# Copyright (C) 2012-2026 Zammad Foundation, https://zammad-foundation.org/

class User::AdminTwoFactorsController < ApplicationController
  prepend_before_action :authenticate_and_authorize!

  def remove_authentication_method
    Service::User::TwoFactor::RemoveMethod
      .with_current_user(params_user)
      .execute(method_name: params[:method])

    render json: {}
  end

  def remove_all_authentication_methods
    params_user.two_factor_destroy_all_authentication_methods

    render json: {}
  end

  def enabled_authentication_methods
    render json: params_user.two_factor_enabled_authentication_methods
  end

  private

  def params_user
    User.find(params[:id])
  end
end