TheAnachronism/docspell
1
0
Fork 0
mirror of https://github.com/TheAnachronism/docspell.git synced 2025-06-22 10:28:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adopt login process for two-factor auth

Browse Source
This commit is contained in:
eikek
2021-08-31 21:29:07 +02:00
parent 999c39833a
commit 1afc005a6c
14 changed files with 356 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
modules/restserver/src/main/scala/docspell/restserver/routes/LoginRoutes.scala
View File

@ -15,6 +15,7 @@ import docspell.restapi.model._
import docspell.restserver._
import docspell.restserver.auth._
import docspell.restserver.http4s.ClientRequestInfo
import docspell.totp.OnetimePassword
import org.http4s._
import org.http4s.circe.CirceEntityDecoder._
@ -27,14 +28,31 @@ object LoginRoutes {
val dsl: Http4sDsl[F] = new Http4sDsl[F] {}
import dsl._
HttpRoutes.of[F] { case req @ POST -> Root / "login" =>
for {
up <- req.as[UserPass]
res <- S.loginUserPass(cfg.auth)(
Login.UserPass(up.account, up.password, up.rememberMe.getOrElse(false))
)
resp <- makeResponse(dsl, cfg, req, res, up.account)
} yield resp
HttpRoutes.of[F] {
case req @ POST -> Root / "two-factor" =>
for {
sf <- req.as[SecondFactor]
tokenParsed = AuthToken.fromString(sf.token)
resp <- tokenParsed match {
case Right(token) =>
S.loginSecondFactor(cfg.auth)(
Login.SecondFactor(token, sf.rememberMe, OnetimePassword(sf.otp.pass))
).flatMap(result =>
makeResponse(dsl, cfg, req, result, token.account.asString)
)
case Left(err) =>
BadRequest(BasicResult(false, s"Invalid authentication token: $err"))
}
} yield resp
case req @ POST -> Root / "login" =>
for {
up <- req.as[UserPass]
res <- S.loginUserPass(cfg.auth)(
Login.UserPass(up.account, up.password, up.rememberMe.getOrElse(false))
)
resp <- makeResponse(dsl, cfg, req, res, up.account)
} yield resp
}
}