v1.7.0-rc.3

Allow users to add 1 or more fields to a document via the /document/<id>/fields API Endpoint.

apps/marketing/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@documenso/marketing",
-  "version": "1.7.0-rc.0",
+  "version": "1.7.0-rc.3",
   "private": true,
   "license": "AGPL-3.0",
   "scripts": {

apps/web/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@documenso/web",
-  "version": "1.7.0-rc.0",
+  "version": "1.7.0-rc.3",
   "private": true,
   "license": "AGPL-3.0",
   "scripts": {

apps/web/src/app/(dashboard)/settings/tokens/page.tsx

@@ -65,17 +65,13 @@ export default async function ApiTokensPage() {
                   <h5 className="text-base">{token.name}</h5>
 
                   <p className="text-muted-foreground mt-2 text-xs">
-                    <Trans>
-                      Created on{' '}
-                      <LocaleDate date={token.createdAt} format={DateTime.DATETIME_FULL} />
-                    </Trans>
+                    <Trans>Created on</Trans>{' '}
+                    <LocaleDate date={token.createdAt} format={DateTime.DATETIME_FULL} />
                   </p>
                   {token.expires ? (
                     <p className="text-muted-foreground mt-1 text-xs">
-                      <Trans>
-                        Expires on{' '}
-                        <LocaleDate date={token.expires} format={DateTime.DATETIME_FULL} />
-                      </Trans>
+                      <Trans>Expires on</Trans>{' '}
+                      <LocaleDate date={token.expires} format={DateTime.DATETIME_FULL} />
                     </p>
                   ) : (
                     <p className="text-muted-foreground mt-1 text-xs">

apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx

@@ -98,17 +98,13 @@ export default async function ApiTokensPage({ params }: ApiTokensPageProps) {
                   <h5 className="text-base">{token.name}</h5>
 
                   <p className="text-muted-foreground mt-2 text-xs">
-                    <Trans>
-                      Created on{' '}
-                      <LocaleDate date={token.createdAt} format={DateTime.DATETIME_FULL} />
-                    </Trans>
+                    <Trans>Created on</Trans>{' '}
+                    <LocaleDate date={token.createdAt} format={DateTime.DATETIME_FULL} />
                   </p>
                   {token.expires ? (
                     <p className="text-muted-foreground mt-1 text-xs">
-                      <Trans>
-                        Expires on{' '}
-                        <LocaleDate date={token.expires} format={DateTime.DATETIME_FULL} />
-                      </Trans>
+                      <Trans>Expires on</Trans>{' '}
+                      <LocaleDate date={token.expires} format={DateTime.DATETIME_FULL} />
                     </p>
                   ) : (
                     <p className="text-muted-foreground mt-1 text-xs">

apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx

@@ -15,7 +15,6 @@ import { trpc } from '@documenso/trpc/react';
 import { Button } from '@documenso/ui/primitives/button';
 import {
   Dialog,
-  DialogClose,
   DialogContent,
   DialogDescription,
   DialogFooter,
@@ -28,13 +27,16 @@ import {
   FormControl,
   FormField,
   FormItem,
+  FormLabel,
   FormMessage,
 } from '@documenso/ui/primitives/form/form';
+import { Input } from '@documenso/ui/primitives/input';
 import { PinInput, PinInputGroup, PinInputSlot } from '@documenso/ui/primitives/pin-input';
 import { useToast } from '@documenso/ui/primitives/use-toast';
 
 export const ZDisable2FAForm = z.object({
-  token: z.string(),
+  totpCode: z.string().trim().optional(),
+  backupCode: z.string().trim().optional(),
 });
 
 export type TDisable2FAForm = z.infer<typeof ZDisable2FAForm>;
@@ -46,21 +48,43 @@ export const DisableAuthenticatorAppDialog = () => {
   const { toast } = useToast();
 
   const [isOpen, setIsOpen] = useState(false);
+  const [twoFactorDisableMethod, setTwoFactorDisableMethod] = useState<'totp' | 'backup'>('totp');
 
   const { mutateAsync: disable2FA } = trpc.twoFactorAuthentication.disable.useMutation();
 
   const disable2FAForm = useForm<TDisable2FAForm>({
     defaultValues: {
-      token: '',
+      totpCode: '',
+      backupCode: '',
     },
     resolver: zodResolver(ZDisable2FAForm),
   });
 
+  const onCloseTwoFactorDisableDialog = () => {
+    disable2FAForm.reset();
+
+    setIsOpen(!isOpen);
+  };
+
+  const onToggleTwoFactorDisableMethodClick = () => {
+    const method = twoFactorDisableMethod === 'totp' ? 'backup' : 'totp';
+
+    if (method === 'totp') {
+      disable2FAForm.setValue('backupCode', '');
+    }
+
+    if (method === 'backup') {
+      disable2FAForm.setValue('totpCode', '');
+    }
+
+    setTwoFactorDisableMethod(method);
+  };
+
   const { isSubmitting: isDisable2FASubmitting } = disable2FAForm.formState;
 
-  const onDisable2FAFormSubmit = async ({ token }: TDisable2FAForm) => {
+  const onDisable2FAFormSubmit = async ({ totpCode, backupCode }: TDisable2FAForm) => {
     try {
-      await disable2FA({ token });
+      await disable2FA({ totpCode, backupCode });
 
       toast({
         title: _(msg`Two-factor authentication disabled`),
@@ -70,7 +94,7 @@ export const DisableAuthenticatorAppDialog = () => {
       });
 
       flushSync(() => {
-        setIsOpen(false);
+        onCloseTwoFactorDisableDialog();
       });
 
       router.refresh();
@@ -86,7 +110,7 @@ export const DisableAuthenticatorAppDialog = () => {
   };
 
   return (
-    <Dialog open={isOpen} onOpenChange={setIsOpen}>
+    <Dialog open={isOpen} onOpenChange={onCloseTwoFactorDisableDialog}>
       <DialogTrigger asChild={true}>
         <Button className="flex-shrink-0" variant="destructive">
           <Trans>Disable 2FA</Trans>
@@ -110,33 +134,59 @@ export const DisableAuthenticatorAppDialog = () => {
         <Form {...disable2FAForm}>
           <form onSubmit={disable2FAForm.handleSubmit(onDisable2FAFormSubmit)}>
             <fieldset className="flex flex-col gap-y-4" disabled={isDisable2FASubmitting}>
-              <FormField
-                name="token"
-                control={disable2FAForm.control}
-                render={({ field }) => (
-                  <FormItem>
-                    <FormControl>
-                      <PinInput {...field} value={field.value ?? ''} maxLength={6}>
-                        {Array(6)
-                          .fill(null)
-                          .map((_, i) => (
-                            <PinInputGroup key={i}>
-                              <PinInputSlot index={i} />
-                            </PinInputGroup>
-                          ))}
-                      </PinInput>
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
+              {twoFactorDisableMethod === 'totp' && (
+                <FormField
+                  name="totpCode"
+                  control={disable2FAForm.control}
+                  render={({ field }) => (
+                    <FormItem>
+                      <FormControl>
+                        <PinInput {...field} value={field.value ?? ''} maxLength={6}>
+                          {Array(6)
+                            .fill(null)
+                            .map((_, i) => (
+                              <PinInputGroup key={i}>
+                                <PinInputSlot index={i} />
+                              </PinInputGroup>
+                            ))}
+                        </PinInput>
+                      </FormControl>
+                      <FormMessage />
+                    </FormItem>
+                  )}
+                />
+              )}
+
+              {twoFactorDisableMethod === 'backup' && (
+                <FormField
+                  control={disable2FAForm.control}
+                  name="backupCode"
+                  render={({ field }) => (
+                    <FormItem>
+                      <FormLabel>
+                        <Trans>Backup Code</Trans>
+                      </FormLabel>
+                      <FormControl>
+                        <Input type="text" {...field} />
+                      </FormControl>
+                      <FormMessage />
+                    </FormItem>
+                  )}
+                />
+              )}
 
               <DialogFooter>
-                <DialogClose asChild>
-                  <Button type="button" variant="secondary">
-                    <Trans>Cancel</Trans>
-                  </Button>
-                </DialogClose>
+                <Button
+                  type="button"
+                  variant="secondary"
+                  onClick={onToggleTwoFactorDisableMethodClick}
+                >
+                  {twoFactorDisableMethod === 'totp' ? (
+                    <Trans>Use Backup Code</Trans>
+                  ) : (
+                    <Trans>Use Authenticator</Trans>
+                  )}
+                </Button>
 
                 <Button type="submit" variant="destructive" loading={isDisable2FASubmitting}>
                   <Trans>Disable 2FA</Trans>

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "@documenso/root",
-  "version": "1.7.0-rc.0",
+  "version": "1.7.0-rc.3",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@documenso/root",
-      "version": "1.7.0-rc.0",
+      "version": "1.7.0-rc.3",
       "workspaces": [
         "apps/*",
         "packages/*"
@@ -81,7 +81,7 @@
     },
     "apps/marketing": {
       "name": "@documenso/marketing",
-      "version": "1.7.0-rc.0",
+      "version": "1.7.0-rc.3",
       "license": "AGPL-3.0",
       "dependencies": {
         "@documenso/assets": "*",
@@ -424,7 +424,7 @@
     },
     "apps/web": {
       "name": "@documenso/web",
-      "version": "1.7.0-rc.0",
+      "version": "1.7.0-rc.3",
       "license": "AGPL-3.0",
       "dependencies": {
         "@documenso/api": "*",

package.json

@@ -1,6 +1,6 @@
 {
   "private": true,
-  "version": "1.7.0-rc.0",
+  "version": "1.7.0-rc.3",
   "scripts": {
     "build": "turbo run build",
     "build:web": "turbo run build --filter=@documenso/web",

packages/api/v1/contract.ts

@@ -21,6 +21,7 @@ import {
   ZSendDocumentForSigningMutationSchema,
   ZSuccessfulDeleteTemplateResponseSchema,
   ZSuccessfulDocumentResponseSchema,
+  ZSuccessfulFieldCreationResponseSchema,
   ZSuccessfulFieldResponseSchema,
   ZSuccessfulGetDocumentResponseSchema,
   ZSuccessfulGetTemplateResponseSchema,
@@ -236,7 +237,7 @@ export const ApiContractV1 = c.router(
       path: '/api/v1/documents/:id/fields',
       body: ZCreateFieldMutationSchema,
       responses: {
-        200: ZSuccessfulFieldResponseSchema,
+        200: ZSuccessfulFieldCreationResponseSchema,
         400: ZUnsuccessfulResponseSchema,
         401: ZUnsuccessfulResponseSchema,
         404: ZUnsuccessfulResponseSchema,

packages/api/v1/implementation.ts

@@ -1,4 +1,5 @@
 import { createNextRoute } from '@ts-rest/next';
+import { match } from 'ts-pattern';
 
 import { getServerLimits } from '@documenso/ee/server-only/limits/server';
 import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
@@ -15,7 +16,6 @@ import { getDocumentById } from '@documenso/lib/server-only/document/get-documen
 import { resendDocument } from '@documenso/lib/server-only/document/resend-document';
 import { sendDocument } from '@documenso/lib/server-only/document/send-document';
 import { updateDocument } from '@documenso/lib/server-only/document/update-document';
-import { createField } from '@documenso/lib/server-only/field/create-field';
 import { deleteField } from '@documenso/lib/server-only/field/delete-field';
 import { getFieldById } from '@documenso/lib/server-only/field/get-field-by-id';
 import { updateField } from '@documenso/lib/server-only/field/update-field';
@@ -32,6 +32,13 @@ import { deleteTemplate } from '@documenso/lib/server-only/template/delete-templ
 import { findTemplates } from '@documenso/lib/server-only/template/find-templates';
 import { getTemplateById } from '@documenso/lib/server-only/template/get-template-by-id';
 import { ZFieldMetaSchema } from '@documenso/lib/types/field-meta';
+import {
+  ZCheckboxFieldMeta,
+  ZDropdownFieldMeta,
+  ZNumberFieldMeta,
+  ZRadioFieldMeta,
+  ZTextFieldMeta,
+} from '@documenso/lib/types/field-meta';
 import { extractNextApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
 import { getFile } from '@documenso/lib/universal/upload/get-file';
 import { putPdfFile } from '@documenso/lib/universal/upload/put-file';
@@ -39,6 +46,8 @@ import {
   getPresignGetUrl,
   getPresignPostUrl,
 } from '@documenso/lib/universal/upload/server-actions';
+import { createDocumentAuditLogData } from '@documenso/lib/utils/document-audit-logs';
+import { prisma } from '@documenso/prisma';
 import { DocumentDataType, DocumentStatus, SigningStatus } from '@documenso/prisma/client';
 
 import { ApiContractV1 } from './contract';
@@ -870,100 +879,167 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
 
   createField: authenticatedMiddleware(async (args, user, team) => {
     const { id: documentId } = args.params;
-    const { recipientId, type, pageNumber, pageWidth, pageHeight, pageX, pageY, fieldMeta } =
-      args.body;
+    const fields = Array.isArray(args.body) ? args.body : [args.body];
 
-    if (pageNumber <= 0) {
-      return {
-        status: 400,
-        body: {
-          message: 'Invalid page number',
-        },
-      };
-    }
-
-    const document = await getDocumentById({
-      id: Number(documentId),
-      userId: user.id,
-      teamId: team?.id,
+    const document = await prisma.document.findFirst({
+      select: { id: true, status: true },
+      where: {
+        id: Number(documentId),
+        ...(team?.id
+          ? {
+              team: {
+                id: team.id,
+                members: { some: { userId: user.id } },
+              },
+            }
+          : {
+              userId: user.id,
+              teamId: null,
+            }),
+      },
     });
 
     if (!document) {
       return {
         status: 404,
-        body: {
-          message: 'Document not found',
-        },
+        body: { message: 'Document not found' },
       };
     }
 
     if (document.status === DocumentStatus.COMPLETED) {
       return {
         status: 400,
-        body: {
-          message: 'Document is already completed',
-        },
-      };
-    }
-
-    const recipient = await getRecipientById({
-      id: Number(recipientId),
-      documentId: Number(documentId),
-    }).catch(() => null);
-
-    if (!recipient) {
-      return {
-        status: 404,
-        body: {
-          message: 'Recipient not found',
-        },
-      };
-    }
-
-    if (recipient.signingStatus === SigningStatus.SIGNED) {
-      return {
-        status: 400,
-        body: {
-          message: 'Recipient has already signed the document',
-        },
+        body: { message: 'Document is already completed' },
       };
     }
 
     try {
-      const field = await createField({
-        documentId: Number(documentId),
-        recipientId: Number(recipientId),
-        userId: user.id,
-        teamId: team?.id,
-        type,
-        pageNumber,
-        pageX,
-        pageY,
-        pageWidth,
-        pageHeight,
-        fieldMeta,
-        requestMetadata: extractNextApiRequestMetadata(args.req),
-      });
+      const createdFields = await prisma.$transaction(async (tx) => {
+        return Promise.all(
+          fields.map(async (fieldData) => {
+            const {
+              recipientId,
+              type,
+              pageNumber,
+              pageWidth,
+              pageHeight,
+              pageX,
+              pageY,
+              fieldMeta,
+            } = fieldData;
 
-      const remappedField = {
-        id: field.id,
-        documentId: field.documentId,
-        recipientId: field.recipientId ?? -1,
-        type: field.type,
-        pageNumber: field.page,
-        pageX: Number(field.positionX),
-        pageY: Number(field.positionY),
-        pageWidth: Number(field.width),
-        pageHeight: Number(field.height),
-        customText: field.customText,
-        fieldMeta: ZFieldMetaSchema.parse(field.fieldMeta),
-        inserted: field.inserted,
-      };
+            if (pageNumber <= 0) {
+              throw new Error('Invalid page number');
+            }
+
+            const recipient = await getRecipientById({
+              id: Number(recipientId),
+              documentId: Number(documentId),
+            }).catch(() => null);
+
+            if (!recipient) {
+              throw new Error('Recipient not found');
+            }
+
+            if (recipient.signingStatus === SigningStatus.SIGNED) {
+              throw new Error('Recipient has already signed the document');
+            }
+
+            const advancedField = ['NUMBER', 'RADIO', 'CHECKBOX', 'DROPDOWN', 'TEXT'].includes(
+              type,
+            );
+
+            if (advancedField && !fieldMeta) {
+              throw new Error(
+                'Field meta is required for this type of field. Please provide the appropriate field meta object.',
+              );
+            }
+
+            if (fieldMeta && fieldMeta.type.toLowerCase() !== String(type).toLowerCase()) {
+              throw new Error('Field meta type does not match the field type');
+            }
+
+            const result = match(type)
+              .with('RADIO', () => ZRadioFieldMeta.safeParse(fieldMeta))
+              .with('CHECKBOX', () => ZCheckboxFieldMeta.safeParse(fieldMeta))
+              .with('DROPDOWN', () => ZDropdownFieldMeta.safeParse(fieldMeta))
+              .with('NUMBER', () => ZNumberFieldMeta.safeParse(fieldMeta))
+              .with('TEXT', () => ZTextFieldMeta.safeParse(fieldMeta))
+              .with('SIGNATURE', 'INITIALS', 'DATE', 'EMAIL', 'NAME', () => ({
+                success: true,
+                data: {},
+              }))
+              .with('FREE_SIGNATURE', () => ({
+                success: false,
+                error: 'FREE_SIGNATURE is not supported',
+                data: {},
+              }))
+              .exhaustive();
+
+            if (!result.success) {
+              throw new Error('Field meta parsing failed');
+            }
+
+            const field = await tx.field.create({
+              data: {
+                documentId: Number(documentId),
+                recipientId: Number(recipientId),
+                type,
+                page: pageNumber,
+                positionX: pageX,
+                positionY: pageY,
+                width: pageWidth,
+                height: pageHeight,
+                customText: '',
+                inserted: false,
+                fieldMeta: result.data,
+              },
+              include: {
+                Recipient: true,
+              },
+            });
+
+            await tx.documentAuditLog.create({
+              data: createDocumentAuditLogData({
+                type: 'FIELD_CREATED',
+                documentId: Number(documentId),
+                user: {
+                  id: team?.id ?? user.id,
+                  email: team?.name ?? user.email,
+                  name: team ? '' : user.name,
+                },
+                data: {
+                  fieldId: field.secondaryId,
+                  fieldRecipientEmail: field.Recipient?.email ?? '',
+                  fieldRecipientId: recipientId,
+                  fieldType: field.type,
+                },
+                requestMetadata: extractNextApiRequestMetadata(args.req),
+              }),
+            });
+
+            return {
+              id: field.id,
+              documentId: Number(field.documentId),
+              recipientId: field.recipientId ?? -1,
+              type: field.type,
+              pageNumber: field.page,
+              pageX: Number(field.positionX),
+              pageY: Number(field.positionY),
+              pageWidth: Number(field.width),
+              pageHeight: Number(field.height),
+              customText: field.customText,
+              fieldMeta: ZFieldMetaSchema.parse(field.fieldMeta),
+              inserted: field.inserted,
+            };
+          }),
+        );
+      });
 
       return {
         status: 200,
         body: {
-          ...remappedField,
+          fields: createdFields,
           documentId: Number(documentId),
         },
       };

packages/api/v1/schema.ts

@@ -293,7 +293,7 @@ export type TSuccessfulRecipientResponseSchema = z.infer<typeof ZSuccessfulRecip
 /**
  * Fields
  */
-export const ZCreateFieldMutationSchema = z.object({
+const ZCreateFieldSchema = z.object({
   recipientId: z.number(),
   type: z.nativeEnum(FieldType),
   pageNumber: z.number(),
@@ -301,12 +301,17 @@ export const ZCreateFieldMutationSchema = z.object({
   pageY: z.number(),
   pageWidth: z.number(),
   pageHeight: z.number(),
-  fieldMeta: ZFieldMetaSchema,
+  fieldMeta: ZFieldMetaSchema.openapi({}),
 });
 
+export const ZCreateFieldMutationSchema = z.union([
+  ZCreateFieldSchema,
+  z.array(ZCreateFieldSchema).min(1),
+]);
+
 export type TCreateFieldMutationSchema = z.infer<typeof ZCreateFieldMutationSchema>;
 
-export const ZUpdateFieldMutationSchema = ZCreateFieldMutationSchema.partial();
+export const ZUpdateFieldMutationSchema = ZCreateFieldSchema.partial();
 
 export type TUpdateFieldMutationSchema = z.infer<typeof ZUpdateFieldMutationSchema>;
 
@@ -314,6 +319,26 @@ export const ZDeleteFieldMutationSchema = null;
 
 export type TDeleteFieldMutationSchema = typeof ZDeleteFieldMutationSchema;
 
+const ZSuccessfulFieldSchema = z.object({
+  id: z.number(),
+  documentId: z.number(),
+  recipientId: z.number(),
+  type: z.nativeEnum(FieldType),
+  pageNumber: z.number(),
+  pageX: z.number(),
+  pageY: z.number(),
+  pageWidth: z.number(),
+  pageHeight: z.number(),
+  customText: z.string(),
+  fieldMeta: ZFieldMetaSchema,
+  inserted: z.boolean(),
+});
+
+export const ZSuccessfulFieldCreationResponseSchema = z.object({
+  fields: z.union([ZSuccessfulFieldSchema, z.array(ZSuccessfulFieldSchema)]),
+  documentId: z.number(),
+});
+
 export const ZSuccessfulFieldResponseSchema = z.object({
   id: z.number(),
   documentId: z.number(),

packages/lib/server-only/2fa/disable-2fa.ts

@@ -2,25 +2,33 @@ import { prisma } from '@documenso/prisma';
 import type { User } from '@documenso/prisma/client';
 import { UserSecurityAuditLogType } from '@documenso/prisma/client';
 
-import { AppError } from '../../errors/app-error';
+import { AppError, AppErrorCode } from '../../errors/app-error';
 import type { RequestMetadata } from '../../universal/extract-request-metadata';
 import { validateTwoFactorAuthentication } from './validate-2fa';
 
 type DisableTwoFactorAuthenticationOptions = {
   user: User;
-  token: string;
+  totpCode?: string;
+  backupCode?: string;
   requestMetadata?: RequestMetadata;
 };
 
 export const disableTwoFactorAuthentication = async ({
-  token,
+  totpCode,
+  backupCode,
   user,
   requestMetadata,
 }: DisableTwoFactorAuthenticationOptions) => {
-  let isValid = await validateTwoFactorAuthentication({ totpCode: token, user });
+  let isValid = false;
 
-  if (!isValid) {
-    isValid = await validateTwoFactorAuthentication({ backupCode: token, user });
+  if (!totpCode && !backupCode) {
+    throw new AppError(AppErrorCode.INVALID_REQUEST);
+  }
+
+  if (totpCode) {
+    isValid = await validateTwoFactorAuthentication({ totpCode, user });
+  } else if (backupCode) {
+    isValid = await validateTwoFactorAuthentication({ backupCode, user });
   }
 
   if (!isValid) {

packages/lib/server-only/field/create-field.ts

@@ -110,24 +110,21 @@ export const createField = async ({
   }
 
   const result = match(type)
-    .with('RADIO', () => {
-      return ZRadioFieldMeta.safeParse(fieldMeta);
-    })
-    .with('CHECKBOX', () => {
-      return ZCheckboxFieldMeta.safeParse(fieldMeta);
-    })
-    .with('DROPDOWN', () => {
-      return ZDropdownFieldMeta.safeParse(fieldMeta);
-    })
-    .with('NUMBER', () => {
-      return ZNumberFieldMeta.safeParse(fieldMeta);
-    })
-    .with('TEXT', () => {
-      return ZTextFieldMeta.safeParse(fieldMeta);
-    })
-    .otherwise(() => {
-      return { success: false, data: {} };
-    });
+    .with('RADIO', () => ZRadioFieldMeta.safeParse(fieldMeta))
+    .with('CHECKBOX', () => ZCheckboxFieldMeta.safeParse(fieldMeta))
+    .with('DROPDOWN', () => ZDropdownFieldMeta.safeParse(fieldMeta))
+    .with('NUMBER', () => ZNumberFieldMeta.safeParse(fieldMeta))
+    .with('TEXT', () => ZTextFieldMeta.safeParse(fieldMeta))
+    .with('SIGNATURE', 'INITIALS', 'DATE', 'EMAIL', 'NAME', () => ({
+      success: true,
+      data: {},
+    }))
+    .with('FREE_SIGNATURE', () => ({
+      success: false,
+      error: 'FREE_SIGNATURE is not supported',
+      data: {},
+    }))
+    .exhaustive();
 
   if (!result.success) {
     throw new Error('Field meta parsing failed');
@@ -145,7 +142,7 @@ export const createField = async ({
       height: pageHeight,
       customText: '',
       inserted: false,
-      fieldMeta: advancedField ? result.data : undefined,
+      fieldMeta: result.data,
     },
     include: {
       Recipient: true,

packages/lib/server-only/field/update-field.ts

@@ -37,6 +37,10 @@ export const updateField = async ({
   requestMetadata,
   fieldMeta,
 }: UpdateFieldOptions) => {
+  if (type === 'FREE_SIGNATURE') {
+    throw new Error('Cannot update a FREE_SIGNATURE field');
+  }
+
   const oldField = await prisma.field.findFirstOrThrow({
     where: {
       id: fieldId,

packages/lib/translations/de/web.po

@@ -607,6 +607,7 @@ msgstr ""
 msgid "Background Color"
 msgstr ""
 
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:167
 #: apps/web/src/components/forms/signin.tsx:451
 msgid "Backup Code"
 msgstr ""
@@ -684,7 +685,6 @@ msgstr ""
 #: apps/web/src/components/(teams)/dialogs/transfer-team-dialog.tsx:278
 #: apps/web/src/components/(teams)/dialogs/update-team-email-dialog.tsx:162
 #: apps/web/src/components/(teams)/dialogs/update-team-member-dialog.tsx:187
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:137
 #: apps/web/src/components/forms/2fa/enable-authenticator-app-dialog.tsx:257
 #: apps/web/src/components/forms/2fa/view-recovery-codes-dialog.tsx:163
 #: apps/web/src/components/templates/manage-public-template-dialog.tsx:452
@@ -973,13 +973,13 @@ msgid "Created by"
 msgstr ""
 
 #: apps/web/src/app/(dashboard)/admin/documents/[id]/page.tsx:49
+#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:68
+#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:101
 #: apps/web/src/components/(teams)/tables/pending-user-teams-data-table.tsx:80
 msgid "Created on"
 msgstr ""
 
-#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:68
 #: apps/web/src/app/(dashboard)/settings/webhooks/page.tsx:89
-#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:101
 #: apps/web/src/app/(teams)/t/[teamUrl]/settings/webhooks/page.tsx:94
 msgid "Created on <0/>"
 msgstr ""
@@ -1022,11 +1022,11 @@ msgstr ""
 #: apps/web/src/app/(dashboard)/documents/delete-document-dialog.tsx:200
 #: apps/web/src/app/(dashboard)/settings/security/passkeys/user-passkeys-data-table-actions.tsx:177
 #: apps/web/src/app/(dashboard)/settings/security/passkeys/user-passkeys-data-table-actions.tsx:211
-#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:90
+#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:86
 #: apps/web/src/app/(dashboard)/settings/webhooks/page.tsx:104
 #: apps/web/src/app/(dashboard)/templates/data-table-action-dropdown.tsx:91
 #: apps/web/src/app/(dashboard)/templates/delete-template-dialog.tsx:90
-#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:123
+#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:119
 #: apps/web/src/app/(teams)/t/[teamUrl]/settings/webhooks/page.tsx:109
 #: apps/web/src/components/(dashboard)/settings/token/delete-token-dialog.tsx:121
 #: apps/web/src/components/(dashboard)/settings/webhooks/delete-webhook-dialog.tsx:109
@@ -1143,9 +1143,9 @@ msgstr ""
 msgid "Disable"
 msgstr ""
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:92
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:99
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:142
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:116
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:123
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:192
 msgid "Disable 2FA"
 msgstr ""
 
@@ -1525,10 +1525,15 @@ msgstr ""
 msgid "Expired"
 msgstr ""
 
+#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:73
+#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:106
+msgid "Expires on"
+msgstr ""
+
 #: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:75
 #: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:108
-msgid "Expires on <0/>"
-msgstr ""
+#~ msgid "Expires on <0/>"
+#~ msgstr ""
 
 #: apps/web/src/app/(dashboard)/admin/documents/[id]/admin-actions.tsx:42
 msgid "Failed to reseal document"
@@ -2274,7 +2279,7 @@ msgstr ""
 msgid "Please note that you will lose access to all documents associated with this team & all the members will be removed and notified"
 msgstr ""
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:103
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:127
 msgid "Please provide a token from the authenticator, or a backup code. If you do not have a backup code available, please contact support."
 msgstr ""
 
@@ -3387,8 +3392,8 @@ msgstr ""
 msgid "Token deleted"
 msgstr ""
 
-#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:82
-#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:115
+#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:78
+#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:111
 msgid "Token doesn't have an expiration date"
 msgstr ""
 
@@ -3448,7 +3453,7 @@ msgstr ""
 msgid "Two-Factor Authentication"
 msgstr ""
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:66
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:90
 msgid "Two-factor authentication disabled"
 msgstr ""
 
@@ -3456,7 +3461,7 @@ msgstr ""
 msgid "Two-factor authentication enabled"
 msgstr ""
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:68
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:92
 msgid "Two-factor authentication has been disabled for your account. You will no longer be required to enter a code from your authenticator app when signing in."
 msgstr ""
 
@@ -3501,7 +3506,7 @@ msgstr ""
 msgid "Unable to delete team"
 msgstr ""
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:79
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:103
 msgid "Unable to disable two-factor authentication"
 msgstr ""
 
@@ -3649,10 +3654,12 @@ msgstr ""
 msgid "Uploaded file not an allowed file type"
 msgstr ""
 
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:187
 #: apps/web/src/components/forms/signin.tsx:471
 msgid "Use Authenticator"
 msgstr ""
 
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:185
 #: apps/web/src/components/forms/signin.tsx:469
 msgid "Use Backup Code"
 msgstr ""
@@ -3939,7 +3946,7 @@ msgstr ""
 msgid "We were unable to create a checkout session. Please try again, or contact support"
 msgstr ""
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:81
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:105
 msgid "We were unable to disable two-factor authentication for your account. Please ensure that you have entered your password and backup code correctly and try again."
 msgstr ""
 

packages/lib/translations/en/web.po

@@ -602,6 +602,7 @@ msgstr "Back to Documents"
 msgid "Background Color"
 msgstr "Background Color"
 
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:167
 #: apps/web/src/components/forms/signin.tsx:451
 msgid "Backup Code"
 msgstr "Backup Code"
@@ -679,7 +680,6 @@ msgstr "By enabling 2FA, you will be required to enter a code from your authenti
 #: apps/web/src/components/(teams)/dialogs/transfer-team-dialog.tsx:278
 #: apps/web/src/components/(teams)/dialogs/update-team-email-dialog.tsx:162
 #: apps/web/src/components/(teams)/dialogs/update-team-member-dialog.tsx:187
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:137
 #: apps/web/src/components/forms/2fa/enable-authenticator-app-dialog.tsx:257
 #: apps/web/src/components/forms/2fa/view-recovery-codes-dialog.tsx:163
 #: apps/web/src/components/templates/manage-public-template-dialog.tsx:452
@@ -968,13 +968,13 @@ msgid "Created by"
 msgstr "Created by"
 
 #: apps/web/src/app/(dashboard)/admin/documents/[id]/page.tsx:49
+#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:68
+#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:101
 #: apps/web/src/components/(teams)/tables/pending-user-teams-data-table.tsx:80
 msgid "Created on"
 msgstr "Created on"
 
-#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:68
 #: apps/web/src/app/(dashboard)/settings/webhooks/page.tsx:89
-#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:101
 #: apps/web/src/app/(teams)/t/[teamUrl]/settings/webhooks/page.tsx:94
 msgid "Created on <0/>"
 msgstr "Created on <0/>"
@@ -1017,11 +1017,11 @@ msgstr "Declined team invitation"
 #: apps/web/src/app/(dashboard)/documents/delete-document-dialog.tsx:200
 #: apps/web/src/app/(dashboard)/settings/security/passkeys/user-passkeys-data-table-actions.tsx:177
 #: apps/web/src/app/(dashboard)/settings/security/passkeys/user-passkeys-data-table-actions.tsx:211
-#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:90
+#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:86
 #: apps/web/src/app/(dashboard)/settings/webhooks/page.tsx:104
 #: apps/web/src/app/(dashboard)/templates/data-table-action-dropdown.tsx:91
 #: apps/web/src/app/(dashboard)/templates/delete-template-dialog.tsx:90
-#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:123
+#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:119
 #: apps/web/src/app/(teams)/t/[teamUrl]/settings/webhooks/page.tsx:109
 #: apps/web/src/components/(dashboard)/settings/token/delete-token-dialog.tsx:121
 #: apps/web/src/components/(dashboard)/settings/webhooks/delete-webhook-dialog.tsx:109
@@ -1138,9 +1138,9 @@ msgstr "Direct template link usage exceeded ({0}/{1})"
 msgid "Disable"
 msgstr "Disable"
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:92
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:99
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:142
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:116
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:123
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:192
 msgid "Disable 2FA"
 msgstr "Disable 2FA"
 
@@ -1520,10 +1520,15 @@ msgstr "Exceeded timeout"
 msgid "Expired"
 msgstr "Expired"
 
+#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:73
+#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:106
+msgid "Expires on"
+msgstr "Expires on"
+
 #: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:75
 #: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:108
-msgid "Expires on <0/>"
-msgstr "Expires on <0/>"
+#~ msgid "Expires on <0/>"
+#~ msgstr "Expires on <0/>"
 
 #: apps/web/src/app/(dashboard)/admin/documents/[id]/admin-actions.tsx:42
 msgid "Failed to reseal document"
@@ -2269,7 +2274,7 @@ msgstr "Please note that this action is irreversible. Once confirmed, your webho
 msgid "Please note that you will lose access to all documents associated with this team & all the members will be removed and notified"
 msgstr "Please note that you will lose access to all documents associated with this team & all the members will be removed and notified"
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:103
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:127
 msgid "Please provide a token from the authenticator, or a backup code. If you do not have a backup code available, please contact support."
 msgstr "Please provide a token from the authenticator, or a backup code. If you do not have a backup code available, please contact support."
 
@@ -3382,8 +3387,8 @@ msgstr "Token created"
 msgid "Token deleted"
 msgstr "Token deleted"
 
-#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:82
-#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:115
+#: apps/web/src/app/(dashboard)/settings/tokens/page.tsx:78
+#: apps/web/src/app/(teams)/t/[teamUrl]/settings/tokens/page.tsx:111
 msgid "Token doesn't have an expiration date"
 msgstr "Token doesn't have an expiration date"
 
@@ -3443,7 +3448,7 @@ msgstr "Two factor authentication recovery codes are used to access your account
 msgid "Two-Factor Authentication"
 msgstr "Two-Factor Authentication"
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:66
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:90
 msgid "Two-factor authentication disabled"
 msgstr "Two-factor authentication disabled"
 
@@ -3451,7 +3456,7 @@ msgstr "Two-factor authentication disabled"
 msgid "Two-factor authentication enabled"
 msgstr "Two-factor authentication enabled"
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:68
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:92
 msgid "Two-factor authentication has been disabled for your account. You will no longer be required to enter a code from your authenticator app when signing in."
 msgstr "Two-factor authentication has been disabled for your account. You will no longer be required to enter a code from your authenticator app when signing in."
 
@@ -3496,7 +3501,7 @@ msgstr "Unable to delete invitation. Please try again."
 msgid "Unable to delete team"
 msgstr "Unable to delete team"
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:79
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:103
 msgid "Unable to disable two-factor authentication"
 msgstr "Unable to disable two-factor authentication"
 
@@ -3644,10 +3649,12 @@ msgstr "Uploaded file is too small"
 msgid "Uploaded file not an allowed file type"
 msgstr "Uploaded file not an allowed file type"
 
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:187
 #: apps/web/src/components/forms/signin.tsx:471
 msgid "Use Authenticator"
 msgstr "Use Authenticator"
 
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:185
 #: apps/web/src/components/forms/signin.tsx:469
 msgid "Use Backup Code"
 msgstr "Use Backup Code"
@@ -3934,7 +3941,7 @@ msgstr "We were unable to copy your recovery code to your clipboard. Please try
 msgid "We were unable to create a checkout session. Please try again, or contact support"
 msgstr "We were unable to create a checkout session. Please try again, or contact support"
 
-#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:81
+#: apps/web/src/components/forms/2fa/disable-authenticator-app-dialog.tsx:105
 msgid "We were unable to disable two-factor authentication for your account. Please ensure that you have entered your password and backup code correctly and try again."
 msgstr "We were unable to disable two-factor authentication for your account. Please ensure that you have entered your password and backup code correctly and try again."
 

packages/trpc/server/two-factor-authentication-router/router.ts

@@ -65,7 +65,8 @@ export const twoFactorAuthenticationRouter = router({
 
         return await disableTwoFactorAuthentication({
           user,
-          token: input.token,
+          totpCode: input.totpCode,
+          backupCode: input.backupCode,
           requestMetadata: extractNextApiRequestMetadata(ctx.req),
         });
       } catch (err) {

packages/trpc/server/two-factor-authentication-router/schema.ts

@@ -9,7 +9,8 @@ export type TEnableTwoFactorAuthenticationMutationSchema = z.infer<
 >;
 
 export const ZDisableTwoFactorAuthenticationMutationSchema = z.object({
-  token: z.string().trim().min(1),
+  totpCode: z.string().trim().optional(),
+  backupCode: z.string().trim().optional(),
 });
 
 export type TDisableTwoFactorAuthenticationMutationSchema = z.infer<