diff --git a/ChangeLog b/ChangeLog
index 6282eceea..398ec499e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,7 @@ New features:
* Search in activity stream
* Search in comments
* Search by task creator
+* Added command line utility to reset user password and to disable 2FA
Improvements:
diff --git a/app/Console/BaseCommand.php b/app/Console/BaseCommand.php
index bf86ae0d4..23cdcc9cf 100644
--- a/app/Console/BaseCommand.php
+++ b/app/Console/BaseCommand.php
@@ -11,6 +11,7 @@ use Symfony\Component\Console\Command\Command;
* @package console
* @author Frederic Guillot
*
+ * @property \Kanboard\Validator\PasswordResetValidator $passwordResetValidator
* @property \Kanboard\Export\SubtaskExport $subtaskExport
* @property \Kanboard\Export\TaskExport $taskExport
* @property \Kanboard\Export\TransitionExport $transitionExport
@@ -21,6 +22,7 @@ use Symfony\Component\Console\Command\Command;
* @property \Kanboard\Model\ProjectDailyStats $projectDailyStats
* @property \Kanboard\Model\Task $task
* @property \Kanboard\Model\TaskFinder $taskFinder
+ * @property \Kanboard\Model\User $user
* @property \Kanboard\Model\UserNotification $userNotification
* @property \Kanboard\Model\UserNotificationFilter $userNotificationFilter
* @property \Symfony\Component\EventDispatcher\EventDispatcher $dispatcher
diff --git a/app/Console/ResetPasswordCommand.php b/app/Console/ResetPasswordCommand.php
new file mode 100644
index 000000000..93dc37610
--- /dev/null
+++ b/app/Console/ResetPasswordCommand.php
@@ -0,0 +1,79 @@
+setName('user:reset-password')
+ ->setDescription('Change user password')
+ ->addArgument('username', InputArgument::REQUIRED, 'Username')
+ ;
+ }
+
+ protected function execute(InputInterface $input, OutputInterface $output)
+ {
+ $helper = $this->getHelper('question');
+ $username = $input->getArgument('username');
+
+ $passwordQuestion = new Question('What is the new password for '.$username.'? (characters are not printed)'.PHP_EOL);
+ $passwordQuestion->setHidden(true);
+ $passwordQuestion->setHiddenFallback(false);
+
+ $password = $helper->ask($input, $output, $passwordQuestion);
+
+ $confirmationQuestion = new Question('Confirmation:'.PHP_EOL);
+ $confirmationQuestion->setHidden(true);
+ $confirmationQuestion->setHiddenFallback(false);
+
+ $confirmation = $helper->ask($input, $output, $confirmationQuestion);
+
+ if ($this->validatePassword($output, $password, $confirmation)) {
+ $this->resetPassword($output, $username, $password);
+ }
+ }
+
+ private function validatePassword(OutputInterface $output, $password, $confirmation)
+ {
+ list($valid, $errors) = $this->passwordResetValidator->validateModification(array(
+ 'password' => $password,
+ 'confirmation' => $confirmation,
+ ));
+
+ if (!$valid) {
+ foreach ($errors as $error_list) {
+ foreach ($error_list as $error) {
+ $output->writeln(''.$error.'');
+ }
+ }
+ }
+
+ return $valid;
+ }
+
+ private function resetPassword(OutputInterface $output, $username, $password)
+ {
+ $userId = $this->user->getIdByUsername($username);
+
+ if (empty($userId)) {
+ $output->writeln('User not found');
+ return false;
+ }
+
+ if (!$this->user->update(array('id' => $userId, 'password' => $password))) {
+ $output->writeln('Unable to update password');
+ return false;
+ }
+
+ $output->writeln('Password updated successfully');
+
+ return true;
+ }
+}
diff --git a/app/Console/ResetTwoFactorCommand.php b/app/Console/ResetTwoFactorCommand.php
new file mode 100644
index 000000000..3bf01e81e
--- /dev/null
+++ b/app/Console/ResetTwoFactorCommand.php
@@ -0,0 +1,38 @@
+setName('user:reset-2fa')
+ ->setDescription('Remove two-factor authentication for a user')
+ ->addArgument('username', InputArgument::REQUIRED, 'Username');
+ }
+
+ protected function execute(InputInterface $input, OutputInterface $output)
+ {
+ $username = $input->getArgument('username');
+ $userId = $this->user->getIdByUsername($username);
+
+ if (empty($userId)) {
+ $output->writeln('User not found');
+ return false;
+ }
+
+ if (!$this->user->update(array('id' => $userId, 'twofactor_activated' => 0, 'twofactor_secret' => ''))) {
+ $output->writeln('Unable to update user profile');
+ return false;
+ }
+
+ $output->writeln('Two-factor authentication disabled');
+
+ return true;
+ }
+}
diff --git a/doc/cli.markdown b/doc/cli.markdown
index 9334d84b5..d38d8b532 100644
--- a/doc/cli.markdown
+++ b/doc/cli.markdown
@@ -45,6 +45,9 @@ Available commands:
projects:daily-stats Calculate daily statistics for all projects
trigger
trigger:tasks Trigger scheduler event for all tasks
+ user
+ user:reset-2fa Remove two-factor authentication for a user
+ user:reset-password Change user password
```
Available commands
@@ -147,3 +150,17 @@ This command send a "daily cronjob event" to all open tasks of each project.
./kanboard trigger:tasks
Trigger task event: project_id=2, nb_tasks=1
```
+
+### Reset user password
+
+```bash
+./kanboard user:reset-password my_user
+```
+
+You will be prompted for a password and confirmation. Characters are not printed to the screen.
+
+### Remove two-factor authentication for a user
+
+```bash
+./kanboard user:reset-2fa my_user
+```
diff --git a/kanboard b/kanboard
index 8ac49d792..6a51c9378 100755
--- a/kanboard
+++ b/kanboard
@@ -3,6 +3,8 @@
require __DIR__.'/app/common.php';
+use Kanboard\Console\ResetPasswordCommand;
+use Kanboard\Console\ResetTwoFactorCommand;
use Symfony\Component\Console\Application;
use Symfony\Component\EventDispatcher\Event;
use Kanboard\Console\TaskOverdueNotificationCommand;
@@ -29,4 +31,6 @@ $application->add(new LocaleSyncCommand($container));
$application->add(new LocaleComparatorCommand($container));
$application->add(new TaskTriggerCommand($container));
$application->add(new CronjobCommand($container));
+$application->add(new ResetPasswordCommand($container));
+$application->add(new ResetTwoFactorCommand($container));
$application->run();