admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-03-12 01:38:29 +00:00
parent ce4a33ce3c
commit fee905a1ed
2 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.vscode/launch.json vendored
View File

@@ -53,7 +53,7 @@
"AYANOVA_FOLDER_USER_FILES": "c:\\temp\\RavenTestData\\userfiles", "AYANOVA_FOLDER_USER_FILES": "c:\\temp\\RavenTestData\\userfiles",
"AYANOVA_FOLDER_BACKUP_FILES": "c:\\temp\\RavenTestData\\backupfiles", "AYANOVA_FOLDER_BACKUP_FILES": "c:\\temp\\RavenTestData\\backupfiles",
"AYANOVA_FOLDER_TEMPORARY_SERVER_FILES": "c:\\temp\\RavenTestData\\tempfiles", "AYANOVA_FOLDER_TEMPORARY_SERVER_FILES": "c:\\temp\\RavenTestData\\tempfiles",
"AYANOVA_SERVER_TEST_MODE": "true", "AYANOVA_SERVER_TEST_MODE": "false",
"AYANOVA_SERVER_TEST_MODE_SEEDLEVEL": "small", "AYANOVA_SERVER_TEST_MODE_SEEDLEVEL": "small",
"AYANOVA_SERVER_TEST_MODE_TZ_OFFSET": "-7", "AYANOVA_SERVER_TEST_MODE_TZ_OFFSET": "-7",
"AYANOVA_BACKUP_PG_DUMP_PATH": "C:\\data\\code\\postgres_13\\bin\\" "AYANOVA_BACKUP_PG_DUMP_PATH": "C:\\data\\code\\postgres_13\\bin\\"

16
server/AyaNova/Controllers/AuthController.cs
View File

@@ -194,6 +194,18 @@ namespace AyaNova.Api.Controllers
} }
//TWO FACTOR ENABLED??
//if 2fa enabled then need to validate it before sending token, so we're halfway there and need to send a 2fa prompt
if (u.TwoFactorEnabled)
{
return Ok(ApiOkResponse.Response(new
{
tfa = true
}));
}
//build the key (JWT set in startup.cs) //build the key (JWT set in startup.cs)
byte[] secretKey = System.Text.Encoding.ASCII.GetBytes(ServerBootConfig.AYANOVA_JWT_SECRET); byte[] secretKey = System.Text.Encoding.ASCII.GetBytes(ServerBootConfig.AYANOVA_JWT_SECRET);
@@ -450,12 +462,10 @@ namespace AyaNova.Api.Controllers
if (u == null)//should never happen but ? if (u == null)//should never happen but ?
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
//if user already has a secret set then this is not valid, must be re-requested first
//this is to stop someone from messing up someone's login accidentally or maliciously by simply hitting the route logged in as them //this is to stop someone from messing up someone's login accidentally or maliciously by simply hitting the route logged in as them
if (!string.IsNullOrWhiteSpace(u.TotpSecret) || u.TwoFactorEnabled) if (u.TwoFactorEnabled)
return BadRequest(new ApiErrorResponse(ApiErrorCode.INVALID_OPERATION, "generalerror", "2fa already enabled")); return BadRequest(new ApiErrorResponse(ApiErrorCode.INVALID_OPERATION, "generalerror", "2fa already enabled"));
var tfa = new TwoFactorAuth("AyaNova"); var tfa = new TwoFactorAuth("AyaNova");
u.TotpSecret = tfa.CreateSecret(160); u.TotpSecret = tfa.CreateSecret(160);
await ct.SaveChangesAsync(); await ct.SaveChangesAsync();