#967

author: syuilo <syuilotan@yahoo.co.jp> 2017-12-08 22:57:58 +0900
committer: syuilo <syuilotan@yahoo.co.jp> 2017-12-08 22:57:58 +0900
commit: 6bc499f6579a9a248430748f9a69f3e5873a5ed3 (patch)
tree: 23c28e990b526c456a194ac938165e307c8bcaae /src/api/endpoints/i/2fa
parent: v3278 (diff)
download: misskey-6bc499f6579a9a248430748f9a69f3e5873a5ed3.tar.gz
misskey-6bc499f6579a9a248430748f9a69f3e5873a5ed3.tar.bz2
misskey-6bc499f6579a9a248430748f9a69f3e5873a5ed3.zip
2 files changed, 85 insertions, 0 deletions
diff --git a/src/api/endpoints/i/2fa/done.ts b/src/api/endpoints/i/2fa/done.ts
new file mode 100644
index 0000000000..0b36033bb6
--- /dev/null
+++ b/src/api/endpoints/i/2fa/done.ts
@@ -0,0 +1,37 @@
+/**
+ * Module dependencies
+ */
+import $ from 'cafy';
+import * as speakeasy from 'speakeasy';
+import User from '../../../models/user';
+
+module.exports = async (params, user) => new Promise(async (res, rej) => {
+	// Get 'token' parameter
+	const [token, tokenErr] = $(params.token).string().$;
+	if (tokenErr) return rej('invalid token param');
+
+	const _token = token.replace(/\s/g, '');
+
+	if (user.two_factor_temp_secret == null) {
+		return rej('二段階認証の設定が開始されていません');
+	}
+
+	const verified = (speakeasy as any).totp.verify({
+		secret: user.two_factor_temp_secret,
+		encoding: 'base32',
+		token: _token
+	});
+
+	if (!verified) {
+		return rej('not verified');
+	}
+
+	await User.update(user._id, {
+		$set: {
+			two_factor_secret: user.two_factor_temp_secret,
+			two_factor_enabled: true
+		}
+	});
+
+	res();
+});
diff --git a/src/api/endpoints/i/2fa/register.ts b/src/api/endpoints/i/2fa/register.ts
new file mode 100644
index 0000000000..c2b5037a29
--- /dev/null
+++ b/src/api/endpoints/i/2fa/register.ts
@@ -0,0 +1,48 @@
+/**
+ * Module dependencies
+ */
+import $ from 'cafy';
+import * as bcrypt from 'bcryptjs';
+import * as speakeasy from 'speakeasy';
+import * as QRCode from 'qrcode';
+import User from '../../../models/user';
+import config from '../../../../conf';
+
+module.exports = async (params, user) => new Promise(async (res, rej) => {
+	// Get 'password' parameter
+	const [password, passwordErr] = $(params.password).string().$;
+	if (passwordErr) return rej('invalid password param');
+
+	// Compare password
+	const same = await bcrypt.compare(password, user.password);
+
+	if (!same) {
+		return rej('incorrect password');
+	}
+
+	// Generate user's secret key
+	const secret = speakeasy.generateSecret({
+		length: 32
+	});
+
+	await User.update(user._id, {
+		$set: {
+			two_factor_temp_secret: secret.base32
+		}
+	});
+
+	// Get the data URL of the authenticator URL
+	QRCode.toDataURL(speakeasy.otpauthURL({
+		secret: secret.base32,
+		encoding: 'base32',
+		label: user.username,
+		issuer: config.host
+	}), (err, data_url) => {
+		res({
+			qr: data_url,
+			secret: secret.base32,
+			label: user.username,
+			issuer: config.host
+		});
+	});
+});
author	syuilo <syuilotan@yahoo.co.jp>	2017-12-08 22:57:58 +0900
committer	syuilo <syuilotan@yahoo.co.jp>	2017-12-08 22:57:58 +0900
commit	6bc499f6579a9a248430748f9a69f3e5873a5ed3 (patch)
tree	23c28e990b526c456a194ac938165e307c8bcaae /src/api/endpoints/i/2fa
parent	v3278 (diff)
download	misskey-6bc499f6579a9a248430748f9a69f3e5873a5ed3.tar.gz misskey-6bc499f6579a9a248430748f9a69f3e5873a5ed3.tar.bz2 misskey-6bc499f6579a9a248430748f9a69f3e5873a5ed3.zip