iv-org-mirror/invidious-copy-2023-06-08
1
0
Fork 0
mirror of https://gitea.invidious.io/iv-org/invidious-copy-2023-06-08.git synced 2024-08-15 00:53:38 +00:00
Code Issues Projects Releases Packages Wiki Activity

Add 2fa to token auth endpoint

Browse source
This commit is contained in:
syeopite 2021-07-15 02:32:53 -07:00
parent 7cfee1dc94
commit 79daa920e1
No known key found for this signature in database
GPG key ID: 6FA616E5A5294A82
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/invidious.cr
View file

@ -1036,6 +1036,11 @@ get "/authorize_token" do |env|
user = user.as(User) user = user.as(User)
sid = sid.as(String) sid = sid.as(String)
if user.totp_secret && env.request.cookies["2faVerified"]?.try &.value != "1" || nil
next call_totp_validator(env, user, sid, locale)
end
csrf_token = generate_response(sid, {":authorize_token"}, HMAC_KEY, PG_DB) csrf_token = generate_response(sid, {":authorize_token"}, HMAC_KEY, PG_DB)
scopes = env.params.query["scopes"]?.try &.split(",") scopes = env.params.query["scopes"]?.try &.split(",")