Make totp enrollment work
continuous-integration/drone/pr Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
This commit is contained in:
parent
5d2627d46a
commit
97d78b032e
|
@ -209,9 +209,9 @@ func registerAPIRoutes(a *echo.Group) {
|
|||
u.GET("s", apiv1.UserList)
|
||||
u.POST("/token", apiv1.RenewToken)
|
||||
u.POST("/settings/email", apiv1.UpdateUserEmail)
|
||||
u.POST("/totp/enroll", apiv1.UserTOTPEnroll)
|
||||
u.POST("/totp/enable", apiv1.UserTOTPEnable)
|
||||
u.POST("/totp/qrcode", apiv1.UserTOTPQrCode)
|
||||
u.POST("/settings/totp/enroll", apiv1.UserTOTPEnroll)
|
||||
u.POST("/settings/totp/enable", apiv1.UserTOTPEnable)
|
||||
u.GET("/settings/totp/qrcode", apiv1.UserTOTPQrCode)
|
||||
|
||||
listHandler := &handler.WebHandler{
|
||||
EmptyStruct: func() handler.CObject {
|
||||
|
|
|
@ -40,22 +40,17 @@ func (T *TOTP) TableName() string {
|
|||
|
||||
// TOTPPasscode is used to validate a users totp passcode
|
||||
type TOTPPasscode struct {
|
||||
User *User
|
||||
Passcode string
|
||||
}
|
||||
|
||||
// IsTotpEnabledForUser returns a boolean if an activated totp entry is available for this user
|
||||
func IsTotpEnabledForUser(user *User) (bool, error) {
|
||||
return x.Where("user_id = ? AND enabled = ?", user.ID, true).Exist(&TOTP{})
|
||||
User *User `json:"-"`
|
||||
Passcode string `json:"passcode"`
|
||||
}
|
||||
|
||||
func getTOTPForUser(user *User) (t *TOTP, err error) {
|
||||
t = &TOTP{}
|
||||
_, err = x.Where("user_id = ?", user.ID).Get(t)
|
||||
exists, err := x.Where("user_id = ?", user.ID).Get(t)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
if !t.Enabled {
|
||||
if !exists {
|
||||
return nil, ErrTOTPNotEnabled{}
|
||||
}
|
||||
|
||||
|
@ -64,17 +59,17 @@ func getTOTPForUser(user *User) (t *TOTP, err error) {
|
|||
|
||||
// EnrollTOTP creates a new TOTP entry for the user - it does not enable it yet.
|
||||
func EnrollTOTP(user *User) (t *TOTP, err error) {
|
||||
is, err := IsTotpEnabledForUser(user)
|
||||
isEnrolled, err := x.Where("user_id = ?", user.ID).Exist(&TOTP{})
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
if is {
|
||||
if isEnrolled {
|
||||
return nil, ErrTOTPAlreadyEnabled{}
|
||||
}
|
||||
|
||||
key, err := totp.Generate(totp.GenerateOpts{
|
||||
Issuer: "Vikunja",
|
||||
AccountName: user.Email,
|
||||
AccountName: user.Username,
|
||||
})
|
||||
if err != nil {
|
||||
return
|
||||
|
@ -97,8 +92,10 @@ func EnableTOTP(passcode *TOTPPasscode) (err error) {
|
|||
return
|
||||
}
|
||||
|
||||
t.Enabled = true
|
||||
_, err = x.Where("id = ?", t.ID).Update(t)
|
||||
_, err = x.
|
||||
Where("id = ?", t.ID).
|
||||
Cols("enabled").
|
||||
Update(&TOTP{Enabled: true})
|
||||
return
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue