working 2fa system

src/server/admin/2fa.js

@@ -8,8 +8,10 @@
 */
 
 const token = require( '../backend/token.js' );
-// let createSSRApp = require( 'vue' ).createSSRApp;
-// let renderToString = require( 'vue/server-renderer' ).renderToString;
+let createSSRApp = require( 'vue' ).createSSRApp;
+let renderToString = require( 'vue/server-renderer' ).renderToString;
+const fs = require( 'fs' );
+const path = require( 'path' );
 
 class TwoFA {
     constructor () {
@@ -61,6 +63,22 @@ class TwoFA {
         } else if ( this.tokenStore[ token ]?.mode === 'enhanced' ) return 'enhanced';
         else return 'invalid';
     }
+
+    async generateTwoFAMail ( token, ip, domain, pageName ) {
+        const app = createSSRApp( {
+            data() {
+                return {
+                    token: token,
+                    ip: ip,
+                    host: domain,
+                    pageName: pageName,
+                };
+            },
+            template: '' + fs.readFileSync( path.join( __dirname + '/twoFAMail.html' ) )
+        } );
+
+        return await renderToString( app );
+    }
 }
 
 module.exports = TwoFA;

src/server/admin/adminRoutes.js

@@ -12,13 +12,15 @@ const pwdmanager = require( './pwdmanager.js' );
 const auth = require( './2fa.js' );
 const twoFA = new auth();
 const path = require( 'path' );
+const mail = require( '../backend/mail/mailSender.js' );
+const mailManager = new mail();
 
 let responseObjects = {};
 let authOk = {};
 
 module.exports = ( app, settings ) => {
     /* 
-        Admin login route that checks the password
+    Admin login route that checks the password
     */
    
     app.post( '/admin/auth', ( request, response ) => {
@@ -26,18 +28,26 @@ module.exports = ( app, settings ) => {
             pwdmanager.checkpassword( request.body.mail, request.body.password ).then( data => {
                 request.session.username = request.body.mail;
                 if ( data ) {
-                    // TODO: Send mails
+                    request.session.username = request.body.mail;
                     // TODO: Check if user has 2fa enabled
                     if ( settings.twoFA === 'standard' ) {
-                        let tok = twoFA.registerStandardAuthentication()[ 'token' ];
-                        request.session.token = tok;
-                        console.log( 'http://localhost:8081/admin/2fa?token=' + tok );
-                        response.send( { 'status': '2fa' } );
+                        ( async () => {
+                            let tok = twoFA.registerStandardAuthentication()[ 'token' ];
+                            let ipRetrieved = request.headers[ 'x-forwarded-for' ];
+                            let ip = ipRetrieved ? ipRetrieved.split( /, / )[ 0 ] : request.connection.remoteAddress;
+                            mailManager.sendMail( request.body.mail, await twoFA.generateTwoFAMail( tok, ip, settings.yourDomain, settings.name ), 'Verify admin account login', settings.mailSender );
+                            request.session.token = tok;
+                            response.send( { 'status': '2fa' } );
+                        } )();
                     } else if ( settings.twoFA === 'enhanced' ) {
-                        let res = twoFA.registerEnhancedAuthentication();
-                        console.log( 'http://localhost:8081/admin/2fa?token=' + res.token );
-                        request.session.token = res.token;
-                        response.send( { 'status': '2fa+', 'code': res.code } );
+                        ( async () => {
+                            let res = twoFA.registerEnhancedAuthentication();
+                            let ipRetrieved = request.headers[ 'x-forwarded-for' ];
+                            let ip = ipRetrieved ? ipRetrieved.split( /, / )[ 0 ] : request.connection.remoteAddress;
+                            mailManager.sendMail( request.body.mail, await twoFA.generateTwoFAMail( res.token, ip, settings.yourDomain, settings.name ), 'Verify admin account login', settings.mailSender );
+                            request.session.token = res.token;
+                            response.send( { 'status': '2fa+', 'code': res.code } );
+                        } )();
                     } else {
                         request.session.loggedInUser = true;
                         response.send( { 'status': 'ok' } );

src/server/admin/pwdmanager.js

@@ -21,7 +21,17 @@ const db = require( '../backend/db/db.js' );
 module.exports.checkpassword = ( username, password ) => {
     return new Promise( resolve => {
         db.getDataSimple( 'admin', 'email', username ).then( data => {
-            resolve( bcrypt.compareSync( password, data ) );
+            if ( data ) {
+                if ( data[ 0 ] ) {
+                    bcrypt.compare( password, data[ 0 ].pass ).then( res => {
+                        resolve( res );
+                    } );
+                } else {
+                    resolve( false );
+                }
+            } else {
+                resolve( false );
+            }
         } );
     } );
 };

src/server/admin/twoFAMail.html

@@ -0,0 +1,70 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <title>Two-Factor Authentication</title>
+        <style>
+            body {
+                font-family: sans-serif;
+                width: 100%;
+                height: 800px;
+                margin: 0;
+                display: flex;
+                justify-content: center;
+                align-items: center;
+                flex-direction: column;
+            }
+
+            .content {
+                width: 80%;
+                height: 90%;
+                display: flex;
+                justify-content: center;
+                align-items: center;
+                flex-direction: column;
+            }
+
+            .ip {
+                color: rgb(94, 94, 94);
+            }
+
+            .logo {
+                width: 70vw;
+            }
+
+            .verify {
+                padding: 20px 30px;
+                background-color: rgb(0, 7, 87);
+                text-decoration: none;
+                color: white;
+                transition: 0.5s all;
+                border-radius: 5px;
+                margin-bottom: 20px;
+            }
+
+            .verify:hover {
+                background-color: rgb(0, 12, 139);
+            }
+
+            @media only screen and (min-width: 999px) {
+                .logo {
+                    width: 20vw;
+                }
+
+                .content {
+                    width: 40vw;
+                }
+            }
+        </style>
+    </head>
+    <body>
+        <div class="content">
+            <img :src="host + '/otherAssets/logo.png'" alt="Logo" class="logo">
+            <h1>Welcome back!</h1>
+            <p>It looks like someone is trying to sign in to your admin account at {{ pageName }}. If it was you, please click the button below to confirm the login. If not, please <a :href="host + '/admin/profile/settings'">change</a> your password immediately or have it changed by the root account!</p>
+            <p class="ip">Logging in from IP {{ ip }}.</p>
+            <a :href="host + '/admin/2fa?token=' + token" class="verify">Verify</a>
+        </div>
+    </body>
+</html>