mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-08-02 00:55:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

style consistency changes to add security key form

Browse source
This commit is contained in:
miloschwartz 2025-07-14 15:43:33 -07:00
parent 0a97d91aed
commit 3505342a8d
No known key found for this signature in database
4 changed files with 645 additions and 329 deletions
Download patch file Download diff file Expand all files Collapse all files

38
server/routers/auth/securityKey.ts
View file

@ -107,7 +107,8 @@ async function clearChallenge(sessionId: string) {
export const registerSecurityKeyBody = z.object({
name: z.string().min(1),
password: z.string().min(1)
password: z.string().min(1),
code: z.string().optional()
}).strict();
export const verifyRegistrationBody = z.object({
@ -143,7 +144,7 @@ export async function startRegistration(
);
}
const { name, password } = parsedBody.data;
const { name, password, code } = parsedBody.data;
const user = req.user as User;
// Only allow internal users to use security keys
@ -163,6 +164,39 @@ export async function startRegistration(
return next(unauthorized());
}
// If user has 2FA enabled, require and verify the code
if (user.twoFactorEnabled) {
if (!code) {
return response<{ codeRequested: boolean }>(res, {
data: { codeRequested: true },
success: true,
error: false,
message: "Two-factor authentication required",
status: HttpCode.ACCEPTED
});
}
const validOTP = await verifyTotpCode(
code,
user.twoFactorSecret!,
user.userId
);
if (!validOTP) {
if (config.getRawConfig().app.log_failed_attempts) {
logger.info(
`Two-factor code incorrect. Email: ${user.email}. IP: ${req.ip}.`
);
}
return next(
createHttpError(
HttpCode.UNAUTHORIZED,
"The two-factor code you entered is incorrect"
)
);
}
}
// Get existing security keys for user
const existingSecurityKeys = await db
.select()