Add endpoint to disable 2fa

2024-08-15 00:53:38 +00:00 · 2021-07-15 02:42:44 -07:00 · 2021-07-15 02:42:44 -07:00 · 946275c187
commit 946275c187
parent 79daa920e1
41 changed files with 177 additions and 40 deletions
--- a/locales/ar.json
+++ b/locales/ar.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/bn_BD.json
+++ b/locales/bn_BD.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/cs.json
+++ b/locales/cs.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/da.json
+++ b/locales/da.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/de.json
+++ b/locales/de.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/el.json
+++ b/locales/el.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/en-US.json
+++ b/locales/en-US.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "The TOTP code entered is invalid",
    "general-totp-enter-code-field": "6 digit number",
    "general-totp-enter-code-header": "Two-factor authentication",
-    "general-totp-verify-button": "Verifiy"
+    "general-totp-verify-button": "Verify",
+    "remove-totp-header": "Remove two-factor authentication",
+    "remove-totp-confirm-message": "Are you sure you would like to remove two-factor-authentication?"
 }
--- a/locales/eo.json
+++ b/locales/eo.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/es.json
+++ b/locales/es.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/eu.json
+++ b/locales/eu.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/fa.json
+++ b/locales/fa.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/fi.json
+++ b/locales/fi.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/fr.json
+++ b/locales/fr.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/he.json
+++ b/locales/he.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/hr.json
+++ b/locales/hr.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/hu-HU.json
+++ b/locales/hu-HU.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/id.json
+++ b/locales/id.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/is.json
+++ b/locales/is.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/it.json
+++ b/locales/it.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/ja.json
+++ b/locales/ja.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/lt.json
+++ b/locales/lt.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/nb-NO.json
+++ b/locales/nb-NO.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/nl.json
+++ b/locales/nl.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/pl.json
+++ b/locales/pl.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/pt-BR.json
+++ b/locales/pt-BR.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/pt-PT.json
+++ b/locales/pt-PT.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/ro.json
+++ b/locales/ro.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/ru.json
+++ b/locales/ru.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/si.json
+++ b/locales/si.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/sk.json
+++ b/locales/sk.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/sr.json
+++ b/locales/sr.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/sr_Cyrl.json
+++ b/locales/sr_Cyrl.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/sv-SE.json
+++ b/locales/sv-SE.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/tr.json
+++ b/locales/tr.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/uk.json
+++ b/locales/uk.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/vi.json
+++ b/locales/vi.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/zh-CN.json
+++ b/locales/zh-CN.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/locales/zh-TW.json
+++ b/locales/zh-TW.json
@ -433,5 +433,7 @@
    "general-totp-invalid-code": "",
    "general-totp-enter-code-field": "",
    "general-totp-enter-code-header": "",
-    "general-totp-verify-button": ""
+    "general-totp-verify-button": "",
+    "remove-totp-header": "",
+    "remove-totp-confirm-message": ""
 }
--- a/src/invidious.cr
+++ b/src/invidious.cr
@ -347,6 +347,8 @@ Invidious::Routing.get "/toggle_theme", Invidious::Routes::PreferencesRoute, :to

 Invidious::Routing.get "/setup_2fa", Invidious::Routes::Accounts, :setup_2fa_page
 Invidious::Routing.post "/setup_2fa", Invidious::Routes::Accounts, :setup_2fa
+Invidious::Routing.get "/remove_2fa", Invidious::Routes::Accounts, :remove_2fa_page
+Invidious::Routing.post "/remove_2fa", Invidious::Routes::Accounts, :remove_2fa
 Invidious::Routing.post "/validate_2fa", Invidious::Routes::Accounts, :validate_2fa

 # Users
--- a/src/invidious/routes/accounts.cr
+++ b/src/invidious/routes/accounts.cr
@ -21,6 +21,43 @@ class Invidious::Routes::Accounts < Invidious::Routes::BaseRoute
    return templated "account/setup_2fa"
  end

+  # Endpoint to remove 2fa
+  def remove_2fa_page(env)
+    locale = LOCALES[env.get("preferences").as(Preferences).locale]?
+    referer = get_referer(env)
+
+    user = env.get("user").as(User)
+    sid = env.get("sid").as(String)
+    csrf_token = generate_response(sid, {":remove_2fa"}, HMAC_KEY, PG_DB)
+
+    return templated "account/remove_2fa"
+  end
+
+  # Remove 2fa post request.
+  def remove_2fa(env)
+    locale = LOCALES[env.get("preferences").as(Preferences).locale]?
+
+    user = env.get? "user"
+    sid = env.get? "sid"
+    referer = get_referer(env, unroll: false)
+
+    if !user
+      return env.redirect referer
+    end
+
+    user = user.as(User)
+    sid = sid.as(String)
+    token = env.params.body["csrf_token"]?
+
+    begin
+      validate_request(token, sid, env.request, HMAC_KEY, PG_DB, locale)
+    rescue ex
+      return error_template(400, ex)
+    end
+
+    PG_DB.exec("UPDATE users SET totp_secret = $1 WHERE email = $2", nil, user.email)
+  end
+
  # Setup TOTP (post) request.
  def setup_2fa(env)
    locale = LOCALES[env.get("preferences").as(Preferences).locale]?
@ -29,8 +66,6 @@ class Invidious::Routes::Accounts < Invidious::Routes::BaseRoute
    sid = env.get? "sid"
    referer = get_referer(env, unroll: false)

-    puts referer
-
    if !user
      return env.redirect referer
    end
--- a/src/invidious/views/account/remove_2fa.ecr
+++ b/src/invidious/views/account/remove_2fa.ecr
@ -0,0 +1,24 @@
+<% content_for "header" do %>
+<title><%= translate(locale, "remove-totp-header") %> - Invidious</title>
+<% end %>
+
+<div class="h-box">
+    <form class="pure-form pure-form-aligned" action="/remove_2fa?referer=<%= URI.encode_www_form(referer) %>" method="post">
+        <legend><%= translate(locale, "remove-totp-confirm-message") %></legend>
+
+        <div class="pure-g">
+            <div class="pure-u-1-2">
+                <button type="submit" name="submit" value="remove_2fa" class="pure-button pure-button-primary">
+                    <%= translate(locale, "Yes") %>
+                </button>
+            </div>
+            <div class="pure-u-1-2">
+                <a class="pure-button" href="<%= URI.encode_www_form(referer) %>">
+                    <%= translate(locale, "No") %>
+                </a>
+            </div>
+        </div>
+
+        <input type="hidden" name="csrf_token" value="<%= URI.encode_www_form(csrf_token) %>">
+    </form>
+</div>