ayanova/src/views/login.vue

@@ -198,6 +198,8 @@ export default {
       authVerifyCode: null,
       cancel: null,
       pin: null,
+      tt: null,
+      loggedInWithKnownPassword: false,
       hasSmallLogo: false,
       hasMediumLogo: false,
       hasLargeLogo: false,
@@ -368,22 +370,16 @@ export default {
   methods: {
     async tfaVerify() {
       //
-        //send 2fa code to server if ok, then proceed as normal
+      //send 2fa code to server if ok, then proceed as normal
- let vm = this;
+      let vm = this;
-      if (vm.input.username != "" && vm.input.password != "") {
+      if (vm.pin && vm.pin != "") {
         vm.errorBadCreds = false;
-        let loggedInWithKnownPassword =
-          vm.input.username == "superuser" && vm.input.password == "l3tm3in";
 
         try {
-          let res = await window.$gz.api.upsert(
+          let res = await window.$gz.api.post("auth/tfa-authenticate", {
-            "auth",
+            pin: vm.pin,
-            {
+            tempToken: vm.tt
-              login: vm.input.username,
+          });
-              password: vm.input.password
-            },
-            true
-          );
 
           if (res.error) {
             //don't expect this to ever get called but just in case
@@ -391,20 +387,7 @@ export default {
             throw new Error(window.$gz.errorHandler.errorToString(res, vm));
           }
 
-          //check for 2fa enabled, if so then need to do one more step before process login can be called
+          await this.step2(res);
-          if (res.data.tfa) {
-            this.authTwoFactor = res.data.authTwoFactor;
-            this.authEnterPin = res.data.authEnterPin;
-            this.authVerifyCode = res.data.authVerifyCode;
-            this.cancel = res.data.cancel;
-            this.pin = null;
-            //prompt for 2fa
-            tfaDialog = true;
-            return;
-          
-          }
-
-          await this.step2(res, loggedInWithKnownPassword);
         } catch (error) {
           //bad creds?
           if (
@@ -439,11 +422,16 @@ export default {
           }
         }
       }
-           
     },
     cancelTfaVerify() {
-      //todo: reset values here, reload page, ???
+      //todo: maybe redirect to login page instead??
-      this.tfaDialog=false;
+      let vm = this;
+      vm.tt = null;
+      vm.pin = null;
+      vm.errorBadCreds = false;
+      vm.input.username = null;
+      vm.input.password = null;
+      vm.tfaDialog = false;
     },
     showFooterLogo() {
       return (
@@ -499,7 +487,7 @@ export default {
       let vm = this;
       if (vm.input.username != "" && vm.input.password != "") {
         vm.errorBadCreds = false;
-        let loggedInWithKnownPassword =
+        vm.loggedInWithKnownPassword =
           vm.input.username == "superuser" && vm.input.password == "l3tm3in";
 
         try {
@@ -523,15 +511,15 @@ export default {
             this.authTwoFactor = res.data.authTwoFactor;
             this.authEnterPin = res.data.authEnterPin;
             this.authVerifyCode = res.data.authVerifyCode;
+            this.tt = res.data.tt;
             this.cancel = res.data.cancel;
             this.pin = null;
             //prompt for 2fa
             tfaDialog = true;
             return;
-          
           }
 
-          await this.step2(res, loggedInWithKnownPassword);
+          await this.step2(res);
         } catch (error) {
           //bad creds?
           if (
@@ -567,9 +555,9 @@ export default {
         }
       }
     },
-    async step2(res, loggedInWithKnownPassword) {
+    async step2(res) {
       let vm = this;
-      await processLogin(res.data, loggedInWithKnownPassword);
+      await processLogin(res.data, vm.loggedInWithKnownPassword);
 
       //check if support and updates has expired and is paid for license and show warning if so
       if (