Disable totp via email does not work

[dazoot]

Description:

I am trying to disable TOTP via email from the Profile -> Security page and it does not work.

Steps to reproduce:

1. I click My account -> Profile -> Security
2. I click Disable Two-factor authentication via Email.
3. I get a flash message that Two-factor authentication disabled but the feature is not disabled.

Expected behavior:

TOTP via Email to be disabled.

Actual behavior:

TOTP via Email remains enabled.

Server Setup Information:

• Version of Rocket.Chat Server: 6.13.0
• License Type: Starter
• Number of Users: 10
• Operating System: Debian
• Deployment Method: tar
• Number of Running Instances: 1
• DB Replicaset Oplog: (oplog Enabled)
• NodeJS Version: v14.21.3
• MongoDB Version: 4.4.29

Client Setup Information

• Desktop App or Browser Version: Desktop 4.1.1
• Operating System: Windows

[dazoot]

I was able to disable email2fa by running this query in mongo DB:

db.users.update({"username": "catalin"}, {"$unset":{"services.email2fa": 1}});

[reetp]

Can you test this on v7.x please?

If it is still an issue I will refer it to the team.