From 2681a785018bae444f55da815c948e56cf3e052f Mon Sep 17 00:00:00 2001
From: KernelDeimos <eric.alex.dube@gmail.com>
Date: Wed, 1 May 2024 23:48:37 -0400
Subject: [PATCH] Use username as otp label

---
 packages/backend/src/routers/auth/configure-2fa.js | 2 +-
 packages/backend/src/routers/login.js              | 2 +-
 packages/backend/src/services/auth/OTPService.js   | 8 ++++----
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/packages/backend/src/routers/auth/configure-2fa.js b/packages/backend/src/routers/auth/configure-2fa.js
index 231aeb2b..df506701 100644
--- a/packages/backend/src/routers/auth/configure-2fa.js
+++ b/packages/backend/src/routers/auth/configure-2fa.js
@@ -28,7 +28,7 @@ module.exports = eggspress('/auth/configure-2fa/:action', {
         const svc_otp = x.get('services').get('otp');
 
         // generate secret
-        const result = svc_otp.create_secret();
+        const result = svc_otp.create_secret(user.username);
 
         // generate recovery codes
         result.codes = [];
diff --git a/packages/backend/src/routers/login.js b/packages/backend/src/routers/login.js
index 5dfc8b63..52940d59 100644
--- a/packages/backend/src/routers/login.js
+++ b/packages/backend/src/routers/login.js
@@ -173,7 +173,7 @@ router.post('/login/otp', express.json(), body_parser_error_handler, async (req,
     }
 
     const svc_otp = req.services.get('otp');
-    if ( ! svc_otp.verify(user.otp_secret, req.body.code) ) {
+    if ( ! svc_otp.verify(user.username, user.otp_secret, req.body.code) ) {
 
         // THIS MAY BE COUNTER-INTUITIVE
         //
diff --git a/packages/backend/src/services/auth/OTPService.js b/packages/backend/src/services/auth/OTPService.js
index 37d6b7a8..e11f3baf 100644
--- a/packages/backend/src/services/auth/OTPService.js
+++ b/packages/backend/src/services/auth/OTPService.js
@@ -7,14 +7,14 @@ class OTPService extends BaseService {
         ['hi-base32']: require('hi-base32'),
     }
 
-    create_secret () {
+    create_secret (label) {
         const require = this.require;
         const otpauth = require('otpauth');
 
         const secret = this.gen_otp_secret_();
         const totp = new otpauth.TOTP({
             issuer: 'puter.com',
-            label: 'Puter Auth',
+            label,
             algorithm: 'SHA1',
             digits: 6,
             secret,
@@ -36,13 +36,13 @@ class OTPService extends BaseService {
         return code;
     }
 
-    verify (secret, code) {
+    verify (label, secret, code) {
         const require = this.require;
         const otpauth = require('otpauth');
 
         const totp = new otpauth.TOTP({
             issuer: 'puter.com',
-            label: 'Puter Auth',
+            label,
             algorithm: 'SHA1',
             digits: 6,
             secret,