Adding response to 2FA
This commit is contained in:
47
handler/auth/totp/totp.go
Normal file
47
handler/auth/totp/totp.go
Normal file
@ -0,0 +1,47 @@
|
||||
package totpHandler
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/fossyy/filekeeper/session"
|
||||
"github.com/fossyy/filekeeper/types"
|
||||
totpView "github.com/fossyy/filekeeper/view/totp"
|
||||
"github.com/xlzd/gotp"
|
||||
"net/http"
|
||||
"time"
|
||||
)
|
||||
|
||||
func GET(w http.ResponseWriter, r *http.Request) {
|
||||
component := totpView.Main("Filekeeper - 2FA Page")
|
||||
err := component.Render(r.Context(), w)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func POST(w http.ResponseWriter, r *http.Request) {
|
||||
r.ParseForm()
|
||||
code := r.Form.Get("code")
|
||||
_, user, key := session.GetSession(r)
|
||||
|
||||
totp := gotp.NewDefaultTOTP(user.Totp)
|
||||
if totp.Verify(code, time.Now().Unix()) {
|
||||
storeSession, err := session.Get(key)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
fmt.Println(storeSession)
|
||||
storeSession.Values["user"] = types.User{
|
||||
UserID: user.UserID,
|
||||
Email: user.Email,
|
||||
Username: user.Username,
|
||||
Totp: "",
|
||||
Authenticated: true,
|
||||
}
|
||||
http.Redirect(w, r, "/user", http.StatusFound)
|
||||
return
|
||||
} else {
|
||||
fmt.Fprint(w, "wrong")
|
||||
}
|
||||
}
|
||||
@ -17,6 +17,10 @@ import (
|
||||
var log *logger.AggregatedLogger
|
||||
var errorMessages = make(map[string]string)
|
||||
|
||||
func init() {
|
||||
|
||||
}
|
||||
|
||||
func init() {
|
||||
errorMessages = map[string]string{
|
||||
"redirect_uri_mismatch": "The redirect URI provided does not match the one registered with our service. Please contact the administrator for assistance.",
|
||||
@ -92,6 +96,20 @@ func POST(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
if email == userData.Email && utils.CheckPasswordHash(password, userData.Password) {
|
||||
if userData.Totp != "" {
|
||||
storeSession := session.Create()
|
||||
storeSession.Values["user"] = types.User{
|
||||
UserID: userData.UserID,
|
||||
Email: email,
|
||||
Username: userData.Username,
|
||||
Totp: userData.Totp,
|
||||
Authenticated: false,
|
||||
}
|
||||
storeSession.Save(w)
|
||||
http.Redirect(w, r, "/auth/totp", http.StatusSeeOther)
|
||||
return
|
||||
}
|
||||
|
||||
storeSession := session.Create()
|
||||
storeSession.Values["user"] = types.User{
|
||||
UserID: userData.UserID,
|
||||
|
||||
Reference in New Issue
Block a user