janishutz/libreevent
1
0
Fork 0
mirror of https://github.com/janishutz/libreevent.git synced 2025-11-25 21:34:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

almost finished admin auth system

Browse Source
This commit is contained in:
Janis Hutz
2023-07-16 13:40:40 +02:00
parent afdaf13048
commit 8b6c190e15
7 changed files with 438 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
src/server/admin/2fa.js Normal file
View File

@@ -0,0 +1,66 @@
/*
* libreevent - 2fa.js
*
* Created by Janis Hutz 07/11/2023, Licensed under the GPL V3 License
* https://janishutz.com, development@janishutz.com
*
*
*/
const token = require( '../backend/token.js' );
// let createSSRApp = require( 'vue' ).createSSRApp;
// let renderToString = require( 'vue/server-renderer' ).renderToString;
class TwoFA {
constructor () {
this.tokenStore = {};
this.references = {};
}
registerStandardAuthentication () {
let tok = token.generateToken( 60 );
while ( this.tokenStore[ tok ] ) {
tok = token.generateToken( 60 );
}
this.tokenStore[ tok ] = { 'mode': 'standard' };
return { 'token': tok };
}
registerEnhancedAuthentication () {
let tok = token.generateToken( 60 );
while ( this.tokenStore[ tok ] ) {
tok = token.generateToken( 60 );
}
let code = token.generateNumber( 6 );
this.tokenStore[ tok ] = { 'mode': 'enhanced', 'code': code };
return { 'code': code, 'token': tok };
}
storeTokenReference ( token, sessionID ) {
this.references[ token ] = sessionID;
}
getTokenReference ( token ) {
return this.references[ token ];
}
verifyEnhanced ( token, number = '' ) {
if ( this.tokenStore[ token ]?.mode === 'standard' ) return true;
else if ( this.tokenStore[ token ]?.mode === 'enhanced' ) {
if ( this.tokenStore[ token ].code == number ) {
delete this.tokenStore[ token ];
return true;
} else return false;
} else return false;
}
verifySimple ( token ) {
if ( this.tokenStore[ token ]?.mode === 'standard' ) {
delete this.tokenStore[ token ];
return 'standard';
} else if ( this.tokenStore[ token ]?.mode === 'enhanced' ) return 'enhanced';
else return 'invalid';
}
}
module.exports = TwoFA;

2
src/server/admin/pwdmanager.js
View File

@@ -20,7 +20,7 @@ const db = require( '../backend/db/db.js' );
module.exports.checkpassword = function checkpassword ( username, password ) {
return new Promise( resolve => {
db.getData( 'admin', username ).then( data => {
db.getDataSimple( 'admin', 'email', username ).then( data => {
resolve( bcrypt.compareSync( password, data ) );
} );
} );

75
src/server/admin/routes.js
View File

@@ -7,7 +7,13 @@
*
*/
// const db = require( './db/db.js' );
const pwdmanager = require( './pwdmanager.js' );
const auth = require( './2fa.js' );
const twoFA = new auth();
const path = require( 'path' );
let responseObjects = {};
module.exports = ( app, settings ) => {
/*
@@ -15,19 +21,68 @@ module.exports = ( app, settings ) => {
*/
app.post( '/admin/auth', ( request, response ) => {
pwdmanager.checkpassword( request.body.mail, request.body.pwd ).then( data => {
if ( data ) {
if ( settings.twoFA ) {
// TODO: Support both methods of 2fa
response.send( '2fa' );
if ( request.body.mail && request.body.password ) {
pwdmanager.checkpassword( request.body.mail, request.body.password ).then( data => {
request.session.username = request.body.mail;
if ( data ) {
// TODO: Send mails
// TODO: Check if user has 2fa enabled
if ( settings.twoFA === 'standard' ) {
let tok = twoFA.registerStandardAuthentication()[ 'token' ];
request.session.token = tok;
console.log( 'http://localhost:8081/admin/2fa?token=' + tok );
response.send( { 'status': '2fa' } );
} else if ( settings.twoFA === 'enhanced' ) {
let res = twoFA.registerEnhancedAuthentication();
console.log( 'http://localhost:8081/admin/2fa?token=' + res.token );
request.session.token = res.token;
response.send( { 'status': '2fa+', 'code': res.code } );
} else {
request.session.loggedInUser = true;
response.send( { 'status': 'ok' } );
}
} else {
request.session.loggedInAdmin = true;
response.send( 'ok' );
response.send( { 'status': 'pwErr' } );
}
} else {
response.send( 'pwErr' );
}
} );
} else {
response.send( 'missingCredentials' );
}
} );
app.get( '/admin/2fa', ( request, response ) => {
// TODO: Add multi language
let tokType = twoFA.verifySimple( request.query.token );
if ( tokType === 'standard' ) {
request.session.loggedInAdmin = true;
responseObjects[ request.query.token ].write( 'data: authenticated\n\n' );
response.sendFile( path.join( __dirname + '/../ui/en/2fa/2faSimple.html' ) );
} else if ( tokType === 'enhanced' ) {
response.sendFile( path.join( __dirname + '/../ui/en/2fa/2faEnhancedAdmin.html' ) );
} else {
response.sendFile( path.join( __dirname + '/../ui/en/2fa/2faInvalid.html' ) );
}
} );
app.post( '/admin/2fa/verify', ( request, response ) => {
let verified = twoFA.verifyEnhanced( request.body.token, request.body.code );
if ( verified ) {
request.session.loggedInAdmin = true;
responseObjects[ request.body.token ].write( 'data: authenticated\n\n' );
response.send( 'ok' );
} else response.send( 'wrong' );
} );
app.get( '/admin/2fa/check', ( request, response ) => {
response.writeHead( 200, {
'Content-Type': 'text/event-stream',
'Cache-Control': 'no-cache',
'Connection': 'keep-alive',
} );
response.status( 200 );
response.flushHeaders();
response.write( 'data: connected\n\n' );
responseObjects[ request.session.token ] = response;
} );
app.get( '/test/login', ( request, response ) => {