|
@ -123,6 +123,7 @@ fn _password_login(data: ConnectData, conn: DbConn, ip: ClientIp) -> JsonResult |
|
|
"refresh_token": device.refresh_token, |
|
|
"refresh_token": device.refresh_token, |
|
|
"Key": user.akey, |
|
|
"Key": user.akey, |
|
|
"PrivateKey": user.private_key, |
|
|
"PrivateKey": user.private_key, |
|
|
|
|
|
//"TwoFactorToken": "11122233333444555666777888999"
|
|
|
}); |
|
|
}); |
|
|
|
|
|
|
|
|
if let Some(token) = twofactor_token { |
|
|
if let Some(token) = twofactor_token { |
|
@ -183,7 +184,7 @@ fn twofactor_auth( |
|
|
None => err_json!(_json_err_twofactor(&twofactor_ids, user_uuid, conn)?), |
|
|
None => err_json!(_json_err_twofactor(&twofactor_ids, user_uuid, conn)?), |
|
|
}; |
|
|
}; |
|
|
|
|
|
|
|
|
let selected_twofactor = twofactors.into_iter().filter(|tf| tf.atype == selected_id).nth(0); |
|
|
let selected_twofactor = twofactors.into_iter().filter(|tf| tf.atype == selected_id && tf.enabled).nth(0); |
|
|
|
|
|
|
|
|
use crate::api::core::two_factor as _tf; |
|
|
use crate::api::core::two_factor as _tf; |
|
|
use crate::crypto::ct_eq; |
|
|
use crate::crypto::ct_eq; |
|
@ -196,6 +197,7 @@ fn twofactor_auth( |
|
|
Some(TwoFactorType::U2f) => _tf::validate_u2f_login(user_uuid, twofactor_code, conn)?, |
|
|
Some(TwoFactorType::U2f) => _tf::validate_u2f_login(user_uuid, twofactor_code, conn)?, |
|
|
Some(TwoFactorType::YubiKey) => _tf::validate_yubikey_login(twofactor_code, &selected_data?)?, |
|
|
Some(TwoFactorType::YubiKey) => _tf::validate_yubikey_login(twofactor_code, &selected_data?)?, |
|
|
Some(TwoFactorType::Duo) => _tf::validate_duo_login(data.username.as_ref().unwrap(), twofactor_code, conn)?, |
|
|
Some(TwoFactorType::Duo) => _tf::validate_duo_login(data.username.as_ref().unwrap(), twofactor_code, conn)?, |
|
|
|
|
|
Some(TwoFactorType::Email) => _tf::validate_totp_code_str(twofactor_code, &selected_data?)?, |
|
|
|
|
|
|
|
|
Some(TwoFactorType::Remember) => { |
|
|
Some(TwoFactorType::Remember) => { |
|
|
match device.twofactor_remember { |
|
|
match device.twofactor_remember { |
|
@ -286,6 +288,13 @@ fn _json_err_twofactor(providers: &[i32], user_uuid: &str, conn: &DbConn) -> Api |
|
|
}) |
|
|
}) |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
Some(tf_type @ TwoFactorType::Email) => { |
|
|
|
|
|
let twofactor = match TwoFactor::find_by_user_and_type(user_uuid, tf_type as i32, &conn) { |
|
|
|
|
|
Some(tf) => tf, |
|
|
|
|
|
None => err!("No twofactor email registered"), |
|
|
|
|
|
}; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
_ => {} |
|
|
_ => {} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|