Commit 6e1ec3b9 authored by Jacob Vosmaer's avatar Jacob Vosmaer

Merge branch 'rs-2fa-task' into 'master'

Add task to disable 2FA for all users

Addresses #2971 

See merge request !1532
parents 6ba1e17c cd46f4c3
...@@ -56,3 +56,17 @@ bundle exec rake gitlab:import:all_users_to_all_groups RAILS_ENV=production ...@@ -56,3 +56,17 @@ bundle exec rake gitlab:import:all_users_to_all_groups RAILS_ENV=production
``` ```
block_auto_created_users: false block_auto_created_users: false
``` ```
## Disable Two-factor Authentication (2FA) for all users
This task will disable 2FA for all users that have it enabled. This can be
useful if GitLab's `.secret` file has been lost and users are unable to login,
for example.
```bash
# omnibus-gitlab
sudo gitlab-rake gitlab:two_factor:disable_for_all_users
# installation from source
bundle exec rake gitlab:two_factor:disable_for_all_users RAILS_ENV=production
```
namespace :gitlab do
namespace :two_factor do
desc "GitLab | Disable Two-factor authentication (2FA) for all users"
task disable_for_all_users: :environment do
scope = User.with_two_factor
count = scope.count
if count > 0
puts "This will disable 2FA for #{count.to_s.red} users..."
begin
ask_to_continue
scope.find_each(&:disable_two_factor!)
puts "Successfully disabled 2FA for #{count} users.".green
rescue Gitlab::TaskAbortedByUserError
puts "Quitting...".red
end
else
puts "There are currently no users with 2FA enabled.".yellow
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment