pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-07 03:06:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

finished totp endpoints

Browse Source
This commit is contained in:
Milo Schwartz
2024-10-02 21:55:49 -04:00
parent e85c94d21d
commit 637007e060
10 changed files with 126 additions and 534 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
server/routers/auth/verifyTotp.ts
View File

@@ -41,20 +41,31 @@ export async function verifyTotp(
const { session, user } = await verifySession(req);
if (!session) {
return unauthorized();
return next(unauthorized());
}
if (user.twoFactorEnabled) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Two-factor authentication is already enabled",
),
);
}
if (!user.twoFactorSecret) {
return createHttpError(
HttpCode.BAD_REQUEST,
"User has not requested two-factor authentication",
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"User has not requested two-factor authentication",
),
);
}
const totpController = new TOTPController();
const valid = await totpController.verify(
user.twoFactorSecret,
decodeHex(code),
code,
decodeHex(user.twoFactorSecret),
);
if (valid) {