Remove Authy

notes.md

@@ -103,12 +103,9 @@ Remember, depdenency hell and mountains of garbage code are only one npm package
 
 * Email/password login
 * Two-factor text/sms
-* Two-factor Authy
 
 To ensure users won't have to change their passwords when moving from the Rails app, implement the same password encryption scheme as Devise. The scheme is described [here](https://www.freecodecamp.org/news/how-does-devise-keep-your-passwords-safe-d367f6e816eb/), and the [Go bcrypt library](https://pkg.go.dev/golang.org/x/crypto/bcrypt) should be able to support it.
 
-For two-factor auth, since we're already using Authy, try the [Go Client for Authy](https://github.com/dcu/go-authy).
-
 ### Edit
 
 * edit details (phone, etc.)
@@ -345,7 +342,7 @@ The term "items" below refers to Intellectual Objects, Generic Files, Checksums,
 
 # Two Factor Authentication
 
-Current Pharos users who have enabled two-factor authentication receive one-time passwords through SMS or push notifications through Authy OneTouch. These methods were chosen after long discussion with depositors and we cannot change them without another long discussion. So for now, we're sticking with these two.
+Current Pharos users who have enabled two-factor authentication receive one-time passwords through SMS. This method was chosen after long discussion with depositors and we cannot change this without another long discussion. So for now, we're sticking with these two.
 
 Notes on two-factor setup and workflow have grown large enoug to warrant their own document. See [Two Factor Notes](two_factor_notes.md).
 

pgmodels/user.go

@@ -160,7 +160,7 @@ type User struct {
 	// push, so they can login with one-touch. Anything else means SMS,
 	// but call IsTwoFactorUser() to make sure they're actually require
 	// two-factor auth before trying to text them.
-	AuthyStatus string `json:"authy_status" pg:"authy_status"`
+	MFAStatus string `json:"authy_status" pg:"authy_status"`
 
 	// EmailVerified will be true once the system has verified that the
 	// user's email address is correct.

pgmodels/user_view.go

@@ -37,7 +37,7 @@ type UserView struct {
 	ConfirmedTwoFactor     bool      `json:"confirmed_two_factor" pg:"confirmed_two_factor"`
 	AuthyID                string    `json:"-" pg:"authy_id"`
 	LastSignInWithAuthy    time.Time `json:"last_sign_in_with_authy" pg:"last_sign_in_with_authy"`
-	AuthyStatus            string    `json:"authy_status" pg:"authy_status"`
+	MFAStatus              string    `json:"authy_status" pg:"authy_status"`
 	EmailVerified          bool      `json:"email_verified" pg:"email_verified"`
 	InitialPasswordUpdated bool      `json:"initial_password_updated" pg:"initial_password_updated"`
 	ForcePasswordUpdate    bool      `json:"force_password_update" pg:"force_password_update"`

views/users/backup_codes.html

@@ -15,7 +15,7 @@ <h2>Backup Codes</h2>
   </div>
 
   <p class="mb-5">Please copy the backup codes below. You can use these for two-factor login when you don't have access
-    to Authy or text messages. These backup codes supersede all previously-generated codes.</p>
+    to text messages. These backup codes supersede all previously-generated codes.</p>
 
   <!--
       Note that two_factor_controller_test.go looks for these span tags

views/users/choose_second_factor.html

@@ -25,12 +25,6 @@ <h2>Multi-Factor Authentication Required</h2>
   <div class="modal-content">
     <p class="mb-3">How would you like to complete your login?</p>
 
-    <div class="two-factor-option mb-3">
-      <button class="button is-primary" onclick="submitSecondFactor('authy')" disabled title="Authy is temporarily not available. APTrust is working to resolve this issue.">Authy</button>
-      <article id="two-factor-method-authy" class="message is-info mt-4 two-factor-message" style="display:none">
-        <div class="message-body">Sent push notification.</div>
-      </article>
-    </div>
     <div class="two-factor-option mb-3">
       <button class="button is-primary" onclick="submitSecondFactor('sms')">Text Message</button>
       <article id="two-factor-method-sms" class="message is-info mt-4 two-factor-message" style="display:none">

views/users/init_2fa_setup.html

@@ -24,7 +24,7 @@ <h2>Two-Factor Method</h2>
       </div>
 
       <div class="columns">
-        <div class="column">{{ template "forms/radio.html" .form.Fields.AuthyStatus }}</div>
+        <div class="column">{{ template "forms/radio.html" .form.Fields.MFAStatus }}</div>
       </div>
 
       {{ template "forms/csrf_token.html" . }}
@@ -36,9 +36,9 @@ <h2>Two-Factor Method</h2>
 </div>
 
 <script>
- let currentMethod = '{{ .CurrentUser.AuthyStatus }}'
+ let currentMethod = '{{ .CurrentUser.MFAStatus }}'
  function confirmChange() {
-     let selectedMethod = document.forms['twoFactorSetupForm']['AuthyStatus'].value
+     let selectedMethod = document.forms['twoFactorSetupForm']['MFAStatus'].value
      if (selectedMethod != currentMethod && selectedMethod.toLowerCase() == 'none') {
          return confirm('Are you sure you want to turn off two-factor authentication?')
      }

views/users/my_account.html

@@ -52,12 +52,8 @@ <h4>{{ roleName .CurrentUser.Role }} at {{ .CurrentUser.Institution.Name }}</h4>
         <dd class="text-table">{{ yesNo .CurrentUser.ConfirmedTwoFactor }}</dd>
         <dt class="text-label text-xs is-grey-dark">2FA Required By</dt>
         <dd class="text-table">{{ dateUS .CurrentUser.GracePeriod }}</dd>
-        <dt class="text-label text-xs is-grey-dark">Authy Status</dt>
-        <dd class="text-table">{{ defaultString .CurrentUser.AuthyStatus "N/A" }}</dd>
-        <dt class="text-label text-xs is-grey-dark">Authy ID</dt>
-        <dd class="text-table">{{ defaultString .CurrentUser.AuthyID "N/A" }}</dd>
-        <dt class="text-label text-xs is-grey-dark">Last Authy SignIn</dt>
-        <dd class="text-table">{{ dateUS .CurrentUser.LastSignInWithAuthy }}</dd>
+        <dt class="text-label text-xs is-grey-dark">2FA Status</dt>
+        <dd class="text-table">{{ defaultString .CurrentUser.MFAStatus "N/A" }}</dd>
       </dl>
 
       <dl class="data-list">

views/users/show.html

@@ -67,12 +67,8 @@ <h4>{{ roleName .user.Role }} at {{ .user.Institution.Name }}</h4>
         <dd class="text-table">{{ yesNo .user.ConfirmedTwoFactor }}</dd>
         <dt class="text-label text-xs is-grey-dark">2FA Required By</dt>
         <dd class="text-table">{{ dateUS .user.GracePeriod }}</dd>
-        <dt class="text-label text-xs is-grey-dark">Authy Status</dt>
-        <dd class="text-table">{{ defaultString .user.AuthyStatus "N/A" }}</dd>
-        <dt class="text-label text-xs is-grey-dark">Authy ID</dt>
-        <dd class="text-table">{{ defaultString .user.AuthyID "N/A" }}</dd>
-        <dt class="text-label text-xs is-grey-dark">Last Authy SignIn</dt>
-        <dd class="text-table">{{ dateUS .user.LastSignInWithAuthy }}</dd>
+        <dt class="text-label text-xs is-grey-dark">MFA Status</dt>
+        <dd class="text-table">{{ defaultString .user.MFAStatus "N/A" }}</dd>
       </dl>
 
       <dl class="data-list">