mirrors/puter
1
0
Fork 0
mirror of https://github.com/HeyPuter/puter synced 2024-11-15 06:15:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use username as otp label

Browse Source
This commit is contained in:
KernelDeimos 2024-05-01 23:48:37 -04:00
parent 3bf7737790
commit 2681a78501
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
packages/backend/src/routers/auth/configure-2fa.js
View File

@ -28,7 +28,7 @@ module.exports = eggspress('/auth/configure-2fa/:action', {
const svc_otp = x.get('services').get('otp');
// generate secret
const result = svc_otp.create_secret();
const result = svc_otp.create_secret(user.username);
// generate recovery codes
result.codes = [];

2
packages/backend/src/routers/login.js
View File

@ -173,7 +173,7 @@ router.post('/login/otp', express.json(), body_parser_error_handler, async (req,
}
const svc_otp = req.services.get('otp');
if ( ! svc_otp.verify(user.otp_secret, req.body.code) ) {
if ( ! svc_otp.verify(user.username, user.otp_secret, req.body.code) ) {
// THIS MAY BE COUNTER-INTUITIVE
//

8
packages/backend/src/services/auth/OTPService.js
View File

@ -7,14 +7,14 @@ class OTPService extends BaseService {
['hi-base32']: require('hi-base32'),
}
create_secret () {
create_secret (label) {
const require = this.require;
const otpauth = require('otpauth');
const secret = this.gen_otp_secret_();
const totp = new otpauth.TOTP({
issuer: 'puter.com',
label: 'Puter Auth',
label,
algorithm: 'SHA1',
digits: 6,
secret,
@ -36,13 +36,13 @@ class OTPService extends BaseService {
return code;
}
verify (secret, code) {
verify (label, secret, code) {
const require = this.require;
const otpauth = require('otpauth');
const totp = new otpauth.TOTP({
issuer: 'puter.com',
label: 'Puter Auth',
label,
algorithm: 'SHA1',
digits: 6,
secret,