diff --git a/src/controller/auth.ts b/src/controller/auth.ts
index a4fa3c8..19b74cf 100644
--- a/src/controller/auth.ts
+++ b/src/controller/auth.ts
@@ -15,7 +15,7 @@ import {
 import { AuthService } from '../services/auth';
 import { AuthGuard } from '@nestjs/passport';
 import { Public } from '../authguards';
-import { Responses, Requests } from 'dto';
+import { Requests, Responses } from 'dto';
 import { tfaTypes } from '../entities';
 import { toDataURL } from 'qrcode';
 import * as base32 from 'thirty-two';
@@ -48,12 +48,22 @@ export default class AuthController {
 		);
 	}
 
-	async tfa(
-		req,
-		code: string,
-		type: tfaTypes
+	@Post('2fa/disable')
+	async tfaDisable(
+		@Request() req
+	): Promise<Responses.Auth.RemoveTfaResponse> {
+		await this.authService.setTfaType(req.user, tfaTypes.NONE);
+		await this.authService.revokeAll(req.user);
+		return new Responses.Auth.RemoveTfaResponse();
+	}
+
+	@Post('2fa/complete')
+	async tfaMail(
+		@Request() req,
+		@Body(new ValidationPipe()) data: Requests.Auth.TfaComplete
 	): Promise<Responses.Auth.TfaCompletedResponse> {
-		if (!(await this.authService.verifyTfa(req.user, code, type))) {
+		const type = data.mail ? tfaTypes.EMAIL : tfaTypes.TOTP;
+		if (!(await this.authService.verifyTfa(req.user, data.code, type))) {
 			throw new UnauthorizedException('Incorrect 2fa');
 		}
 		await this.authService.setTfaType(req.user, type);
@@ -61,23 +71,7 @@ export default class AuthController {
 		return new Responses.Auth.TfaCompletedResponse();
 	}
 
-	@Post('2fa/complete/mail')
-	async tfaMail(
-		@Request() req,
-		@Body(new ValidationPipe()) data: Requests.Auth.TfaComplete
-	): Promise<Responses.Auth.TfaCompletedResponse> {
-		return await this.tfa(req, data.code, tfaTypes.EMAIL);
-	}
-
-	@Post('2fa/complete/totp')
-	async tfaTotp(
-		@Request() req,
-		@Body(new ValidationPipe()) data: Requests.Auth.TfaComplete
-	): Promise<Responses.Auth.TfaCompletedResponse> {
-		return await this.tfa(req, data.code, tfaTypes.TOTP);
-	}
-
-	@Get('2fa/setup')
+	@Post('2fa/setup')
 	async setupTotp(
 		@Request() req,
 		@Body(new ValidationPipe()) data: Requests.Auth.TfaSetup
@@ -93,7 +87,7 @@ export default class AuthController {
 					.encode(secret)
 					.toString()}&issuer=MFileserver`
 			),
-			secret
+			base32.encode(secret).toString()
 		);
 	}
 
@@ -147,4 +141,10 @@ export default class AuthController {
 		);
 		return new Responses.Auth.ChangePasswordResponse();
 	}
+
+	@Post('logout_all')
+	async logoutAll(@Request() req): Promise<Responses.Auth.LogoutAllResponse> {
+		await this.authService.revokeAll(req.user);
+		return new Responses.Auth.LogoutAllResponse();
+	}
 }