janishutz/libreevent
1
0
Fork 0
mirror of https://github.com/janishutz/libreevent.git synced 2025-11-25 21:34:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

working 2fa system

Browse Source
This commit is contained in:
Janis Hutz
2023-08-02 14:13:21 +02:00
parent 242bfa012e
commit de3ab81be2
21 changed files with 717 additions and 143 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/server/backend/credentials/2fa.js
View File

@@ -8,13 +8,16 @@
*/
const token = require( '../token.js' );
// let createSSRApp = require( 'vue' ).createSSRApp;
// let renderToString = require( 'vue/server-renderer' ).renderToString;
let createSSRApp = require( 'vue' ).createSSRApp;
let renderToString = require( 'vue/server-renderer' ).renderToString;
const fs = require( 'fs' );
const path = require( 'path' );
class TwoFA {
constructor () {
this.tokenStore = {};
this.references = {};
this.pwdChangeTokens = {};
}
registerStandardAuthentication () {
@@ -61,6 +64,29 @@ class TwoFA {
} else if ( this.tokenStore[ token ]?.mode === 'enhanced' ) return 'enhanced';
else return 'invalid';
}
generatePwdChangeToken () {
// TODO: Gen token and store in store
return 'test';
}
async generateTwoFAMail ( token, ip, domain, pageName ) {
const tok = this.generatePwdChangeToken();
const app = createSSRApp( {
data() {
return {
token: token,
ip: ip,
host: domain,
pageName: pageName,
pwdChangeToken: tok,
};
},
template: '' + fs.readFileSync( path.join( __dirname + '/twoFAMail.html' ) )
} );
return await renderToString( app );
}
}
module.exports = TwoFA;

14
src/server/backend/credentials/pwdmanager.js
View File

@@ -19,9 +19,17 @@ const db = require( '../db/db.js' );
module.exports.checkpassword = function checkpassword ( email, password ) {
return new Promise( resolve => {
db.getDataSimple( 'user', 'email', email ).then( data => {
bcrypt.compare( password, data ).then( data => {
resolve( data );
} );
if ( data ) {
if ( data[ 0 ] ) {
bcrypt.compare( password, data[ 0 ].pass ).then( res => {
resolve( res );
} );
} else {
resolve( false );
}
} else {
resolve( false );
}
} );
} );
};

70
src/server/backend/credentials/twoFAMail.html Normal file
View File

@@ -0,0 +1,70 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Two-Factor Authentication</title>
<style>
body {
font-family: sans-serif;
width: 100%;
height: 800px;
margin: 0;
display: flex;
justify-content: center;
align-items: center;
flex-direction: column;
}
.content {
width: 80%;
height: 90%;
display: flex;
justify-content: center;
align-items: center;
flex-direction: column;
}
.ip {
color: rgb(94, 94, 94);
}
.logo {
width: 70vw;
}
.verify {
padding: 20px 30px;
background-color: rgb(0, 7, 87);
text-decoration: none;
color: white;
transition: 0.5s all;
border-radius: 5px;
margin-bottom: 20px;
}
.verify:hover {
background-color: rgb(0, 12, 139);
}
@media only screen and (min-width: 999px) {
.logo {
width: 20vw;
}
.content {
width: 40vw;
}
}
</style>
</head>
<body>
<div class="content">
<img :src="host + '/otherAssets/logo.png'" alt="Logo" class="logo">
<h1>Welcome back!</h1>
<p>It looks like someone is trying to sign in to your account at {{ pageName }}. If it was you, please click the button below to confirm the login. If not, please <a :href="host + '/account/changePassword?token=' + pwdChangeToken">change</a> your password immediately.</p>
<p class="ip">Logging in from IP {{ ip }}.</p>
<a :href="host + '/user/2fa?token=' + token" class="verify">Verify</a>
</div>
</body>
</html>

4
src/server/backend/db/mysqldb.js
View File

@@ -55,11 +55,11 @@ class SQLDB {
if ( error ) throw error;
if ( results[ 0 ][ '@@default_storage_engine' ] !== 'InnoDB' ) return 'DB HAS TO USE InnoDB!';
} );
this.sqlConnection.query( 'CREATE TABLE libreevent_users ( account_id INT ( 10 ) NOT NULL AUTO_INCREMENT, email TINYTEXT NOT NULL, pass TEXT, street TEXT, house_number TINYTEXT, country TEXT, phone TEXT, name TEXT, first_name TEXT, data VARCHAR( 10000 ), PRIMARY KEY ( account_id ) ) ENGINE=INNODB;', ( error ) => {
this.sqlConnection.query( 'CREATE TABLE libreevent_users ( account_id INT ( 10 ) NOT NULL AUTO_INCREMENT, email TINYTEXT NOT NULL, pass TEXT, street TEXT, house_number TINYTEXT, country TEXT, phone TEXT, name TEXT, first_name TEXT, two_fa TINYTEXT, PRIMARY KEY ( account_id ) ) ENGINE=INNODB;', ( error ) => {
if ( error ) if ( error.code !== 'ER_TABLE_EXISTS_ERROR' ) throw error;
this.sqlConnection.query( 'CREATE TABLE libreevent_orders ( order_id INT ( 10 ) NOT NULL AUTO_INCREMENT, account_id INT ( 10 ) NOT NULL, seats VARCHAR( 60000 ), PRIMARY KEY ( order_id ), FOREIGN KEY ( account_id ) REFERENCES libreevent_users( account_id ) ) ENGINE=INNODB;', ( error ) => {
if ( error ) if ( error.code !== 'ER_TABLE_EXISTS_ERROR' ) throw error;
this.sqlConnection.query( 'CREATE TABLE libreevent_admin ( account_id INT NOT NULL AUTO_INCREMENT, email TINYTEXT, pass TEXT, permissions VARCHAR( 1000 ), PRIMARY KEY ( account_id ) );', ( error ) => {
this.sqlConnection.query( 'CREATE TABLE libreevent_admin ( account_id INT NOT NULL AUTO_INCREMENT, email TINYTEXT, pass TEXT, permissions VARCHAR( 1000 ), username TINYTEXT, two_fa TINYTEXT, PRIMARY KEY ( account_id ) );', ( error ) => {
if ( error ) if ( error.code !== 'ER_TABLE_EXISTS_ERROR' ) throw error;
this.sqlConnection.query( 'CREATE TABLE libreevent_temp ( entry_id INT NOT NULL AUTO_INCREMENT, user_id TINYTEXT, data VARCHAR( 60000 ), timestamp TINYTEXT, PRIMARY KEY ( entry_id ) );', ( error ) => {
if ( error ) if ( error.code !== 'ER_TABLE_EXISTS_ERROR' ) throw error;

58
src/server/backend/userRoutes.js
View File

@@ -12,32 +12,61 @@ const pwdmanager = require( './credentials/pwdmanager.js' );
const auth = require( './credentials/2fa.js' );
const twoFA = new auth();
const path = require( 'path' );
const mail = require( './mail/mailSender.js' );
const mailManager = new mail();
let responseObjects = {};
let authOk = {};
module.exports = ( app, settings ) => {
app.post( '/api/reserveTicket', ( request, response ) => {
db.getData( 'test', request.body );
response.send( 'ok' );
app.get( '/user/details', ( request, response ) => {
if ( request.session.loggedInUser ) {
db.getDataSimple( 'users', 'email', request.session.username ).then( data => {
if ( data[ 0 ] ) {
let dat = data[ 0 ];
delete dat[ 'pass' ];
response.send( { 'data': dat, 'status': true } );
} else {
response.send( { 'data': 'This user does not exist', 'status': false } );
}
} ).catch( () => {
response.send( { 'data': 'There was an error reading data from the database. If this error persists, please contact the administrators', 'status': false } );
} );
} else {
response.status( 403 ).send( path.join( __dirname + '/../ui/en/errors/403.html' ) );
}
} );
app.get( '/test/user', ( req, res ) => {
req.session.loggedInUser = true;
req.session.username = 'info@janishutz.com';
res.send( 'ok' );
} );
app.post( '/user/login', ( request, response ) => {
if ( request.body.mail && request.body.password ) {
pwdmanager.checkpassword( request.body.mail, request.body.password ).then( data => {
request.session.username = request.body.mail;
// TODO: Check if user has 2fa enabled
if ( data ) {
// TODO: Send mails
if ( settings.twoFA === 'standard' ) {
let tok = twoFA.registerStandardAuthentication()[ 'token' ];
request.session.token = tok;
console.log( 'http://localhost:8081/user/2fa?token=' + tok );
response.send( { 'status': '2fa' } );
( async () => {
let tok = twoFA.registerStandardAuthentication()[ 'token' ];
let ipRetrieved = request.headers[ 'x-forwarded-for' ];
let ip = ipRetrieved ? ipRetrieved.split( /, / )[ 0 ] : request.connection.remoteAddress;
mailManager.sendMail( request.body.mail, await twoFA.generateTwoFAMail( tok, ip, settings.yourDomain, settings.name ), 'Verify login', settings.mailSender );
request.session.token = tok;
response.send( { 'status': '2fa' } );
} )();
} else if ( settings.twoFA === 'enhanced' ) {
let res = twoFA.registerEnhancedAuthentication();
console.log( 'http://localhost:8081/user/2fa?token=' + res.token );
request.session.token = res.token;
response.send( { 'status': '2fa+', 'code': res.code } );
( async () => {
let res = twoFA.registerEnhancedAuthentication();
let ipRetrieved = request.headers[ 'x-forwarded-for' ];
let ip = ipRetrieved ? ipRetrieved.split( /, / )[ 0 ] : request.connection.remoteAddress;
mailManager.sendMail( request.body.mail, await twoFA.generateTwoFAMail( res.token, ip, settings.yourDomain, settings.name ), 'Verify login', settings.mailSender );
request.session.token = res.token;
response.send( { 'status': '2fa+', 'code': res.code } );
} )();
} else {
request.session.loggedInUser = true;
response.send( { 'status': 'ok' } );
@@ -108,6 +137,11 @@ module.exports = ( app, settings ) => {
} );
app.post( '/user/signup', ( request, response ) => {
// TODO: Make sure that user does not exist yet first and if user
// exists, send back info that it is that way
response.send( 'ok' );
db.writeDataSimple( 'users', 'email', request.body.email, { 'pass': pwdmanager.hashPassword( request.query.password ), 'street': '', 'house_number': '', 'country': request.query.country, 'first_name': request.query.firstName, 'name': request.query.name, 'two_fa': String( request.query.twoFA ) } ).then( res => {
console.log( res );
} );
} );
};