npm - strapi-identity - Versions diffs - 0.1.2 → 0.3.0 - Mend

strapi-identity 0.1.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (88) hide show

package/README.md +2 -1
package/dist/admin/{AdminReset-H453s-DE.mjs → AdminReset-CCGgw-0k.mjs} +2 -2
package/dist/admin/{AdminReset-C0QibZXW.js → AdminReset-QClQP2Il.js} +2 -2
package/dist/admin/{ProfileToggle-BFmIWCrN.js → ProfileToggle-H31GHNDA.js} +299 -39
package/dist/admin/{ProfileToggle-DQeXCx34.mjs → ProfileToggle-gPuH6dGP.mjs} +299 -39
package/dist/admin/{SettingsPage-OwMik_IK.mjs → SettingsPage-DgPikS3m.mjs} +344 -102
package/dist/admin/{SettingsPage-DyF7YbsX.js → SettingsPage-DulEjadb.js} +343 -101
package/dist/admin/{ar-i2eiMZkz.js → ar-BYnI7Tsa.js} +36 -23
package/dist/admin/{ar-BXaam37U.mjs → ar-DwZqj0qM.mjs} +36 -23
package/dist/admin/{ca-DZ9DbEcQ.mjs → ca-aKVVc8iQ.mjs} +36 -23
package/dist/admin/{ca-BVpGzY8r.js → ca-sBRHuaFU.js} +36 -23
package/dist/admin/{cs-Gok16KLy.mjs → cs--prflMHS.mjs} +36 -23
package/dist/admin/{cs-_PZVkwt0.js → cs-gU7KP3Lx.js} +36 -23
package/dist/admin/de-BT25lv_6.mjs +49 -0
package/dist/admin/de-CrlCAUuf.js +49 -0
package/dist/admin/{dk-B7EOsAdU.js → dk-BNC3WUzY.js} +36 -23
package/dist/admin/{dk-CI64Xmli.mjs → dk-Ck3AQYU7.mjs} +36 -23
package/dist/admin/{en-B_vJwdfS.mjs → en-9qzlpde0.mjs} +36 -23
package/dist/admin/{en-D4KP9t1Y.js → en-DBj0AD5g.js} +36 -23
package/dist/admin/{es-CHwF7YK-.js → es-D5Sn41_H.js} +36 -23
package/dist/admin/{es-CqJcXo4j.mjs → es-lh6XoPb7.mjs} +36 -23
package/dist/admin/{eu-D-snytN8.mjs → eu-Cuz6ijBX.mjs} +36 -23
package/dist/admin/{eu-DvdbwE5E.js → eu-Qr3RvDPW.js} +36 -23
package/dist/admin/fr-C4pmkPYn.js +49 -0
package/dist/admin/fr-ChlDcZsG.mjs +49 -0
package/dist/admin/{gu-3wJbbAmw.mjs → gu-B6zyD1bW.mjs} +36 -23
package/dist/admin/{gu-D2LgVfMp.js → gu-BMZL76zM.js} +36 -23
package/dist/admin/{he-Bjv7eygt.mjs → he-C5V-qZCX.mjs} +36 -23
package/dist/admin/{he-DnhYpbvN.js → he-H6iBa45A.js} +36 -23
package/dist/admin/{hi-DDD2E3A3.js → hi-Be8rPk7I.js} +36 -23
package/dist/admin/{hi-CNiDezU7.mjs → hi-czhOWo6-.mjs} +36 -23
package/dist/admin/{hu-C1_YkZHU.js → hu-DKp6kOmc.js} +36 -23
package/dist/admin/{hu-aLaIWmGw.mjs → hu-NbZ3aiYV.mjs} +36 -23
package/dist/admin/{id-u3wVE6Rv.js → id-DO0bwFgY.js} +36 -23
package/dist/admin/{id-C8WRgGm1.mjs → id-NH9PvcR5.mjs} +36 -23
package/dist/admin/{index-BXZI8nMZ.js → index-C9K2h5UC.js} +65 -12
package/dist/admin/{index-D45I6rWF.mjs → index-C_4USMnn.mjs} +65 -12
package/dist/admin/index.js +1 -1
package/dist/admin/index.mjs +1 -1
package/dist/admin/{it-CjoRoJj1.mjs → it-Cmrey6tg.mjs} +36 -23
package/dist/admin/{it-CDw6dG9Z.js → it-Df6-7-M7.js} +36 -23
package/dist/admin/{ja-CewucIUY.mjs → ja-DH3KMqOL.mjs} +36 -23
package/dist/admin/{ja-CbMXy2ym.js → ja-HuAq9ZwT.js} +36 -23
package/dist/admin/{ko-D-kAxDtd.mjs → ko-DPN28RE8.mjs} +36 -23
package/dist/admin/{ko-BEtJPpfJ.js → ko-S9k8KA8K.js} +36 -23
package/dist/admin/{ml-0fR2_MmA.js → ml-Bh9GGqcW.js} +36 -23
package/dist/admin/{ml-DR3AaofF.mjs → ml-MsHNacm6.mjs} +36 -23
package/dist/admin/{ms-COHLS5e5.mjs → ms-TjHAaxTd.mjs} +36 -23
package/dist/admin/{ms-DLvuGSlk.js → ms-hO5YeEg4.js} +36 -23
package/dist/admin/{nl-wj6kn642.js → nl-BF98NBwL.js} +36 -23
package/dist/admin/{nl-DVtHsM2H.mjs → nl-BLILZU8-.mjs} +36 -23
package/dist/admin/{no-D_0yjyCy.mjs → no-BtVZ-siy.mjs} +36 -23
package/dist/admin/{no-DVBgWt8q.js → no-bl1OXlfa.js} +36 -23
package/dist/admin/{pl-C3GNxjVX.mjs → pl-DCSB6LwZ.mjs} +36 -23
package/dist/admin/{pl-B2ghisbC.js → pl-DCnOWIDw.js} +36 -23
package/dist/admin/{pt-BR-BbKV8YoX.mjs → pt-BR-CeLqmj88.mjs} +36 -23
package/dist/admin/{pt-BR-CfgNaB1-.js → pt-BR-D2_UrxTp.js} +36 -23
package/dist/admin/{pt-DKe8rRWa.js → pt-DIu8RT_X.js} +36 -23
package/dist/admin/{pt-z4K3cCjf.mjs → pt-fgjdOyW5.mjs} +36 -23
package/dist/admin/{ru-C85izLFa.mjs → ru-B_hlpAyP.mjs} +36 -23
package/dist/admin/{ru-BFSm68HC.js → ru-BccMCf0l.js} +36 -23
package/dist/admin/{sa-B1XoTTrE.mjs → sa-BtuJ_I1t.mjs} +36 -23
package/dist/admin/{sa-BOPaqylt.js → sa-D3A-fo85.js} +36 -23
package/dist/admin/{sk-C48lUPuC.mjs → sk-mmuTFlCK.mjs} +36 -23
package/dist/admin/{sk-Dd-S1612.js → sk-uSLC6KhO.js} +36 -23
package/dist/admin/{sv-BLma_kJl.mjs → sv-BlaHc5ax.mjs} +36 -23
package/dist/admin/{sv-lg64Cw78.js → sv-CuKk5tE-.js} +36 -23
package/dist/admin/{th-DPbm5NrX.js → th-Bv3NKkYO.js} +36 -23
package/dist/admin/{th-BJEu5n7q.mjs → th-BwyhFaeE.mjs} +36 -23
package/dist/admin/{tokenHelpers-jtoRu0q5.js → tokenHelpers-B54WRTn1.js} +4 -10
package/dist/admin/{tokenHelpers-DagDzpso.mjs → tokenHelpers-CKVyT1sz.mjs} +4 -10
package/dist/admin/{tr-DkIUODKq.mjs → tr-BLocNlbZ.mjs} +36 -23
package/dist/admin/{tr-Bm1QZr4v.js → tr-Bmvs-Hx-.js} +36 -23
package/dist/admin/{uk-FARzIGx4.js → uk-BDxn-EZU.js} +36 -23
package/dist/admin/{uk-D7ArtSe3.mjs → uk-CyZ10xtq.mjs} +36 -23
package/dist/admin/{vi-DS0yslPP.mjs → vi-Bx_UJ8up.mjs} +36 -23
package/dist/admin/{vi-Bi9B6eTY.js → vi-F_mqQCme.js} +36 -23
package/dist/admin/{zh-DkEx28ZA.js → zh-CFZJPG5N.js} +36 -23
package/dist/admin/{zh-DwCvIPSz.mjs → zh-CjJdRa3l.mjs} +36 -23
package/dist/admin/{zh-Hans-BwwKCR6_.js → zh-Hans-4BhSwSQw.js} +36 -23
package/dist/admin/{zh-Hans-DP2xZyda.mjs → zh-Hans-s7G2GUHU.mjs} +36 -23
package/dist/server/index.js +487 -50
package/dist/server/index.mjs +487 -50
package/package.json +5 -4
package/dist/admin/de-BuYn1AYX.mjs +0 -26
package/dist/admin/de-GItli7en.js +0 -26
package/dist/admin/fr-Bt6sS5GX.mjs +0 -26
package/dist/admin/fr-CbCW6hVD.js +0 -26

package/dist/admin/{ProfileToggle-DQeXCx34.mjs → ProfileToggle-gPuH6dGP.mjs} RENAMED Viewed

@@ -2,10 +2,10 @@ import { jsx, jsxs, Fragment } from "react/jsx-runtime";
 import { useState, useEffect } from "react";
 import { Modal, Flex, Typography, Grid, Button, TextInput, Box, Field, Toggle } from "@strapi/design-system";
 import styled from "styled-components";
-import { g as getTranslation, I as InputOTP, a as InputOTPGroup, b as InputOTPSlot, c as InputOTPSeparator } from "./index-D45I6rWF.mjs";
+import { g as getTranslation, I as InputOTP, a as InputOTPGroup, b as InputOTPSlot, c as InputOTPSeparator } from "./index-C_4USMnn.mjs";
 import { QRCodeCanvas } from "qrcode.react";
 import { useIntl } from "react-intl";
-import { g as getToken } from "./tokenHelpers-DagDzpso.mjs";
+import { g as getToken } from "./tokenHelpers-CKVyT1sz.mjs";
 function ConfirmModal({
   open,
   onOpenChange,
@@ -120,11 +120,155 @@ function RemoveModal({ open, onOpenChange, onSubmit }) {
     ] })
   ] }) }) });
 }
+function EmailOTPModal({
+  mode,
+  open,
+  email,
+  onOpenChange,
+  onSuccess
+}) {
+  const { formatMessage } = useIntl();
+  const [step, setStep] = useState("send");
+  const [loading, setLoading] = useState(false);
+  const [error, setError] = useState(null);
+  const handleOpenChange = (nextOpen) => {
+    if (!nextOpen) {
+      setStep("send");
+      setError(null);
+    }
+    onOpenChange(nextOpen);
+  };
+  const handleSend = async () => {
+    const token = getToken();
+    setLoading(true);
+    setError(null);
+    try {
+      const endpoint = mode === "setup" ? "/strapi-identity/enable-email" : "/strapi-identity/disable-email/request";
+      const response = await fetch(endpoint, {
+        method: "POST",
+        headers: { "Content-Type": "application/json", authorization: `Bearer ${token}` }
+      });
+      const body = await response.json();
+      if (!response.ok) {
+        throw new Error(body.error || "Failed to send verification email");
+      }
+      setStep("confirm");
+    } catch (err) {
+      setError(err.message);
+    } finally {
+      setLoading(false);
+    }
+  };
+  const handleConfirm = async (e) => {
+    e.preventDefault();
+    const token = getToken();
+    const formData = new FormData(e.target);
+    const code = formData.get("otp");
+    setLoading(true);
+    setError(null);
+    try {
+      const endpoint = mode === "setup" ? "/strapi-identity/setup-email" : "/strapi-identity/disable";
+      const response = await fetch(endpoint, {
+        method: "POST",
+        headers: { "Content-Type": "application/json", authorization: `Bearer ${token}` },
+        body: JSON.stringify({ code })
+      });
+      const body = await response.json();
+      if (!response.ok) {
+        throw new Error(body.error || "Invalid or expired code");
+      }
+      handleOpenChange(false);
+      onSuccess();
+    } catch (err) {
+      setError(err.message);
+    } finally {
+      setLoading(false);
+    }
+  };
+  const title = mode === "setup" ? formatMessage({
+    id: getTranslation("email_otp.setup_title"),
+    defaultMessage: "Enable Email OTP"
+  }) : formatMessage({
+    id: getTranslation("email_otp.disable_title"),
+    defaultMessage: "Disable Email OTP"
+  });
+  return /* @__PURE__ */ jsx(Modal.Root, { open, onOpenChange: handleOpenChange, children: /* @__PURE__ */ jsxs(Modal.Content, { children: [
+    /* @__PURE__ */ jsx(Modal.Header, { children: /* @__PURE__ */ jsx(Modal.Title, { children: title }) }),
+    step === "send" ? /* @__PURE__ */ jsxs(Fragment, { children: [
+      /* @__PURE__ */ jsx(Modal.Body, { children: /* @__PURE__ */ jsxs(Flex, { direction: "column", alignItems: "center", gap: 4, marginTop: 4, marginBottom: 4, children: [
+        /* @__PURE__ */ jsx(Typography, { textAlign: "center", children: mode === "setup" ? formatMessage(
+          {
+            id: getTranslation("email_otp.setup_description"),
+            defaultMessage: "We'll send a 6-digit verification code to {email}. Enter it to enable Email OTP."
+          },
+          { email: /* @__PURE__ */ jsx("strong", { children: email }) }
+        ) : formatMessage(
+          {
+            id: getTranslation("email_otp.disable_description"),
+            defaultMessage: "We'll send a 6-digit verification code to {email}. Enter it to disable Email OTP."
+          },
+          { email: /* @__PURE__ */ jsx("strong", { children: email }) }
+        ) }),
+        error ? /* @__PURE__ */ jsx(Typography, { role: "alert", textColor: "danger600", textAlign: "center", children: error }) : null
+      ] }) }),
+      /* @__PURE__ */ jsxs(Modal.Footer, { children: [
+        /* @__PURE__ */ jsx(Modal.Close, { children: /* @__PURE__ */ jsx(Button, { variant: "tertiary", children: formatMessage({ id: "app.components.Button.cancel", defaultMessage: "Cancel" }) }) }),
+        /* @__PURE__ */ jsx(Button, { onClick: handleSend, loading, children: formatMessage({
+          id: getTranslation("email_otp.send_code"),
+          defaultMessage: "Send verification email"
+        }) })
+      ] })
+    ] }) : /* @__PURE__ */ jsxs("form", { onSubmit: handleConfirm, children: [
+      /* @__PURE__ */ jsx(Modal.Body, { children: /* @__PURE__ */ jsxs(Flex, { direction: "column", alignItems: "center", gap: 4, marginTop: 4, marginBottom: 4, children: [
+        /* @__PURE__ */ jsx(Typography, { textAlign: "center", children: formatMessage(
+          {
+            id: getTranslation("email_otp.confirm_description"),
+            defaultMessage: "Enter the 6-digit code sent to {email}."
+          },
+          { email: /* @__PURE__ */ jsx("strong", { children: email }) }
+        ) }),
+        /* @__PURE__ */ jsxs(InputOTP, { maxLength: 6, name: "otp", id: "otp", autoFocus: true, children: [
+          /* @__PURE__ */ jsxs(InputOTPGroup, { children: [
+            /* @__PURE__ */ jsx(InputOTPSlot, { index: 0 }),
+            /* @__PURE__ */ jsx(InputOTPSlot, { index: 1 }),
+            /* @__PURE__ */ jsx(InputOTPSlot, { index: 2 })
+          ] }),
+          /* @__PURE__ */ jsx(InputOTPSeparator, {}),
+          /* @__PURE__ */ jsxs(InputOTPGroup, { children: [
+            /* @__PURE__ */ jsx(InputOTPSlot, { index: 3 }),
+            /* @__PURE__ */ jsx(InputOTPSlot, { index: 4 }),
+            /* @__PURE__ */ jsx(InputOTPSlot, { index: 5 })
+          ] })
+        ] }),
+        error ? /* @__PURE__ */ jsx(Typography, { role: "alert", textColor: "danger600", textAlign: "center", children: error }) : null,
+        /* @__PURE__ */ jsx(Button, { variant: "ghost", type: "button", onClick: () => handleSend(), children: formatMessage({
+          id: getTranslation("email_otp.resend_code"),
+          defaultMessage: "Resend code"
+        }) })
+      ] }) }),
+      /* @__PURE__ */ jsxs(Modal.Footer, { children: [
+        /* @__PURE__ */ jsx(Modal.Close, { children: /* @__PURE__ */ jsx(Button, { variant: "tertiary", children: formatMessage({
+          id: "app.components.Button.cancel",
+          defaultMessage: "Cancel"
+        }) }) }),
+        /* @__PURE__ */ jsx(Button, { type: "submit", loading, children: formatMessage({
+          id: "app.components.Button.confirm",
+          defaultMessage: "Confirm"
+        }) })
+      ] })
+    ] })
+  ] }) });
+}
 const ProfileToggle = () => {
   const { formatMessage } = useIntl();
   const [enabled, setEnabled] = useState(null);
+  const [mfaType, setMfaType] = useState(null);
   const [mfaEnabled, setMfaEnabled] = useState(false);
+  const [emailConfigured, setEmailConfigured] = useState(false);
+  const [userEmail, setUserEmail] = useState("");
   const [disableDialogOpen, setDisableDialogOpen] = useState(false);
+  const [emailSetupOpen, setEmailSetupOpen] = useState(false);
+  const [emailDisableOpen, setEmailDisableOpen] = useState(false);
   const [modalOpen, setModalOpen] = useState(false);
   const [uri, setUri] = useState(null);
   const [secret, setSecret] = useState(null);
@@ -136,6 +280,9 @@ const ProfileToggle = () => {
       setDisableDialogOpen(true);
       return;
     }
+    if (enable && enabled === "full" && mfaType === "email") {
+      return;
+    }
     try {
       const response = await fetch("/strapi-identity/enable", {
         method: "POST",
@@ -154,11 +301,25 @@ const ProfileToggle = () => {
       setUri(data?.uri || null);
       setSecret(data?.secret || null);
       setEnabled(enable ? "temp" : null);
+      if (enable) setMfaType("totp");
     } catch (error) {
       console.error(error);
       setEnabled(null);
     }
   };
+  const handleEmailToggle = ({ target }) => {
+    const enable = target?.checked || false;
+    if (!enable && enabled === "full" && mfaType === "email") {
+      setEmailDisableOpen(true);
+      return;
+    }
+    if (enable && enabled === "full") {
+      return;
+    }
+    if (enable) {
+      setEmailSetupOpen(true);
+    }
+  };
   const handleConfirm = async (e) => {
     e.preventDefault();
     const form = e.target;
@@ -183,6 +344,7 @@ const ProfileToggle = () => {
       setUri(null);
       setSecret(null);
       setEnabled("full");
+      setMfaType("totp");
     } catch (error) {
       console.error(error);
     }
@@ -214,6 +376,7 @@ const ProfileToggle = () => {
       setUri(null);
       setSecret(null);
       setEnabled(null);
+      setMfaType(null);
     } catch (error) {
       console.error(error);
     }
@@ -223,7 +386,7 @@ const ProfileToggle = () => {
     (async () => {
       const token = getToken();
       try {
-        const [status, enabled2] = await Promise.all([
+        const [statusRes, enabledRes, meRes] = await Promise.all([
           fetch("/strapi-identity/status", {
             method: "GET",
             headers: { "Content-Type": "application/json", authorization: `Bearer ${token}` },
@@ -233,18 +396,37 @@ const ProfileToggle = () => {
             method: "GET",
             headers: { "Content-Type": "application/json", authorization: `Bearer ${token}` },
             signal: ac.signal
+          }),
+          fetch("/admin/users/me", {
+            method: "GET",
+            headers: { "Content-Type": "application/json", authorization: `Bearer ${token}` },
+            signal: ac.signal
           })
         ]);
-        const statusBody = await status.json();
-        const enabledBody = await enabled2.json();
-        if (!status.ok) {
-          throw new Error(`${status.status} - ${statusBody.error || "Failed to set up MFA"}`);
+        const statusBody = await statusRes.json();
+        const enabledBody = await enabledRes.json();
+        if (!statusRes.ok) {
+          throw new Error(`${statusRes.status} - ${statusBody.error || "Failed to get MFA status"}`);
         }
-        if (!enabled2.ok) {
-          throw new Error(`${enabled2.status} - ${enabledBody.error || "Failed to get MFA config"}`);
+        if (!enabledRes.ok) {
+          throw new Error(`${enabledRes.status} - ${enabledBody.error || "Failed to get MFA config"}`);
         }
         setMfaEnabled(enabledBody.data);
         setEnabled(statusBody.data?.status || null);
+        setMfaType(statusBody.data?.type || null);
+        if (meRes.ok) {
+          const meBody = await meRes.json();
+          setUserEmail(meBody.data?.email || "");
+          const configRes = await fetch("/strapi-identity/config", {
+            method: "GET",
+            headers: { "Content-Type": "application/json", authorization: `Bearer ${token}` },
+            signal: ac.signal
+          });
+          if (configRes.ok) {
+            const configBody = await configRes.json();
+            setEmailConfigured(!!configBody.data?.email_enabled);
+          }
+        }
       } catch (error) {
         if (error.name === "AbortError") return;
         console.error("Failed to fetch MFA status:", error);
@@ -253,6 +435,10 @@ const ProfileToggle = () => {
     return () => ac.abort();
   }, []);
   if (!mfaEnabled) return null;
+  const totpChecked = enabled !== null && mfaType === "totp";
+  const emailChecked = enabled !== null && mfaType === "email";
+  const totpDisabled = enabled !== null && mfaType === "email";
+  const emailDisabled = enabled !== null && mfaType === "totp";
   return /* @__PURE__ */ jsxs(Fragment, { children: [
     /* @__PURE__ */ jsx(
       Box,
@@ -275,36 +461,78 @@ const ProfileToggle = () => {
               defaultMessage: "Add an additional layer of security to your account."
             }) })
           ] }),
-          /* @__PURE__ */ jsx(Grid.Root, { tag: "div", gap: 5, children: /* @__PURE__ */ jsx(Grid.Item, { col: 6, s: 12, alignItems: "stretch", children: /* @__PURE__ */ jsxs(
-            Field.Root,
-            {
-              width: "100%",
-              name: "two-factor-authentication",
-              id: "two-factor-authentication",
-              children: [
-                /* @__PURE__ */ jsx(Field.Label, { children: formatMessage({
-                  id: getTranslation("profile.toggle_label"),
-                  defaultMessage: "Enable Two-Factor Authentication"
-                }) }),
-                /* @__PURE__ */ jsx(
-                  Toggle,
-                  {
-                    offLabel: formatMessage({
-                      id: "app.components.ToggleCheckbox.off-label",
-                      defaultMessage: "False"
-                    }),
-                    onLabel: formatMessage({
-                      id: "app.components.ToggleCheckbox.on-label",
-                      defaultMessage: "True"
-                    }),
-                    checked: enabled !== null,
-                    onChange: handleToggle
-                  }
-                ),
-                /* @__PURE__ */ jsx(Field.Hint, {})
-              ]
-            }
-          ) }) })
+          /* @__PURE__ */ jsxs(Grid.Root, { tag: "div", gap: 5, children: [
+            /* @__PURE__ */ jsx(Grid.Item, { col: 6, s: 12, alignItems: "stretch", children: /* @__PURE__ */ jsxs(
+              Field.Root,
+              {
+                width: "100%",
+                name: "two-factor-authentication",
+                id: "two-factor-authentication",
+                hint: totpDisabled ? formatMessage({
+                  id: getTranslation("profile.totp_disabled_hint"),
+                  defaultMessage: "Disable Email OTP first to enable the authenticator app."
+                }) : void 0,
+                children: [
+                  /* @__PURE__ */ jsx(Field.Label, { children: formatMessage({
+                    id: getTranslation("profile.toggle_label"),
+                    defaultMessage: "Enable Two-Factor Authentication"
+                  }) }),
+                  /* @__PURE__ */ jsx(
+                    Toggle,
+                    {
+                      offLabel: formatMessage({
+                        id: "app.components.ToggleCheckbox.off-label",
+                        defaultMessage: "False"
+                      }),
+                      onLabel: formatMessage({
+                        id: "app.components.ToggleCheckbox.on-label",
+                        defaultMessage: "True"
+                      }),
+                      checked: totpChecked,
+                      onChange: handleToggle,
+                      disabled: totpDisabled
+                    }
+                  ),
+                  /* @__PURE__ */ jsx(Field.Hint, {})
+                ]
+              }
+            ) }),
+            emailConfigured && /* @__PURE__ */ jsx(Grid.Item, { col: 6, s: 12, alignItems: "stretch", children: /* @__PURE__ */ jsxs(
+              Field.Root,
+              {
+                width: "100%",
+                name: "email-otp",
+                id: "email-otp",
+                hint: emailDisabled ? formatMessage({
+                  id: getTranslation("profile.email_otp_disabled_hint"),
+                  defaultMessage: "Disable the authenticator app first to enable Email OTP."
+                }) : void 0,
+                children: [
+                  /* @__PURE__ */ jsx(Field.Label, { children: formatMessage({
+                    id: getTranslation("profile.email_otp_label"),
+                    defaultMessage: "Enable Email OTP"
+                  }) }),
+                  /* @__PURE__ */ jsx(
+                    Toggle,
+                    {
+                      offLabel: formatMessage({
+                        id: "app.components.ToggleCheckbox.off-label",
+                        defaultMessage: "False"
+                      }),
+                      onLabel: formatMessage({
+                        id: "app.components.ToggleCheckbox.on-label",
+                        defaultMessage: "True"
+                      }),
+                      checked: emailChecked,
+                      onChange: handleEmailToggle,
+                      disabled: emailDisabled
+                    }
+                  ),
+                  /* @__PURE__ */ jsx(Field.Hint, {})
+                ]
+              }
+            ) })
+          ] })
         ] })
       }
     ),
@@ -326,6 +554,38 @@ const ProfileToggle = () => {
         onOpenChange: setDisableDialogOpen,
         onSubmit: handleDisable
       }
+    ),
+    /* @__PURE__ */ jsx(
+      EmailOTPModal,
+      {
+        mode: "setup",
+        open: emailSetupOpen,
+        email: userEmail,
+        onOpenChange: (open) => {
+          if (!open) setEmailSetupOpen(false);
+        },
+        onSuccess: () => {
+          setEnabled("full");
+          setMfaType("email");
+          setEmailSetupOpen(false);
+        }
+      }
+    ),
+    /* @__PURE__ */ jsx(
+      EmailOTPModal,
+      {
+        mode: "disable",
+        open: emailDisableOpen,
+        email: userEmail,
+        onOpenChange: (open) => {
+          if (!open) setEmailDisableOpen(false);
+        },
+        onSuccess: () => {
+          setEnabled(null);
+          setMfaType(null);
+          setEmailDisableOpen(false);
+        }
+      }
     )
   ] });
 };