Merge branch 'feature/otp' into develop

author: Chocobozzz <me@florianbigard.com> 2022-10-10 11:19:58 +0200
committer: Chocobozzz <me@florianbigard.com> 2022-10-10 11:19:58 +0200
commit: 63fa260a81a8930c157b73c897fe8696a8cc90d4 (patch)
tree: 705ebfae42f9c59b2a1ac97779e4037102dfed1c /shared/server-commands/users/two-factor-command.ts
parent: 9b99d32804e99462c6f22df3ec3db9ec5bf8a18c (diff)
parent: 1ea868a9456439108fbd87255537093ed8bd456f (diff)
download: PeerTube-63fa260a81a8930c157b73c897fe8696a8cc90d4.tar.gz
PeerTube-63fa260a81a8930c157b73c897fe8696a8cc90d4.tar.zst
PeerTube-63fa260a81a8930c157b73c897fe8696a8cc90d4.zip
1 files changed, 92 insertions, 0 deletions
diff --git a/shared/server-commands/users/two-factor-command.ts b/shared/server-commands/users/two-factor-command.ts
new file mode 100644
index 000000000..5542acfda
--- /dev/null
+++ b/shared/server-commands/users/two-factor-command.ts
@@ -0,0 +1,92 @@
+import { TOTP } from 'otpauth'
+import { HttpStatusCode, TwoFactorEnableResult } from '@shared/models'
+import { unwrapBody } from '../requests'
+import { AbstractCommand, OverrideCommandOptions } from '../shared'
+export class TwoFactorCommand extends AbstractCommand {
+  static buildOTP (options: {
+    secret: string
+  }) {
+    const { secret } = options
+    return new TOTP({
+      issuer: 'PeerTube',
+      algorithm: 'SHA1',
+      digits: 6,
+      period: 30,
+      secret
+    })
+  }
+  request (options: OverrideCommandOptions & {
+    userId: number
+    currentPassword?: string
+  }) {
+    const { currentPassword, userId } = options
+    const path = '/api/v1/users/' + userId + '/two-factor/request'
+    return unwrapBody<TwoFactorEnableResult>(this.postBodyRequest({
+      ...options,
+      path,
+      fields: { currentPassword },
+      implicitToken: true,
+      defaultExpectedStatus: HttpStatusCode.OK_200
+    }))
+  }
+  confirmRequest (options: OverrideCommandOptions & {
+    userId: number
+    requestToken: string
+    otpToken: string
+  }) {
+    const { userId, requestToken, otpToken } = options
+    const path = '/api/v1/users/' + userId + '/two-factor/confirm-request'
+    return this.postBodyRequest({
+      ...options,
+      path,
+      fields: { requestToken, otpToken },
+      implicitToken: true,
+      defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
+    })
+  }
+  disable (options: OverrideCommandOptions & {
+    userId: number
+    currentPassword?: string
+  }) {
+    const { userId, currentPassword } = options
+    const path = '/api/v1/users/' + userId + '/two-factor/disable'
+    return this.postBodyRequest({
+      ...options,
+      path,
+      fields: { currentPassword },
+      implicitToken: true,
+      defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
+    })
+  }
+  async requestAndConfirm (options: OverrideCommandOptions & {
+    userId: number
+    currentPassword?: string
+  }) {
+    const { userId, currentPassword } = options
+    const { otpRequest } = await this.request({ userId, currentPassword })
+    await this.confirmRequest({
+      userId,
+      requestToken: otpRequest.requestToken,
+      otpToken: TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate()
+    })
+    return otpRequest
+  }
+}
author	Chocobozzz <me@florianbigard.com>	2022-10-10 11:19:58 +0200
committer	Chocobozzz <me@florianbigard.com>	2022-10-10 11:19:58 +0200
commit	63fa260a81a8930c157b73c897fe8696a8cc90d4 (patch)
tree	705ebfae42f9c59b2a1ac97779e4037102dfed1c /shared/server-commands/users/two-factor-command.ts
parent	9b99d32804e99462c6f22df3ec3db9ec5bf8a18c (diff)
parent	1ea868a9456439108fbd87255537093ed8bd456f (diff)
download	PeerTube-63fa260a81a8930c157b73c897fe8696a8cc90d4.tar.gz PeerTube-63fa260a81a8930c157b73c897fe8696a8cc90d4.tar.zst PeerTube-63fa260a81a8930c157b73c897fe8696a8cc90d4.zip

diff --git a/shared/server-commands/users/two-factor-command.ts b/shared/server-commands/users/two-factor-command.ts new file mode 100644 index 000000000..5542acfda --- /dev/null +++ b/shared/server-commands/users/two-factor-command.ts
@@ -0,0 +1,92 @@
	1	import { TOTP } from 'otpauth'
	2	import { HttpStatusCode, TwoFactorEnableResult } from '@shared/models'
	3	import { unwrapBody } from '../requests'
	4	import { AbstractCommand, OverrideCommandOptions } from '../shared'
	5
	6	export class TwoFactorCommand extends AbstractCommand {
	7
	8	static buildOTP (options: {
	9	secret: string
	10	}) {
	11	const { secret } = options
	12
	13	return new TOTP({
	14	issuer: 'PeerTube',
	15	algorithm: 'SHA1',
	16	digits: 6,
	17	period: 30,
	18	secret
	19	})
	20	}
	21
	22	request (options: OverrideCommandOptions & {
	23	userId: number
	24	currentPassword?: string
	25	}) {
	26	const { currentPassword, userId } = options
	27
	28	const path = '/api/v1/users/' + userId + '/two-factor/request'
	29
	30	return unwrapBody<TwoFactorEnableResult>(this.postBodyRequest({
	31	...options,
	32
	33	path,
	34	fields: { currentPassword },
	35	implicitToken: true,
	36	defaultExpectedStatus: HttpStatusCode.OK_200
	37	}))
	38	}
	39
	40	confirmRequest (options: OverrideCommandOptions & {
	41	userId: number
	42	requestToken: string
	43	otpToken: string
	44	}) {
	45	const { userId, requestToken, otpToken } = options
	46
	47	const path = '/api/v1/users/' + userId + '/two-factor/confirm-request'
	48
	49	return this.postBodyRequest({
	50	...options,
	51
	52	path,
	53	fields: { requestToken, otpToken },
	54	implicitToken: true,
	55	defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
	56	})
	57	}
	58
	59	disable (options: OverrideCommandOptions & {
	60	userId: number
	61	currentPassword?: string
	62	}) {
	63	const { userId, currentPassword } = options
	64	const path = '/api/v1/users/' + userId + '/two-factor/disable'
	65
	66	return this.postBodyRequest({
	67	...options,
	68
	69	path,
	70	fields: { currentPassword },
	71	implicitToken: true,
	72	defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204
	73	})
	74	}
	75
	76	async requestAndConfirm (options: OverrideCommandOptions & {
	77	userId: number
	78	currentPassword?: string
	79	}) {
	80	const { userId, currentPassword } = options
	81
	82	const { otpRequest } = await this.request({ userId, currentPassword })
	83
	84	await this.confirmRequest({
	85	userId,
	86	requestToken: otpRequest.requestToken,
	87	otpToken: TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate()
	88	})
	89
	90	return otpRequest
	91	}
	92	}