diff --git a/api/mailinabox.yml b/api/mailinabox.yml index 6358afb4..c1a42d07 100644 --- a/api/mailinabox.yml +++ b/api/mailinabox.yml @@ -1715,7 +1715,7 @@ paths: text/html: schema: type: string - /mfa/totp/enable: + /mfa/enable/totp: post: tags: - MFA diff --git a/management/daemon.py b/management/daemon.py index a0cfefa6..0c814b0a 100755 --- a/management/daemon.py +++ b/management/daemon.py @@ -419,7 +419,7 @@ def ssl_provision_certs(): def mfa_get_status(): # Anyone accessing this route is an admin, and we permit them to # see the MFA status for any user if they submit a 'user' form - # field. But we don't include provisioning info since a user can + # field. But we don't always include provisioning info since a user can # only provision for themselves. email = request.form.get('user', request.user_email) # user field if given, otherwise the user making the request try: @@ -436,7 +436,7 @@ def mfa_get_status(): return (str(e), 400) return json_response(resp) -@app.route('/mfa/totp/enable', methods=['POST']) +@app.route('/mfa/enable/totp', methods=['POST']) @authorized_personnel_only def totp_post_enable(): secret = request.form.get('secret') diff --git a/management/templates/mfa.html b/management/templates/mfa.html index f45b263f..415374d9 100644 --- a/management/templates/mfa.html +++ b/management/templates/mfa.html @@ -1,34 +1,10 @@