Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
As a site administrator, there is no easy way to determine who has and has not enabled TFA.
Proposed resolution
Provide TFA enabled status via views.
Comment | File | Size | Author |
---|---|---|---|
#2 | 2958950-2.patch | 2.87 KB | markdorison |
|
Comments
Comment #2
markdorisonComment #3
daggerhart CreditAttribution: daggerhart at Hook 42 commentedLooks good to me. Tested locally and seems to work well. Thanks!
Going to RTBC this and will get it merged in.
Comment #5
daggerhart CreditAttribution: daggerhart commentedComment #7
msypes CreditAttribution: msypes commentedI don't think this does what it says, or else "enabled" means something entirely different than I expect. The value changes from "No" to "Yes" as soon a user who is required to set up TFA logs in, not because the user has actually "enabled" TFA on his/her account.
It seems to me that the test for whether a user has actually enabled TFA is discernible from whether
userData->get('tfa', $uid, 'tfa_user_settings')['data']['plugins']
is empty (not enabled) or includes akey=>value
pair for a plugin (enabled).