]>
Commit | Line | Data |
---|---|---|
1 | import { TOTP } from 'otpauth' | |
2 | import { HttpStatusCode, TwoFactorEnableResult } from '@shared/models' | |
3 | import { unwrapBody } from '../requests' | |
4 | import { AbstractCommand, OverrideCommandOptions } from '../shared' | |
5 | ||
6 | export class TwoFactorCommand extends AbstractCommand { | |
7 | ||
8 | static buildOTP (options: { | |
9 | secret: string | |
10 | }) { | |
11 | const { secret } = options | |
12 | ||
13 | return new TOTP({ | |
14 | issuer: 'PeerTube', | |
15 | algorithm: 'SHA1', | |
16 | digits: 6, | |
17 | period: 30, | |
18 | secret | |
19 | }) | |
20 | } | |
21 | ||
22 | request (options: OverrideCommandOptions & { | |
23 | userId: number | |
24 | currentPassword?: string | |
25 | }) { | |
26 | const { currentPassword, userId } = options | |
27 | ||
28 | const path = '/api/v1/users/' + userId + '/two-factor/request' | |
29 | ||
30 | return unwrapBody<TwoFactorEnableResult>(this.postBodyRequest({ | |
31 | ...options, | |
32 | ||
33 | path, | |
34 | fields: { currentPassword }, | |
35 | implicitToken: true, | |
36 | defaultExpectedStatus: HttpStatusCode.OK_200 | |
37 | })) | |
38 | } | |
39 | ||
40 | confirmRequest (options: OverrideCommandOptions & { | |
41 | userId: number | |
42 | requestToken: string | |
43 | otpToken: string | |
44 | }) { | |
45 | const { userId, requestToken, otpToken } = options | |
46 | ||
47 | const path = '/api/v1/users/' + userId + '/two-factor/confirm-request' | |
48 | ||
49 | return this.postBodyRequest({ | |
50 | ...options, | |
51 | ||
52 | path, | |
53 | fields: { requestToken, otpToken }, | |
54 | implicitToken: true, | |
55 | defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204 | |
56 | }) | |
57 | } | |
58 | ||
59 | disable (options: OverrideCommandOptions & { | |
60 | userId: number | |
61 | currentPassword?: string | |
62 | }) { | |
63 | const { userId, currentPassword } = options | |
64 | const path = '/api/v1/users/' + userId + '/two-factor/disable' | |
65 | ||
66 | return this.postBodyRequest({ | |
67 | ...options, | |
68 | ||
69 | path, | |
70 | fields: { currentPassword }, | |
71 | implicitToken: true, | |
72 | defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204 | |
73 | }) | |
74 | } | |
75 | ||
76 | async requestAndConfirm (options: OverrideCommandOptions & { | |
77 | userId: number | |
78 | currentPassword?: string | |
79 | }) { | |
80 | const { userId, currentPassword } = options | |
81 | ||
82 | const { otpRequest } = await this.request({ userId, currentPassword }) | |
83 | ||
84 | await this.confirmRequest({ | |
85 | userId, | |
86 | requestToken: otpRequest.requestToken, | |
87 | otpToken: TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate() | |
88 | }) | |
89 | ||
90 | return otpRequest | |
91 | } | |
92 | } |