Document 2fa functions

This commit is contained in:
syeopite 2021-07-16 14:25:50 -07:00
parent 9b2b661c85
commit 2d47243c12
No known key found for this signature in database
GPG key ID: 6FA616E5A5294A82
2 changed files with 23 additions and 7 deletions

View file

@ -472,6 +472,10 @@ def fetch_random_instance
return filtered_instance_list.sample(1)[0] return filtered_instance_list.sample(1)[0]
end end
# Templates the 2fa validator page.
#
# Requires the env, user, sid and locale variables for
# generating a csrf_token and the required variables for the view.
def call_totp_validator(env, user, sid, locale) def call_totp_validator(env, user, sid, locale)
referer = URI.decode_www_form(env.get?("current_page").to_s) referer = URI.decode_www_form(env.get?("current_page").to_s)
csrf_token = generate_response(sid, {":2fa/validate"}, HMAC_KEY, PG_DB) csrf_token = generate_response(sid, {":2fa/validate"}, HMAC_KEY, PG_DB)

View file

@ -3,7 +3,7 @@ require "./base_route"
# Different routes relating to existing accounts and the control of their data. # Different routes relating to existing accounts and the control of their data.
class Invidious::Routes::Accounts < Invidious::Routes::BaseRoute class Invidious::Routes::Accounts < Invidious::Routes::BaseRoute
# Setup 2fa page # Templates the page to setup 2fa on an user account
def setup_2fa_page(env) def setup_2fa_page(env)
locale = LOCALES[env.get("preferences").as(Preferences).locale]? locale = LOCALES[env.get("preferences").as(Preferences).locale]?
@ -11,6 +11,10 @@ class Invidious::Routes::Accounts < Invidious::Routes::BaseRoute
sid = env.get? "sid" sid = env.get? "sid"
referer = get_referer(env, unroll: false) referer = get_referer(env, unroll: false)
if !user
return env.redirect referer
end
user = user.as(User) user = user.as(User)
sid = sid.as(String) sid = sid.as(String)
csrf_token = generate_response(sid, {":2fa/setup"}, HMAC_KEY, PG_DB) csrf_token = generate_response(sid, {":2fa/setup"}, HMAC_KEY, PG_DB)
@ -22,19 +26,27 @@ class Invidious::Routes::Accounts < Invidious::Routes::BaseRoute
return templated "account/setup_2fa" return templated "account/setup_2fa"
end end
# Remove 2fa page # Templates the page to remove 2fa on an user account
def remove_2fa_page(env) def remove_2fa_page(env)
locale = LOCALES[env.get("preferences").as(Preferences).locale]? locale = LOCALES[env.get("preferences").as(Preferences).locale]?
referer = get_referer(env) referer = get_referer(env)
user = env.get("user").as(User) user = env.get? "user"
sid = env.get("sid").as(String) sid = env.get? "sid"
referer = get_referer(env, unroll: false)
if !user
return env.redirect referer
end
user = user.as(User)
sid = sid.as(String)
csrf_token = generate_response(sid, {":2fa/remove"}, HMAC_KEY, PG_DB) csrf_token = generate_response(sid, {":2fa/remove"}, HMAC_KEY, PG_DB)
return templated "account/remove_2fa" return templated "account/remove_2fa"
end end
# Remove 2fa post request. # Handles requests to remove 2fa on an user account
def remove_2fa(env) def remove_2fa(env)
locale = LOCALES[env.get("preferences").as(Preferences).locale]? locale = LOCALES[env.get("preferences").as(Preferences).locale]?
@ -59,7 +71,7 @@ class Invidious::Routes::Accounts < Invidious::Routes::BaseRoute
PG_DB.exec("UPDATE users SET totp_secret = $1 WHERE email = $2", nil, user.email) PG_DB.exec("UPDATE users SET totp_secret = $1 WHERE email = $2", nil, user.email)
end end
# Setup 2fa post request. # Handles requests to setup 2fa on an user account
def setup_2fa(env) def setup_2fa(env)
locale = LOCALES[env.get("preferences").as(Preferences).locale]? locale = LOCALES[env.get("preferences").as(Preferences).locale]?
@ -96,7 +108,7 @@ class Invidious::Routes::Accounts < Invidious::Routes::BaseRoute
env.redirect referer env.redirect referer
end end
# Validate 2fa code endpoint # Handles requests to validate a TOTP code on an user account
def validate_2fa(env) def validate_2fa(env)
locale = LOCALES[env.get("preferences").as(Preferences).locale]? locale = LOCALES[env.get("preferences").as(Preferences).locale]?
referer = get_referer(env, unroll: false) referer = get_referer(env, unroll: false)