mirror of https://github.com/wg-easy/wg-easy
11 changed files with 166 additions and 93 deletions
@ -1,36 +0,0 @@ |
|||
type PendingLoginChallenge = { |
|||
type: 'password'; |
|||
username: string; |
|||
password: string; |
|||
remember: boolean; |
|||
}; |
|||
|
|||
export const useLoginStore = defineStore('Login', () => { |
|||
const pendingChallenge = ref<PendingLoginChallenge | null>(null); |
|||
|
|||
const hasPendingLogin = computed(() => pendingChallenge.value !== null); |
|||
|
|||
function setPendingPasswordLogin( |
|||
username: string, |
|||
password: string, |
|||
remember: boolean |
|||
) { |
|||
pendingChallenge.value = { |
|||
type: 'password', |
|||
username, |
|||
password, |
|||
remember, |
|||
}; |
|||
} |
|||
|
|||
function clearPendingLogin() { |
|||
pendingChallenge.value = null; |
|||
} |
|||
|
|||
return { |
|||
pendingChallenge, |
|||
hasPendingLogin, |
|||
setPendingPasswordLogin, |
|||
clearPendingLogin, |
|||
}; |
|||
}); |
|||
@ -0,0 +1,10 @@ |
|||
export default defineEventHandler(async (event) => { |
|||
const session = await useWGSession(event, false); |
|||
await session.update({ |
|||
pendingLogin: undefined, |
|||
oauth_nonce: undefined, |
|||
oauth_state: undefined, |
|||
oauth_verifier: undefined, |
|||
}); |
|||
return { success: true as const }; |
|||
}); |
|||
@ -0,0 +1,14 @@ |
|||
export default defineEventHandler(async (event) => { |
|||
const session = await useWGSession(event); |
|||
|
|||
if (!session.data.pendingLogin) { |
|||
throw createError({ |
|||
statusCode: 401, |
|||
statusMessage: 'No pending authentication', |
|||
}); |
|||
} |
|||
|
|||
return { |
|||
type: session.data.pendingLogin.type, |
|||
}; |
|||
}); |
|||
@ -0,0 +1,40 @@ |
|||
import { z } from 'zod'; |
|||
|
|||
const Verify2faSchema = z.object({ |
|||
totpCode: z.string().min(6).max(6), |
|||
}); |
|||
|
|||
export default defineEventHandler(async (event) => { |
|||
const { totpCode } = await readValidatedBody( |
|||
event, |
|||
validateZod(Verify2faSchema, event) |
|||
); |
|||
const session = await useWGSession(event, false); |
|||
|
|||
const pendingLogin = session.data.pendingLogin; |
|||
if (!pendingLogin) { |
|||
throw createError({ |
|||
statusCode: 401, |
|||
statusMessage: 'No pending authentication', |
|||
}); |
|||
} |
|||
|
|||
const isValid = await Database.users.validateTotpCode( |
|||
pendingLogin.userId, |
|||
totpCode |
|||
); |
|||
|
|||
if (!isValid) { |
|||
return { status: 'INVALID_TOTP_CODE' as const }; |
|||
} |
|||
|
|||
await session.update({ |
|||
userId: pendingLogin.userId, |
|||
pendingLogin: undefined, |
|||
oauth_nonce: undefined, |
|||
oauth_state: undefined, |
|||
oauth_verifier: undefined, |
|||
}); |
|||
|
|||
return { status: 'success' as const }; |
|||
}); |
|||
Loading…
Reference in new issue