diff --git a/composer.json b/composer.json
index ae771b7..ea272c6 100644
--- a/composer.json
+++ b/composer.json
@@ -5,8 +5,8 @@
"license": "proprietary",
"require": {
"php": ">=8.3",
- "spryker-shop/agent-page-extension": "^1.1.0",
- "spryker-shop/customer-page-extension": "^1.7.0",
+ "spryker-shop/agent-page-extension": "^1.2.0",
+ "spryker-shop/customer-page-extension": "^1.8.0",
"spryker/agent": "^1.0.0",
"spryker/application": "^3.0.0",
"spryker/customer": "^7.0.0",
@@ -22,7 +22,7 @@
"spryker/mail-extension": "^1.0.0",
"spryker/multi-factor-auth-extension": "^1.2.0",
"spryker/propel-orm": "^1.16.0",
- "spryker/security-gui-extension": "^1.3.0",
+ "spryker/security-gui-extension": "^1.4.0",
"spryker/session": "^4.0.0",
"spryker/symfony": "^3.15.0",
"spryker/transfer": "^3.27.0",
diff --git a/src/Spryker/Client/MultiFactorAuth/MultiFactorAuthClient.php b/src/Spryker/Client/MultiFactorAuth/MultiFactorAuthClient.php
index 9571c19..a71f1e0 100644
--- a/src/Spryker/Client/MultiFactorAuth/MultiFactorAuthClient.php
+++ b/src/Spryker/Client/MultiFactorAuth/MultiFactorAuthClient.php
@@ -205,4 +205,24 @@ public function findCustomerMultiFactorAuthType(
): MultiFactorAuthCodeTransfer {
return $this->getFactory()->createCustomerMultiFactorAuthStub()->findCustomerMultiFactorAuthType($multiFactorAuthCodeCriteriaTransfer);
}
+
+ /**
+ * {@inheritDoc}
+ *
+ * @api
+ */
+ public function invalidateCustomerCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $this->getFactory()->createCustomerMultiFactorAuthStub()->invalidateCustomerCodes($multiFactorAuthTransfer);
+ }
+
+ /**
+ * {@inheritDoc}
+ *
+ * @api
+ */
+ public function invalidateAgentCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $this->getFactory()->createAgentMultiFactorAuthStub()->invalidateAgentCodes($multiFactorAuthTransfer);
+ }
}
diff --git a/src/Spryker/Client/MultiFactorAuth/MultiFactorAuthClientInterface.php b/src/Spryker/Client/MultiFactorAuth/MultiFactorAuthClientInterface.php
index 906fee8..dc157af 100644
--- a/src/Spryker/Client/MultiFactorAuth/MultiFactorAuthClientInterface.php
+++ b/src/Spryker/Client/MultiFactorAuth/MultiFactorAuthClientInterface.php
@@ -201,4 +201,24 @@ public function deactivateAgentMultiFactorAuth(MultiFactorAuthTransfer $multiFac
public function findCustomerMultiFactorAuthType(
MultiFactorAuthCodeCriteriaTransfer $multiFactorAuthCodeCriteriaTransfer
): MultiFactorAuthCodeTransfer;
+
+ /**
+ * Specification:
+ * - Makes Zed request.
+ * - Invalidates all active multi-factor authentication codes for a customer.
+ * - Sets all active codes status to invalidated.
+ *
+ * @api
+ */
+ public function invalidateCustomerCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void;
+
+ /**
+ * Specification:
+ * - Makes Zed request.
+ * - Invalidates all active multi-factor authentication codes for a user.
+ * - Sets all active codes status to invalidated.
+ *
+ * @api
+ */
+ public function invalidateAgentCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void;
}
diff --git a/src/Spryker/Client/MultiFactorAuth/Zed/Agent/AgentMultiFactorAuthStub.php b/src/Spryker/Client/MultiFactorAuth/Zed/Agent/AgentMultiFactorAuthStub.php
index 0427e01..3c26f3c 100644
--- a/src/Spryker/Client/MultiFactorAuth/Zed/Agent/AgentMultiFactorAuthStub.php
+++ b/src/Spryker/Client/MultiFactorAuth/Zed/Agent/AgentMultiFactorAuthStub.php
@@ -113,4 +113,12 @@ public function deactivateAgentMultiFactorAuth(MultiFactorAuthTransfer $multiFac
return $multiFactorAuthTransfer;
}
+
+ /**
+ * @uses {@link \Spryker\Zed\MultiFactorAuth\Communication\Controller\GatewayController::invalidateUserCodesAction()}
+ */
+ public function invalidateAgentCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $this->zedStub->call('/multi-factor-auth/gateway/invalidate-user-codes', $multiFactorAuthTransfer);
+ }
}
diff --git a/src/Spryker/Client/MultiFactorAuth/Zed/Agent/AgentMultiFactorAuthStubInterface.php b/src/Spryker/Client/MultiFactorAuth/Zed/Agent/AgentMultiFactorAuthStubInterface.php
index f60804a..05e81e1 100644
--- a/src/Spryker/Client/MultiFactorAuth/Zed/Agent/AgentMultiFactorAuthStubInterface.php
+++ b/src/Spryker/Client/MultiFactorAuth/Zed/Agent/AgentMultiFactorAuthStubInterface.php
@@ -58,4 +58,6 @@ public function activateAgentMultiFactorAuth(MultiFactorAuthTransfer $multiFacto
* @return \Generated\Shared\Transfer\MultiFactorAuthTransfer
*/
public function deactivateAgentMultiFactorAuth(MultiFactorAuthTransfer $multiFactorAuthTransfer): MultiFactorAuthTransfer;
+
+ public function invalidateAgentCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void;
}
diff --git a/src/Spryker/Client/MultiFactorAuth/Zed/Customer/CustomerMultiFactorAuthStub.php b/src/Spryker/Client/MultiFactorAuth/Zed/Customer/CustomerMultiFactorAuthStub.php
index 107e1f0..2436277 100644
--- a/src/Spryker/Client/MultiFactorAuth/Zed/Customer/CustomerMultiFactorAuthStub.php
+++ b/src/Spryker/Client/MultiFactorAuth/Zed/Customer/CustomerMultiFactorAuthStub.php
@@ -131,4 +131,12 @@ public function findCustomerMultiFactorAuthType(
return $multiFactorAuthCodeTransfer;
}
+
+ /**
+ * @uses {@link \Spryker\Zed\MultiFactorAuth\Communication\Controller\GatewayController::invalidateCustomerCodesAction()}
+ */
+ public function invalidateCustomerCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $this->zedStub->call('/multi-factor-auth/gateway/invalidate-customer-codes', $multiFactorAuthTransfer);
+ }
}
diff --git a/src/Spryker/Client/MultiFactorAuth/Zed/Customer/CustomerMultiFactorAuthStubInterface.php b/src/Spryker/Client/MultiFactorAuth/Zed/Customer/CustomerMultiFactorAuthStubInterface.php
index f6b9990..c297e61 100644
--- a/src/Spryker/Client/MultiFactorAuth/Zed/Customer/CustomerMultiFactorAuthStubInterface.php
+++ b/src/Spryker/Client/MultiFactorAuth/Zed/Customer/CustomerMultiFactorAuthStubInterface.php
@@ -69,4 +69,6 @@ public function deactivateCustomerMultiFactorAuth(MultiFactorAuthTransfer $multi
public function findCustomerMultiFactorAuthType(
MultiFactorAuthCodeCriteriaTransfer $multiFactorAuthCodeCriteriaTransfer
): MultiFactorAuthCodeTransfer;
+
+ public function invalidateCustomerCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void;
}
diff --git a/src/Spryker/Shared/MultiFactorAuth/Transfer/multi_factor_auth.transfer.xml b/src/Spryker/Shared/MultiFactorAuth/Transfer/multi_factor_auth.transfer.xml
index a4654bb..5370f4b 100644
--- a/src/Spryker/Shared/MultiFactorAuth/Transfer/multi_factor_auth.transfer.xml
+++ b/src/Spryker/Shared/MultiFactorAuth/Transfer/multi_factor_auth.transfer.xml
@@ -42,6 +42,7 @@
+
diff --git a/src/Spryker/Yves/MultiFactorAuth/Plugin/AuthenticationHandler/Agent/AgentUserMultiFactorAuthenticationHandlerPlugin.php b/src/Spryker/Yves/MultiFactorAuth/Plugin/AuthenticationHandler/Agent/AgentUserMultiFactorAuthenticationHandlerPlugin.php
index 50ff69b..e5d5edf 100644
--- a/src/Spryker/Yves/MultiFactorAuth/Plugin/AuthenticationHandler/Agent/AgentUserMultiFactorAuthenticationHandlerPlugin.php
+++ b/src/Spryker/Yves/MultiFactorAuth/Plugin/AuthenticationHandler/Agent/AgentUserMultiFactorAuthenticationHandlerPlugin.php
@@ -7,16 +7,18 @@
namespace Spryker\Yves\MultiFactorAuth\Plugin\AuthenticationHandler\Agent;
+use Generated\Shared\Transfer\MultiFactorAuthTransfer;
use Generated\Shared\Transfer\MultiFactorAuthValidationRequestTransfer;
use Generated\Shared\Transfer\MultiFactorAuthValidationResponseTransfer;
use Spryker\Yves\Kernel\AbstractPlugin;
+use SprykerShop\Yves\AgentPageExtension\Dependency\Plugin\AuthenticationCodeInvalidatorPluginInterface;
use SprykerShop\Yves\AgentPageExtension\Dependency\Plugin\AuthenticationHandlerPluginInterface;
/**
* @method \Spryker\Yves\MultiFactorAuth\MultiFactorAuthFactory getFactory()
* @method \Spryker\Client\MultiFactorAuth\MultiFactorAuthClientInterface getClient()
*/
-class AgentUserMultiFactorAuthenticationHandlerPlugin extends AbstractPlugin implements AuthenticationHandlerPluginInterface
+class AgentUserMultiFactorAuthenticationHandlerPlugin extends AbstractPlugin implements AuthenticationHandlerPluginInterface, AuthenticationCodeInvalidatorPluginInterface
{
/**
* @var string
@@ -52,4 +54,15 @@ public function validateAgentMultiFactorStatus(
): MultiFactorAuthValidationResponseTransfer {
return $this->getClient()->validateAgentMultiFactorAuthStatus($multiFactorAuthValidationRequestTransfer);
}
+
+ /**
+ * {@inheritDoc}
+ * - Invalidates all multi-factor authentication codes for the provided agent user.
+ *
+ * @api
+ */
+ public function invalidateAgentCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $this->getClient()->invalidateAgentCodes($multiFactorAuthTransfer);
+ }
}
diff --git a/src/Spryker/Yves/MultiFactorAuth/Plugin/AuthenticationHandler/Customer/CustomerMultiFactorAuthenticationHandlerPlugin.php b/src/Spryker/Yves/MultiFactorAuth/Plugin/AuthenticationHandler/Customer/CustomerMultiFactorAuthenticationHandlerPlugin.php
index ad6e5ec..2251658 100644
--- a/src/Spryker/Yves/MultiFactorAuth/Plugin/AuthenticationHandler/Customer/CustomerMultiFactorAuthenticationHandlerPlugin.php
+++ b/src/Spryker/Yves/MultiFactorAuth/Plugin/AuthenticationHandler/Customer/CustomerMultiFactorAuthenticationHandlerPlugin.php
@@ -7,15 +7,17 @@
namespace Spryker\Yves\MultiFactorAuth\Plugin\AuthenticationHandler\Customer;
+use Generated\Shared\Transfer\MultiFactorAuthTransfer;
use Generated\Shared\Transfer\MultiFactorAuthValidationRequestTransfer;
use Generated\Shared\Transfer\MultiFactorAuthValidationResponseTransfer;
use Spryker\Yves\Kernel\AbstractPlugin;
+use SprykerShop\Yves\CustomerPageExtension\Dependency\Plugin\AuthenticationCodeInvalidatorPluginInterface;
use SprykerShop\Yves\CustomerPageExtension\Dependency\Plugin\AuthenticationHandlerPluginInterface;
/**
* @method \Spryker\Client\MultiFactorAuth\MultiFactorAuthClientInterface getClient()
*/
-class CustomerMultiFactorAuthenticationHandlerPlugin extends AbstractPlugin implements AuthenticationHandlerPluginInterface
+class CustomerMultiFactorAuthenticationHandlerPlugin extends AbstractPlugin implements AuthenticationHandlerPluginInterface, AuthenticationCodeInvalidatorPluginInterface
{
/**
* @var string
@@ -51,4 +53,15 @@ public function validateCustomerMultiFactorStatus(
): MultiFactorAuthValidationResponseTransfer {
return $this->getClient()->validateCustomerMultiFactorAuthStatus($multiFactorAuthValidationRequestTransfer);
}
+
+ /**
+ * {@inheritDoc}
+ * - Invalidates all multi-factor authentication codes for the provided customer.
+ *
+ * @api
+ */
+ public function invalidateCustomerCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $this->getClient()->invalidateCustomerCodes($multiFactorAuthTransfer);
+ }
}
diff --git a/src/Spryker/Zed/MultiFactorAuth/Business/MultiFactorAuthFacade.php b/src/Spryker/Zed/MultiFactorAuth/Business/MultiFactorAuthFacade.php
index 86877bd..1f20a49 100644
--- a/src/Spryker/Zed/MultiFactorAuth/Business/MultiFactorAuthFacade.php
+++ b/src/Spryker/Zed/MultiFactorAuth/Business/MultiFactorAuthFacade.php
@@ -240,4 +240,24 @@ public function getUserMultiFactorAuthTypes(MultiFactorAuthCriteriaTransfer $mul
{
return $this->getRepository()->getUserMultiFactorAuthTypes($multiFactorAuthCriteriaTransfer);
}
+
+ /**
+ * {@inheritDoc}
+ *
+ * @api
+ */
+ public function invalidateUserCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $this->getEntityManager()->invalidateUserCodes($multiFactorAuthTransfer);
+ }
+
+ /**
+ * {@inheritDoc}
+ *
+ * @api
+ */
+ public function invalidateCustomerCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $this->getEntityManager()->invalidateCustomerCodes($multiFactorAuthTransfer);
+ }
}
diff --git a/src/Spryker/Zed/MultiFactorAuth/Business/MultiFactorAuthFacadeInterface.php b/src/Spryker/Zed/MultiFactorAuth/Business/MultiFactorAuthFacadeInterface.php
index 40bf9c3..63d1c2e 100644
--- a/src/Spryker/Zed/MultiFactorAuth/Business/MultiFactorAuthFacadeInterface.php
+++ b/src/Spryker/Zed/MultiFactorAuth/Business/MultiFactorAuthFacadeInterface.php
@@ -217,4 +217,28 @@ public function findUserMultiFactorAuthType(
* @return \Generated\Shared\Transfer\MultiFactorAuthTypesCollectionTransfer
*/
public function getUserMultiFactorAuthTypes(MultiFactorAuthCriteriaTransfer $multiFactorAuthCriteriaTransfer): MultiFactorAuthTypesCollectionTransfer;
+
+ /**
+ * Specification:
+ * - Invalidates all active multi-factor authentication codes for a user.
+ * - Sets all active codes status to invalidated.
+ * - Called before login MFA flow to ensure fresh codes.
+ *
+ * @api
+ *
+ * @param \Generated\Shared\Transfer\MultiFactorAuthTransfer $multiFactorAuthTransfer
+ *
+ * @return void
+ */
+ public function invalidateUserCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void;
+
+ /**
+ * Specification:
+ * - Invalidates all active multi-factor authentication codes for a customer.
+ * - Sets all active codes status to invalidated.
+ * - Called before login MFA flow to ensure fresh codes.
+ *
+ * @api
+ */
+ public function invalidateCustomerCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void;
}
diff --git a/src/Spryker/Zed/MultiFactorAuth/Business/Validator/AbstractMultiFactorAuthStatusValidator.php b/src/Spryker/Zed/MultiFactorAuth/Business/Validator/AbstractMultiFactorAuthStatusValidator.php
index 9998e0d..a590eca 100644
--- a/src/Spryker/Zed/MultiFactorAuth/Business/Validator/AbstractMultiFactorAuthStatusValidator.php
+++ b/src/Spryker/Zed/MultiFactorAuth/Business/Validator/AbstractMultiFactorAuthStatusValidator.php
@@ -45,7 +45,8 @@ public function validate(
if (
$multiFactorAuthCodeTransfer->getCode() === null ||
$multiFactorAuthCodeTransfer->getStatus() !== MultiFactorAuthConstants::CODE_VERIFIED ||
- new DateTime($multiFactorAuthCodeTransfer->getExpirationDateOrFail()) < $currentDateTime
+ new DateTime($multiFactorAuthCodeTransfer->getExpirationDateOrFail()) < $currentDateTime ||
+ $multiFactorAuthValidationRequestTransfer->getIsLogin() === true
) {
return $this->createMultiFactorAuthValidationResponseTransfer(true, $multiFactorAuthCodeTransfer->getStatus());
}
diff --git a/src/Spryker/Zed/MultiFactorAuth/Communication/Controller/GatewayController.php b/src/Spryker/Zed/MultiFactorAuth/Communication/Controller/GatewayController.php
index 6ee548e..08f48c7 100644
--- a/src/Spryker/Zed/MultiFactorAuth/Communication/Controller/GatewayController.php
+++ b/src/Spryker/Zed/MultiFactorAuth/Communication/Controller/GatewayController.php
@@ -165,4 +165,18 @@ public function deactivateUserMultiFactorAuthAction(MultiFactorAuthTransfer $mul
return $multiFactorAuthTransfer;
}
+
+ public function invalidateCustomerCodesAction(MultiFactorAuthTransfer $multiFactorAuthTransfer): MultiFactorAuthTransfer
+ {
+ $this->getFacade()->invalidateCustomerCodes($multiFactorAuthTransfer);
+
+ return $multiFactorAuthTransfer;
+ }
+
+ public function invalidateUserCodesAction(MultiFactorAuthTransfer $multiFactorAuthTransfer): MultiFactorAuthTransfer
+ {
+ $this->getFacade()->invalidateUserCodes($multiFactorAuthTransfer);
+
+ return $multiFactorAuthTransfer;
+ }
}
diff --git a/src/Spryker/Zed/MultiFactorAuth/Communication/Plugin/AuthenticationHandler/User/UserMultiFactorAuthenticationHandlerPlugin.php b/src/Spryker/Zed/MultiFactorAuth/Communication/Plugin/AuthenticationHandler/User/UserMultiFactorAuthenticationHandlerPlugin.php
index 3d88ca3..6402e7a 100644
--- a/src/Spryker/Zed/MultiFactorAuth/Communication/Plugin/AuthenticationHandler/User/UserMultiFactorAuthenticationHandlerPlugin.php
+++ b/src/Spryker/Zed/MultiFactorAuth/Communication/Plugin/AuthenticationHandler/User/UserMultiFactorAuthenticationHandlerPlugin.php
@@ -7,9 +7,11 @@
namespace Spryker\Zed\MultiFactorAuth\Communication\Plugin\AuthenticationHandler\User;
+use Generated\Shared\Transfer\MultiFactorAuthTransfer;
use Generated\Shared\Transfer\MultiFactorAuthValidationRequestTransfer;
use Generated\Shared\Transfer\MultiFactorAuthValidationResponseTransfer;
use Spryker\Zed\Kernel\Communication\AbstractPlugin;
+use Spryker\Zed\SecurityGuiExtension\Dependency\Plugin\AuthenticationCodeInvalidatorPluginInterface;
use Spryker\Zed\SecurityGuiExtension\Dependency\Plugin\AuthenticationHandlerPluginInterface;
/**
@@ -17,7 +19,7 @@
* @method \Spryker\Zed\MultiFactorAuth\Business\MultiFactorAuthFacadeInterface getFacade()()
* @method \Spryker\Zed\MultiFactorAuth\MultiFactorAuthConfig getConfig()
*/
-class UserMultiFactorAuthenticationHandlerPlugin extends AbstractPlugin implements AuthenticationHandlerPluginInterface
+class UserMultiFactorAuthenticationHandlerPlugin extends AbstractPlugin implements AuthenticationHandlerPluginInterface, AuthenticationCodeInvalidatorPluginInterface
{
/**
* @var string
@@ -53,4 +55,15 @@ public function validateUserMultiFactorStatus(
): MultiFactorAuthValidationResponseTransfer {
return $this->getFacade()->validateUserMultiFactorAuthStatus($multiFactorAuthValidationRequestTransfer);
}
+
+ /**
+ * {@inheritDoc}
+ * - Invalidates all multi-factor authentication codes for the provided user.
+ *
+ * @api
+ */
+ public function invalidateUserCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $this->getFacade()->invalidateUserCodes($multiFactorAuthTransfer);
+ }
}
diff --git a/src/Spryker/Zed/MultiFactorAuth/Persistence/MultiFactorAuthEntityManager.php b/src/Spryker/Zed/MultiFactorAuth/Persistence/MultiFactorAuthEntityManager.php
index 055c9cf..75c9420 100644
--- a/src/Spryker/Zed/MultiFactorAuth/Persistence/MultiFactorAuthEntityManager.php
+++ b/src/Spryker/Zed/MultiFactorAuth/Persistence/MultiFactorAuthEntityManager.php
@@ -11,6 +11,7 @@
use Generated\Shared\Transfer\MultiFactorAuthTransfer;
use Orm\Zed\MultiFactorAuth\Persistence\Map\SpyCustomerMultiFactorAuthCodesTableMap;
use Orm\Zed\MultiFactorAuth\Persistence\Map\SpyUserMultiFactorAuthCodesTableMap;
+use Propel\Runtime\ActiveQuery\Criteria;
use Spryker\Shared\MultiFactorAuth\MultiFactorAuthConstants;
use Spryker\Zed\Kernel\Persistence\AbstractEntityManager;
@@ -256,4 +257,63 @@ public function deleteUserMultiFactorAuth(MultiFactorAuthTransfer $multiFactorAu
$this->updateUserCode($multiFactorAuthTransfer);
}
}
+
+ public function invalidateUserCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ $codeIds = $this->getFactory()
+ ->createSpyUserMultiFactorAuthCodeQuery()
+ ->useSpyUserMultiFactorAuthQuery()
+ ->filterByFkUser($multiFactorAuthTransfer->getUserOrFail()->getIdUserOrFail())
+ ->endUse()
+ ->filterByStatus(
+ [
+ MultiFactorAuthConstants::CODE_UNVERIFIED,
+ MultiFactorAuthConstants::CODE_VERIFIED,
+ ],
+ Criteria::IN,
+ )
+ ->select([SpyUserMultiFactorAuthCodesTableMap::COL_ID_USER_MULTI_FACTOR_AUTH_CODE])
+ ->find()
+ ->getData();
+
+ if ($codeIds === []) {
+ return;
+ }
+
+ $this->getFactory()
+ ->createSpyUserMultiFactorAuthCodeQuery()
+ ->filterByIdUserMultiFactorAuthCode_In($codeIds)
+ ->update(['Status' => MultiFactorAuthConstants::CODE_INVALIDATED]);
+ }
+
+ public function invalidateCustomerCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void
+ {
+ /** @var \Orm\Zed\MultiFactorAuth\Persistence\SpyCustomerMultiFactorAuthCodesQuery $customerMultiFactorAuthCodesQuery */
+ $customerMultiFactorAuthCodesQuery = $this->getFactory()
+ ->createSpyCustomerMultiFactorAuthCodeQuery()
+ ->useSpyCustomerMultiFactorAuthQuery()
+ ->filterByFkCustomer($multiFactorAuthTransfer->getCustomerOrFail()->getIdCustomerOrFail())
+ ->endUse();
+
+ $codeIds = $customerMultiFactorAuthCodesQuery
+ ->filterByStatus(
+ [
+ MultiFactorAuthConstants::CODE_UNVERIFIED,
+ MultiFactorAuthConstants::CODE_VERIFIED,
+ ],
+ Criteria::IN,
+ )
+ ->select([SpyCustomerMultiFactorAuthCodesTableMap::COL_ID_CUSTOMER_MULTI_FACTOR_AUTH_CODE])
+ ->find()
+ ->getData();
+
+ if ($codeIds === []) {
+ return;
+ }
+
+ $this->getFactory()
+ ->createSpyCustomerMultiFactorAuthCodeQuery()
+ ->filterByIdCustomerMultiFactorAuthCode_In($codeIds)
+ ->update(['Status' => MultiFactorAuthConstants::CODE_INVALIDATED]);
+ }
}
diff --git a/src/Spryker/Zed/MultiFactorAuth/Persistence/MultiFactorAuthEntityManagerInterface.php b/src/Spryker/Zed/MultiFactorAuth/Persistence/MultiFactorAuthEntityManagerInterface.php
index 57bd35b..a9746d3 100644
--- a/src/Spryker/Zed/MultiFactorAuth/Persistence/MultiFactorAuthEntityManagerInterface.php
+++ b/src/Spryker/Zed/MultiFactorAuth/Persistence/MultiFactorAuthEntityManagerInterface.php
@@ -81,4 +81,8 @@ public function saveCustomerMultiFactorAuthCodeAttempt(MultiFactorAuthCodeTransf
* @return void
*/
public function saveUserMultiFactorAuthCodeAttempt(MultiFactorAuthCodeTransfer $multiFactorAuthCodeTransfer): void;
+
+ public function invalidateUserCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void;
+
+ public function invalidateCustomerCodes(MultiFactorAuthTransfer $multiFactorAuthTransfer): void;
}