BookStackApp · clauvaldez · Mar 11, 2026 · ssddanbrown · Apr 19, 2026 · ssddanbrown
diff --git a/app/Users/Controllers/UserController.php b/app/Users/Controllers/UserController.php
@@ -208,4 +208,17 @@ public function destroy(Request $request, int $id)
 
         return redirect('/settings/users');
     }
+
+    /**
+     * Reset MFA for the specified user.
+     */
+    public function resetMfa(Request $request, int $id)
+    {
+        $this->checkPermission(Permission::UsersManage);
+        $user = $this->userRepo->getById($id);
+        // Resetear el 2FA del usuario 
+        $user->mfaValues()->delete();
+        session()->flash('success', trans('settings.users_mfa_reset_success', ['userName' => $user->name]));
+        return redirect()->back();
+    }
 }
diff --git a/lang/en/settings.php b/lang/en/settings.php
@@ -263,6 +263,11 @@
     'users_mfa_desc' => 'Setup multi-factor authentication as an extra layer of security for your user account.',
     'users_mfa_x_methods' => ':count method configured|:count methods configured',
     'users_mfa_configure' => 'Configure Methods',
+    'users_mfa_reset' => 'Reset 2FA',
+    'users_mfa_reset_desc' => 'Reset and clear all configured MFA methods for :userName. They will be prompted to reconfigure on next login.',
+    'users_mfa_reset_confirm' => 'Are you sure you want to reset 2FA for :userName?',
+    'users_mfa_reset_success' => '2FA has been reset for :userName',
+    'users_mfa_reset_error' => 'Failed to reset 2FA for :userName',
 
     // API Tokens
     'user_api_token_create' => 'Create API Token',

diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php
@@ -71,6 +71,26 @@ class="button outline">{{ trans('settings.users_mfa_configure') }}</a>
                 </div>
             </div>
 
+            @if(user()->hasSystemRole('admin'))
+                <div class="mt-xl">
+                    <hr class="my-m">
+                    <div class="grid half gap-xl v-center">
+                        <div>
+                            <strong class="text-neg">{{ trans('settings.users_mfa_reset') }}</strong>
+                            <p class="text-small text-muted">{{ trans('settings.users_mfa_reset_desc', ['userName' => $user->name]) }}</p>
+                        </div>
+                        <div class="text-m-right">
+                            <form action="{{ url("/settings/users/{$user->id}/reset-mfa") }}" method="POST" style="display: inline;">
+                                @csrf
+                                <button type="submit" class="button neg" 
+                                        onclick="return confirm('{{ trans('settings.users_mfa_reset_confirm', ['userName' => $user->name]) }}')">
+                                    {{ trans('settings.users_mfa_reset') }}
+                                </button>
+                            </form>
+                        </div>
+                    </div>
+                </div>
+            @endif
         </section>
 
         @if(count($activeSocialDrivers) > 0)

diff --git a/routes/web.php b/routes/web.php
@@ -251,6 +251,7 @@
     Route::get('/settings/users/{id}', [UserControllers\UserController::class, 'edit']);
     Route::put('/settings/users/{id}', [UserControllers\UserController::class, 'update']);
     Route::delete('/settings/users/{id}', [UserControllers\UserController::class, 'destroy']);
+    Route::post('/settings/users/{id}/reset-mfa', [UserControllers\UserController::class, 'resetMfa']);
 
     // User Account
     Route::get('/my-account', [UserControllers\UserAccountController::class, 'redirect']);