diff options
| author | Chocobozzz <me@florianbigard.com> | 2022-10-10 11:19:58 +0200 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2022-10-10 11:19:58 +0200 |
| commit | 63fa260a81a8930c157b73c897fe8696a8cc90d4 (patch) | |
| tree | 705ebfae42f9c59b2a1ac97779e4037102dfed1c /shared/server-commands/users | |
| parent | 9b99d32804e99462c6f22df3ec3db9ec5bf8a18c (diff) | |
| parent | 1ea868a9456439108fbd87255537093ed8bd456f (diff) | |
| download | PeerTube-63fa260a81a8930c157b73c897fe8696a8cc90d4.tar.gz PeerTube-63fa260a81a8930c157b73c897fe8696a8cc90d4.tar.zst PeerTube-63fa260a81a8930c157b73c897fe8696a8cc90d4.zip | |
Merge branch 'feature/otp' into develop
Diffstat (limited to 'shared/server-commands/users')
| -rw-r--r-- | shared/server-commands/users/index.ts | 1 | ||||
| -rw-r--r-- | shared/server-commands/users/login-command.ts | 73 | ||||
| -rw-r--r-- | shared/server-commands/users/two-factor-command.ts | 92 | ||||
| -rw-r--r-- | shared/server-commands/users/users-command.ts | 3 |
4 files changed, 145 insertions, 24 deletions
diff --git a/shared/server-commands/users/index.ts b/shared/server-commands/users/index.ts index f6f93b4d2..1afc02dc1 100644 --- a/shared/server-commands/users/index.ts +++ b/shared/server-commands/users/index.ts | |||
| @@ -5,4 +5,5 @@ export * from './login' | |||
| 5 | export * from './login-command' | 5 | export * from './login-command' |
| 6 | export * from './notifications-command' | 6 | export * from './notifications-command' |
| 7 | export * from './subscriptions-command' | 7 | export * from './subscriptions-command' |
| 8 | export * from './two-factor-command' | ||
| 8 | export * from './users-command' | 9 | export * from './users-command' |
diff --git a/shared/server-commands/users/login-command.ts b/shared/server-commands/users/login-command.ts index 54070e426..f2fc6d1c5 100644 --- a/shared/server-commands/users/login-command.ts +++ b/shared/server-commands/users/login-command.ts | |||
| @@ -2,34 +2,27 @@ import { HttpStatusCode, PeerTubeProblemDocument } from '@shared/models' | |||
| 2 | import { unwrapBody } from '../requests' | 2 | import { unwrapBody } from '../requests' |
| 3 | import { AbstractCommand, OverrideCommandOptions } from '../shared' | 3 | import { AbstractCommand, OverrideCommandOptions } from '../shared' |
| 4 | 4 | ||
| 5 | type LoginOptions = OverrideCommandOptions & { | ||
| 6 | client?: { id?: string, secret?: string } | ||
| 7 | user?: { username: string, password?: string } | ||
| 8 | otpToken?: string | ||
| 9 | } | ||
| 10 | |||
| 5 | export class LoginCommand extends AbstractCommand { | 11 | export class LoginCommand extends AbstractCommand { |
| 6 | 12 | ||
| 7 | login (options: OverrideCommandOptions & { | 13 | async login (options: LoginOptions = {}) { |
| 8 | client?: { id?: string, secret?: string } | 14 | const res = await this._login(options) |
| 9 | user?: { username: string, password?: string } | ||
| 10 | } = {}) { | ||
| 11 | const { client = this.server.store.client, user = this.server.store.user } = options | ||
| 12 | const path = '/api/v1/users/token' | ||
| 13 | 15 | ||
| 14 | const body = { | 16 | return this.unwrapLoginBody(res.body) |
| 15 | client_id: client.id, | 17 | } |
| 16 | client_secret: client.secret, | ||
| 17 | username: user.username, | ||
| 18 | password: user.password ?? 'password', | ||
| 19 | response_type: 'code', | ||
| 20 | grant_type: 'password', | ||
| 21 | scope: 'upload' | ||
| 22 | } | ||
| 23 | 18 | ||
| 24 | return unwrapBody<{ access_token: string, refresh_token: string } & PeerTubeProblemDocument>(this.postBodyRequest({ | 19 | async loginAndGetResponse (options: LoginOptions = {}) { |
| 25 | ...options, | 20 | const res = await this._login(options) |
| 26 | 21 | ||
| 27 | path, | 22 | return { |
| 28 | requestType: 'form', | 23 | res, |
| 29 | fields: body, | 24 | body: this.unwrapLoginBody(res.body) |
| 30 | implicitToken: false, | 25 | } |
| 31 | defaultExpectedStatus: HttpStatusCode.OK_200 | ||
| 32 | })) | ||
| 33 | } | 26 | } |
| 34 | 27 | ||
| 35 | getAccessToken (arg1?: { username: string, password?: string }): Promise<string> | 28 | getAccessToken (arg1?: { username: string, password?: string }): Promise<string> |
| @@ -129,4 +122,38 @@ export class LoginCommand extends AbstractCommand { | |||
| 129 | defaultExpectedStatus: HttpStatusCode.OK_200 | 122 | defaultExpectedStatus: HttpStatusCode.OK_200 |
| 130 | }) | 123 | }) |
| 131 | } | 124 | } |
| 125 | |||
| 126 | private _login (options: LoginOptions) { | ||
| 127 | const { client = this.server.store.client, user = this.server.store.user, otpToken } = options | ||
| 128 | const path = '/api/v1/users/token' | ||
| 129 | |||
| 130 | const body = { | ||
| 131 | client_id: client.id, | ||
| 132 | client_secret: client.secret, | ||
| 133 | username: user.username, | ||
| 134 | password: user.password ?? 'password', | ||
| 135 | response_type: 'code', | ||
| 136 | grant_type: 'password', | ||
| 137 | scope: 'upload' | ||
| 138 | } | ||
| 139 | |||
| 140 | const headers = otpToken | ||
| 141 | ? { 'x-peertube-otp': otpToken } | ||
| 142 | : {} | ||
| 143 | |||
| 144 | return this.postBodyRequest({ | ||
| 145 | ...options, | ||
| 146 | |||
| 147 | path, | ||
| 148 | headers, | ||
| 149 | requestType: 'form', | ||
| 150 | fields: body, | ||
| 151 | implicitToken: false, | ||
| 152 | defaultExpectedStatus: HttpStatusCode.OK_200 | ||
| 153 | }) | ||
| 154 | } | ||
| 155 | |||
| 156 | private unwrapLoginBody (body: any) { | ||
| 157 | return body as { access_token: string, refresh_token: string } & PeerTubeProblemDocument | ||
| 158 | } | ||
| 132 | } | 159 | } |
diff --git a/shared/server-commands/users/two-factor-command.ts b/shared/server-commands/users/two-factor-command.ts new file mode 100644 index 000000000..5542acfda --- /dev/null +++ b/shared/server-commands/users/two-factor-command.ts | |||
| @@ -0,0 +1,92 @@ | |||
| 1 | import { TOTP } from 'otpauth' | ||
| 2 | import { HttpStatusCode, TwoFactorEnableResult } from '@shared/models' | ||
| 3 | import { unwrapBody } from '../requests' | ||
| 4 | import { AbstractCommand, OverrideCommandOptions } from '../shared' | ||
| 5 | |||
| 6 | export class TwoFactorCommand extends AbstractCommand { | ||
| 7 | |||
| 8 | static buildOTP (options: { | ||
| 9 | secret: string | ||
| 10 | }) { | ||
| 11 | const { secret } = options | ||
| 12 | |||
| 13 | return new TOTP({ | ||
| 14 | issuer: 'PeerTube', | ||
| 15 | algorithm: 'SHA1', | ||
| 16 | digits: 6, | ||
| 17 | period: 30, | ||
| 18 | secret | ||
| 19 | }) | ||
| 20 | } | ||
| 21 | |||
| 22 | request (options: OverrideCommandOptions & { | ||
| 23 | userId: number | ||
| 24 | currentPassword?: string | ||
| 25 | }) { | ||
| 26 | const { currentPassword, userId } = options | ||
| 27 | |||
| 28 | const path = '/api/v1/users/' + userId + '/two-factor/request' | ||
| 29 | |||
| 30 | return unwrapBody<TwoFactorEnableResult>(this.postBodyRequest({ | ||
| 31 | ...options, | ||
| 32 | |||
| 33 | path, | ||
| 34 | fields: { currentPassword }, | ||
| 35 | implicitToken: true, | ||
| 36 | defaultExpectedStatus: HttpStatusCode.OK_200 | ||
| 37 | })) | ||
| 38 | } | ||
| 39 | |||
| 40 | confirmRequest (options: OverrideCommandOptions & { | ||
| 41 | userId: number | ||
| 42 | requestToken: string | ||
| 43 | otpToken: string | ||
| 44 | }) { | ||
| 45 | const { userId, requestToken, otpToken } = options | ||
| 46 | |||
| 47 | const path = '/api/v1/users/' + userId + '/two-factor/confirm-request' | ||
| 48 | |||
| 49 | return this.postBodyRequest({ | ||
| 50 | ...options, | ||
| 51 | |||
| 52 | path, | ||
| 53 | fields: { requestToken, otpToken }, | ||
| 54 | implicitToken: true, | ||
| 55 | defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204 | ||
| 56 | }) | ||
| 57 | } | ||
| 58 | |||
| 59 | disable (options: OverrideCommandOptions & { | ||
| 60 | userId: number | ||
| 61 | currentPassword?: string | ||
| 62 | }) { | ||
| 63 | const { userId, currentPassword } = options | ||
| 64 | const path = '/api/v1/users/' + userId + '/two-factor/disable' | ||
| 65 | |||
| 66 | return this.postBodyRequest({ | ||
| 67 | ...options, | ||
| 68 | |||
| 69 | path, | ||
| 70 | fields: { currentPassword }, | ||
| 71 | implicitToken: true, | ||
| 72 | defaultExpectedStatus: HttpStatusCode.NO_CONTENT_204 | ||
| 73 | }) | ||
| 74 | } | ||
| 75 | |||
| 76 | async requestAndConfirm (options: OverrideCommandOptions & { | ||
| 77 | userId: number | ||
| 78 | currentPassword?: string | ||
| 79 | }) { | ||
| 80 | const { userId, currentPassword } = options | ||
| 81 | |||
| 82 | const { otpRequest } = await this.request({ userId, currentPassword }) | ||
| 83 | |||
| 84 | await this.confirmRequest({ | ||
| 85 | userId, | ||
| 86 | requestToken: otpRequest.requestToken, | ||
| 87 | otpToken: TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate() | ||
| 88 | }) | ||
| 89 | |||
| 90 | return otpRequest | ||
| 91 | } | ||
| 92 | } | ||
diff --git a/shared/server-commands/users/users-command.ts b/shared/server-commands/users/users-command.ts index e7d021059..811b9685b 100644 --- a/shared/server-commands/users/users-command.ts +++ b/shared/server-commands/users/users-command.ts | |||
| @@ -202,7 +202,8 @@ export class UsersCommand extends AbstractCommand { | |||
| 202 | token, | 202 | token, |
| 203 | userId: user.id, | 203 | userId: user.id, |
| 204 | userChannelId: me.videoChannels[0].id, | 204 | userChannelId: me.videoChannels[0].id, |
| 205 | userChannelName: me.videoChannels[0].name | 205 | userChannelName: me.videoChannels[0].name, |
| 206 | password | ||
| 206 | } | 207 | } |
| 207 | } | 208 | } |
| 208 | 209 | ||