From 114523e69e30a90bc7bc043254cfc89e3a523c46 Mon Sep 17 00:00:00 2001
From: Satsuki Yanagi <17376330+u1-liquid@users.noreply.github.com>
Date: Fri, 5 Jul 2019 07:48:12 +0900
Subject: Fix WebAuthn login (#5103)

---
 src/server/api/endpoints/i/2fa/getkeys.ts | 67 -------------------------------
 1 file changed, 67 deletions(-)
 delete mode 100644 src/server/api/endpoints/i/2fa/getkeys.ts

(limited to 'src/server/api/endpoints/i')

diff --git a/src/server/api/endpoints/i/2fa/getkeys.ts b/src/server/api/endpoints/i/2fa/getkeys.ts
deleted file mode 100644
index bb1585d795..0000000000
--- a/src/server/api/endpoints/i/2fa/getkeys.ts
+++ /dev/null
@@ -1,67 +0,0 @@
-import $ from 'cafy';
-import * as bcrypt from 'bcryptjs';
-import * as crypto from 'crypto';
-import define from '../../../define';
-import { UserProfiles, UserSecurityKeys, AttestationChallenges } from '../../../../../models';
-import { ensure } from '../../../../../prelude/ensure';
-import { promisify } from 'util';
-import { hash } from '../../../2fa';
-import { genId } from '../../../../../misc/gen-id';
-
-export const meta = {
-	requireCredential: true,
-
-	secure: true,
-
-	params: {
-		password: {
-			validator: $.str
-		}
-	}
-};
-
-const randomBytes = promisify(crypto.randomBytes);
-
-export default define(meta, async (ps, user) => {
-	const profile = await UserProfiles.findOne(user.id).then(ensure);
-
-	// Compare password
-	const same = await bcrypt.compare(ps.password, profile.password!);
-
-	if (!same) {
-		throw new Error('incorrect password');
-	}
-
-	const keys = await UserSecurityKeys.find({
-		userId: user.id
-	});
-
-	if (keys.length === 0) {
-		throw new Error('no keys found');
-	}
-
-	// 32 byte challenge
-	const entropy = await randomBytes(32);
-	const challenge = entropy.toString('base64')
-		.replace(/=/g, '')
-		.replace(/\+/g, '-')
-		.replace(/\//g, '_');
-
-	const challengeId = genId();
-
-	await AttestationChallenges.save({
-		userId: user.id,
-		id: challengeId,
-		challenge: hash(Buffer.from(challenge, 'utf-8')).toString('hex'),
-		createdAt: new Date(),
-		registrationChallenge: false
-	});
-
-	return {
-		challenge,
-		challengeId,
-		securityKeys: keys.map(key => ({
-			id: key.id
-		}))
-	};
-});
-- 
cgit v1.2.3-freya