techies/authelia
1
0
Fork 0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
Code Issues Projects Releases Wiki Activity
785182236c
authelia/src/server/lib/routes/secondfactor/totp/identity/RegistrationHandler.ts
Clement Michaud e45ac39c8f Add Mongo as scalable and resilient storage backend
2017-07-31 00:29:00 +02:00

89 lines
2.9 KiB
TypeScript
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import express = require("express");
import BluebirdPromise = require("bluebird");
import objectPath = require("object-path");
import { Identity } from "../../../../../../types/Identity";
import { IdentityValidable } from "../../../../IdentityCheckMiddleware";
import { PRE_VALIDATION_TEMPLATE } from "../../../../IdentityCheckPreValidationTemplate";
import Constants = require("../constants");
import Endpoints = require("../../../../../endpoints");
import ErrorReplies = require("../../../../ErrorReplies");
import { ServerVariablesHandler } from "../../../../ServerVariablesHandler";
import AuthenticationSession = require("../../../../AuthenticationSession");
import FirstFactorValidator = require("../../../../FirstFactorValidator");
export default class RegistrationHandler implements IdentityValidable {
challenge(): string {
return Constants.CHALLENGE;
}
private retrieveIdentity(req: express.Request): BluebirdPromise<Identity> {
const authSession = AuthenticationSession.get(req);
const userid = authSession.userid;
const email = authSession.email;
if (!(userid && email)) {
return BluebirdPromise.reject(new Error("User ID or email is missing"));
}
const identity = {
email: email,
userid: userid
};
return BluebirdPromise.resolve(identity);
}
preValidationInit(req: express.Request): BluebirdPromise<Identity> {
const that = this;
return FirstFactorValidator.validate(req)
.then(function () {
return that.retrieveIdentity(req);
});
}
preValidationResponse(req: express.Request, res: express.Response) {
res.render(PRE_VALIDATION_TEMPLATE);
}
postValidationInit(req: express.Request) {
return FirstFactorValidator.validate(req);
}
postValidationResponse(req: express.Request, res: express.Response) {
const logger = ServerVariablesHandler.getLogger(req.app);
const authSession = AuthenticationSession.get(req);
const userid = authSession.identity_check.userid;
const challenge = authSession.identity_check.challenge;
if (challenge != Constants.CHALLENGE || !userid) {
res.status(403);
res.send();
return;
}
const userDataStore = ServerVariablesHandler.getUserDataStore(req.app);
const totpGenerator = ServerVariablesHandler.getTOTPGenerator(req.app);
const secret = totpGenerator.generate();
logger.debug("POST new-totp-secret: save the TOTP secret in DB");
userDataStore.saveTOTPSecret(userid, secret)
.then(function () {
objectPath.set(req, "session", undefined);
res.render(Constants.TEMPLATE_NAME, {
base32_secret: secret.base32,
otpauth_url: secret.otpauth_url,
login_endpoint: Endpoints.FIRST_FACTOR_GET
});
})
.catch(ErrorReplies.replyWithError500(res, logger));
}
mailSubject(): string {
return "Register your TOTP secret key";
}
}
Reference in New Issue View Git Blame Copy Permalink