[feature] add TOTP two-factor authentication (2FA) (#3960)

* [feature] add TOTP two-factor authentication (2FA) * use byteutil.S2B to avoid allocations when comparing + generating password hashes * don't bother with string conversion for consts * use io.ReadFull * use MustGenerateSecret for backup codes * rename util functions
author: tobi <31960611+tsmethurst@users.noreply.github.com> 2025-04-07 16:14:41 +0200
committer: GitHub <noreply@github.com> 2025-04-07 16:14:41 +0200
commit: 365b5753419238bb96bc3f9b744d380ff20cbafc (patch)
tree: 6b8e8b605c4cddeb6e3bc0f574ffbc856657e56c /internal/api/model/user.go
parent: [bugfix] Don't assume `"manuallyApprovesFollowers": true` if not set (#3978) (diff)
download: gotosocial-365b5753419238bb96bc3f9b744d380ff20cbafc.tar.xz
1 files changed, 3 insertions, 0 deletions
diff --git a/internal/api/model/user.go b/internal/api/model/user.go
index 9226406d6..a0d13a501 100644
--- a/internal/api/model/user.go
+++ b/internal/api/model/user.go
@@ -60,6 +60,9 @@ type User struct {
 	// Time when the last "please reset your password" email was sent, if at all. (ISO 8601 Datetime)
 	// example: 2021-07-30T09:20:25+00:00
 	ResetPasswordSentAt string `json:"reset_password_sent_at,omitempty"`
+	// Time at which 2fa was enabled for this user. (ISO 8601 Datetime)
+	// example: 2021-07-30T09:20:25+00:00
+	TwoFactorEnabledAt string `json:"two_factor_enabled_at,omitempty"`
 }
 
 // PasswordChangeRequest models user password change parameters.
author	tobi <31960611+tsmethurst@users.noreply.github.com>	2025-04-07 16:14:41 +0200
committer	GitHub <noreply@github.com>	2025-04-07 16:14:41 +0200
commit	365b5753419238bb96bc3f9b744d380ff20cbafc (patch)
tree	6b8e8b605c4cddeb6e3bc0f574ffbc856657e56c /internal/api/model/user.go
parent	[bugfix] Don't assume `"manuallyApprovesFollowers": true` if not set (#3978) (diff)
download	gotosocial-365b5753419238bb96bc3f9b744d380ff20cbafc.tar.xz