}
// ── Profil-Einstellungen ──────────────────────────────────────────────────
export async function changePassword(
currentPassword: string,
newPassword: string
): Promise<{ ok: boolean }> {
return request<{ ok: boolean }>("/api/auth/password", {
method: "PATCH",
body: JSON.stringify({ current_password: currentPassword, new_password: newPassword }),
});
}
export async function changeEmail(
email: string
): Promise<{ ok: boolean; email: string }> {
return request<{ ok: boolean; email: string }>("/api/auth/email", {
method: "PATCH",
body: JSON.stringify({ email }),
});
}
// ── TOTP / 2FA ────────────────────────────────────────────────────────────
export async function getTOTPSetup(): Promise<{ secret: string; otpauth_url: string; qr_code_svg: string }> {
return request<{ secret: string; otpauth_url: string; qr_code_svg: string }>("/api/auth/totp/setup");
}
export async function confirmTOTPSetup(code: string): Promise<{ ok: boolean }> {
return request<{ ok: boolean }>("/api/auth/totp/setup", {
method: "POST",
body: JSON.stringify({ code }),
});
}
export async function disableTOTP(code: string): Promise<{ ok: boolean }> {
return request<{ ok: boolean }>("/api/auth/totp", {
method: "DELETE",
body: JSON.stringify({ code }),
});
}