feat(core): Invalidate all sessions when MFA is enabled/disabled (#15524)

packages/@n8n/db/src/entities/auth-user.ts

@@ -1,12 +0,0 @@
-import { Column, Entity } from '@n8n/typeorm';
-
-import { User } from './user';
-
-@Entity({ name: 'user' })
-export class AuthUser extends User {
-	@Column({ type: String, nullable: true })
-	mfaSecret?: string | null;
-
-	@Column({ type: 'simple-array', default: '' })
-	mfaRecoveryCodes: string[];
-}

packages/@n8n/db/src/entities/index.ts

@@ -3,7 +3,6 @@ import { AnnotationTagMapping } from './annotation-tag-mapping.ee';
 import { ApiKey } from './api-key';
 import { AuthIdentity } from './auth-identity';
 import { AuthProviderSyncHistory } from './auth-provider-sync-history';
-import { AuthUser } from './auth-user';
 import { CredentialsEntity } from './credentials-entity';
 import { EventDestinations } from './event-destinations';
 import { ExecutionAnnotation } from './execution-annotation.ee';
@@ -58,7 +57,6 @@ export {
 	WorkflowTagMapping,
 	FolderTagMapping,
 	AuthProviderSyncHistory,
-	AuthUser,
 	WorkflowHistory,
 	ExecutionData,
 	ExecutionMetadata,
@@ -96,7 +94,6 @@ export const entities = {
 	WorkflowTagMapping,
 	FolderTagMapping,
 	AuthProviderSyncHistory,
-	AuthUser,
 	WorkflowHistory,
 	ExecutionData,
 	ExecutionMetadata,

packages/@n8n/db/src/entities/user.ts

@@ -96,6 +96,12 @@ export class User extends WithTimestamps implements IUser, AuthPrincipal {
 	@Column({ type: Boolean, default: false })
 	mfaEnabled: boolean;
 
+	@Column({ type: String, nullable: true })
+	mfaSecret?: string | null;
+
+	@Column({ type: 'simple-array', default: '' })
+	mfaRecoveryCodes: string[];
+
 	/**
 	 * Whether the user is pending setup completion.
 	 */
@@ -108,7 +114,7 @@ export class User extends WithTimestamps implements IUser, AuthPrincipal {
 	}
 
 	toJSON() {
-		const { password, ...rest } = this;
+		const { password, mfaSecret, mfaRecoveryCodes, ...rest } = this;
 		return rest;
 	}
 

packages/@n8n/db/src/repositories/auth-user.repository.ts

@@ -1,11 +0,0 @@
-import { Service } from '@n8n/di';
-import { DataSource, Repository } from '@n8n/typeorm';
-
-import { AuthUser } from '../entities';
-
-@Service()
-export class AuthUserRepository extends Repository<AuthUser> {
-	constructor(dataSource: DataSource) {
-		super(AuthUser, dataSource.manager);
-	}
-}

packages/@n8n/db/src/repositories/index.ts

@@ -3,7 +3,6 @@ export { AnnotationTagRepository } from './annotation-tag.repository.ee';
 export { ApiKeyRepository } from './api-key.repository';
 export { AuthIdentityRepository } from './auth-identity.repository';
 export { AuthProviderSyncHistoryRepository } from './auth-provider-sync-history.repository';
-export { AuthUserRepository } from './auth-user.repository';
 export { CredentialsRepository } from './credentials.repository';
 export { ExecutionAnnotationRepository } from './execution-annotation.repository';
 export { ExecutionDataRepository } from './execution-data.repository';