From 76ad9517f6720f0c0da4329e1b1b2f9f9c599623 Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Fri, 12 Mar 2021 17:57:50 +0000 Subject: [PATCH] --- ayanova/src/views/login.vue | 58 +++++++++++++++---------------------- 1 file changed, 23 insertions(+), 35 deletions(-) diff --git a/ayanova/src/views/login.vue b/ayanova/src/views/login.vue index 302406e2..dd8cf88d 100644 --- a/ayanova/src/views/login.vue +++ b/ayanova/src/views/login.vue @@ -198,6 +198,8 @@ export default { authVerifyCode: null, cancel: null, pin: null, + tt: null, + loggedInWithKnownPassword: false, hasSmallLogo: false, hasMediumLogo: false, hasLargeLogo: false, @@ -368,22 +370,16 @@ export default { methods: { async tfaVerify() { // - //send 2fa code to server if ok, then proceed as normal - let vm = this; - if (vm.input.username != "" && vm.input.password != "") { + //send 2fa code to server if ok, then proceed as normal + let vm = this; + if (vm.pin && vm.pin != "") { vm.errorBadCreds = false; - let loggedInWithKnownPassword = - vm.input.username == "superuser" && vm.input.password == "l3tm3in"; try { - let res = await window.$gz.api.upsert( - "auth", - { - login: vm.input.username, - password: vm.input.password - }, - true - ); + let res = await window.$gz.api.post("auth/tfa-authenticate", { + pin: vm.pin, + tempToken: vm.tt + }); if (res.error) { //don't expect this to ever get called but just in case @@ -391,20 +387,7 @@ export default { throw new Error(window.$gz.errorHandler.errorToString(res, vm)); } - //check for 2fa enabled, if so then need to do one more step before process login can be called - if (res.data.tfa) { - this.authTwoFactor = res.data.authTwoFactor; - this.authEnterPin = res.data.authEnterPin; - this.authVerifyCode = res.data.authVerifyCode; - this.cancel = res.data.cancel; - this.pin = null; - //prompt for 2fa - tfaDialog = true; - return; - - } - - await this.step2(res, loggedInWithKnownPassword); + await this.step2(res); } catch (error) { //bad creds? if ( @@ -439,11 +422,16 @@ export default { } } } - }, cancelTfaVerify() { - //todo: reset values here, reload page, ??? - this.tfaDialog=false; + //todo: maybe redirect to login page instead?? + let vm = this; + vm.tt = null; + vm.pin = null; + vm.errorBadCreds = false; + vm.input.username = null; + vm.input.password = null; + vm.tfaDialog = false; }, showFooterLogo() { return ( @@ -499,7 +487,7 @@ export default { let vm = this; if (vm.input.username != "" && vm.input.password != "") { vm.errorBadCreds = false; - let loggedInWithKnownPassword = + vm.loggedInWithKnownPassword = vm.input.username == "superuser" && vm.input.password == "l3tm3in"; try { @@ -523,15 +511,15 @@ export default { this.authTwoFactor = res.data.authTwoFactor; this.authEnterPin = res.data.authEnterPin; this.authVerifyCode = res.data.authVerifyCode; + this.tt = res.data.tt; this.cancel = res.data.cancel; this.pin = null; //prompt for 2fa tfaDialog = true; return; - } - await this.step2(res, loggedInWithKnownPassword); + await this.step2(res); } catch (error) { //bad creds? if ( @@ -567,9 +555,9 @@ export default { } } }, - async step2(res, loggedInWithKnownPassword) { + async step2(res) { let vm = this; - await processLogin(res.data, loggedInWithKnownPassword); + await processLogin(res.data, vm.loggedInWithKnownPassword); //check if support and updates has expired and is paid for license and show warning if so if (