fix!: use POST instead of DELETE when disabling 2FA

Signed-off-by: Matthew Penner <[email protected]>
pterodactyl · Oct 24, 2024 · 75b5908 · 75b5908
1 parent 3a0b7d1
commit 75b5908
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/resources/scripts/api/account/disableAccountTwoFactor.ts b/resources/scripts/api/account/disableAccountTwoFactor.ts
@@ -1,9 +1,11 @@
 import http from '@/api/http';
 
-export default (password: string): Promise<void> => {
+function disableAccountTwoFactor(password: string): Promise<void> {
     return new Promise((resolve, reject) => {
-        http.delete('/api/client/account/two-factor', { params: { password } })
+        http.post('/api/client/account/two-factor/disable', { password })
             .then(() => resolve())
             .catch(reject);
     });
-};
+}
+
+export default disableAccountTwoFactor;
diff --git a/routes/api-client.php b/routes/api-client.php
@@ -24,7 +24,7 @@
         Route::get('/', [Client\AccountController::class, 'index'])->name('api:client.account');
         Route::get('/two-factor', [Client\TwoFactorController::class, 'index']);
         Route::post('/two-factor', [Client\TwoFactorController::class, 'store']);
-        Route::delete('/two-factor', [Client\TwoFactorController::class, 'delete']);
+        Route::post('/two-factor/disable', [Client\TwoFactorController::class, 'delete']);
     });
 
     Route::put('/email', [Client\AccountController::class, 'updateEmail'])->name('api:client.account.update-email');