From 75b59080e2812ced677dab516222b2a3bb34e3a4 Mon Sep 17 00:00:00 2001
From: Matthew Penner <me@matthewp.io>
Date: Thu, 24 Oct 2024 11:30:24 -0600
Subject: [PATCH] fix!: use `POST` instead of `DELETE` when disabling 2FA
Signed-off-by: Matthew Penner <me@matthewp.io>
---
resources/scripts/api/account/disableAccountTwoFactor.ts | 8 +++++---
routes/api-client.php | 2 +-
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/resources/scripts/api/account/disableAccountTwoFactor.ts b/resources/scripts/api/account/disableAccountTwoFactor.ts
index 2b41fe20..fe806400 100644
--- a/resources/scripts/api/account/disableAccountTwoFactor.ts
+++ b/resources/scripts/api/account/disableAccountTwoFactor.ts
@@ -1,9 +1,11 @@
import http from '@/api/http';
-export default (password: string): Promise<void> => {
+function disableAccountTwoFactor(password: string): Promise<void> {
return new Promise((resolve, reject) => {
- http.delete('/api/client/account/two-factor', { params: { password } })
+ http.post('/api/client/account/two-factor/disable', { password })
.then(() => resolve())
.catch(reject);
});
-};
+}
+
+export default disableAccountTwoFactor;
diff --git a/routes/api-client.php b/routes/api-client.php
index 64ceecf3..6887f1b2 100644
--- a/routes/api-client.php
+++ b/routes/api-client.php
@@ -24,7 +24,7 @@ Route::prefix('/account')->middleware(AccountSubject::class)->group(function ()
Route::get('/', [Client\AccountController::class, 'index'])->name('api:client.account');
Route::get('/two-factor', [Client\TwoFactorController::class, 'index']);
Route::post('/two-factor', [Client\TwoFactorController::class, 'store']);
- Route::delete('/two-factor', [Client\TwoFactorController::class, 'delete']);
+ Route::post('/two-factor/disable', [Client\TwoFactorController::class, 'delete']);
});
Route::put('/email', [Client\AccountController::class, 'updateEmail'])->name('api:client.account.update-email');