fix: add toggle for totp

cfg/config.json

@@ -427,5 +427,8 @@
   "seed_data": {
     "users": "./data/seed_data/seed-accounts.json",
     "roles": "./data/seed_data/seed-roles.json"
+  },
+  "totp": {
+    "enabled": true
   }
 }

src/service.ts

@@ -2337,21 +2337,23 @@ export class UserService extends ServiceBase<UserListResponse, UserList> impleme
         }
       }
 
-      if (user.totp_secret) {
-        const totp_session_token = new jose.UnsecuredJWT({})
-          .setIssuedAt()
-          .setExpirationTime((Date.now() / 1000) + (60 * 10)) // 10 Minute expiry
-          .encode();
-
-        user.totp_session_tokens = [
-          ...(user.totp_session_tokens || []).filter(t => jose.decodeJwt(t).exp > (Date.now() / 1000)),
-          totp_session_token
-        ];
-        await super.update(UserList.fromPartial({
-          items: [user]
-        }), context);
-
-        return { totp_session_token, status: { code: 200, message: 'success' } };
+      if (this.cfg.get('totp:enabled')) {
+        if (user.totp_secret) {
+          const totp_session_token = new jose.UnsecuredJWT({})
+            .setIssuedAt()
+            .setExpirationTime((Date.now() / 1000) + (60 * 10)) // 10 Minute expiry
+            .encode();
+
+          user.totp_session_tokens = [
+            ...(user.totp_session_tokens || []).filter(t => jose.decodeJwt(t).exp > (Date.now() / 1000)),
+            totp_session_token
+          ];
+          await super.update(UserList.fromPartial({
+            items: [user]
+          }), context);
+
+          return { totp_session_token, status: { code: 200, message: 'success' } };
+        }
       }
 
       return { payload: user, status: { code: 200, message: 'success' } };

test/cfg/config.json

@@ -382,5 +382,8 @@
   "seed_data": {
     "users": "./data/seed_data/seed-accounts.json",
     "roles": "./data/seed_data/seed-roles.json"
+  },
+  "totp": {
+    "enabled": true
   }
 }