Fix OTP authentication for external accounts

This commit is contained in:
eikek
2021-09-06 01:07:31 +02:00
parent 8158e36d40
commit 468ba90158
12 changed files with 95 additions and 46 deletions

View File

@ -18,7 +18,7 @@ import Api
import Api.Model.AuthResult exposing (AuthResult)
import Data.Flags exposing (Flags)
import Http
import Page exposing (Page(..))
import Page exposing (LoginData, Page(..))
type alias Model =
@ -40,7 +40,7 @@ type FormState
type AuthStep
= StepLogin
| StepOtp AuthResult
| StepOtp String
emptyModel : Model
@ -54,11 +54,11 @@ emptyModel =
}
init : Flags -> Bool -> ( Model, Cmd Msg )
init flags oauth =
init : Flags -> LoginData -> ( Model, Cmd Msg )
init flags ld =
let
cmd =
if oauth then
if ld.openid > 0 then
Api.loginSession flags AuthResp
else
@ -74,4 +74,4 @@ type Msg
| Authenticate
| AuthResp (Result Http.Error AuthResult)
| SetOtp String
| AuthOtp AuthResult
| AuthOtp String

View File

@ -10,13 +10,13 @@ module Page.Login.Update exposing (update)
import Api
import Api.Model.AuthResult exposing (AuthResult)
import Data.Flags exposing (Flags)
import Page exposing (Page(..))
import Page exposing (LoginData, Page(..))
import Page.Login.Data exposing (..)
import Ports
update : ( Maybe Page, Bool ) -> Flags -> Msg -> Model -> ( Model, Cmd Msg, Maybe AuthResult )
update ( referrer, oauth ) flags msg model =
update : LoginData -> Flags -> Msg -> Model -> ( Model, Cmd Msg, Maybe AuthResult )
update loginData flags msg model =
case msg of
SetUsername str ->
( { model | username = str }, Cmd.none, Nothing )
@ -40,11 +40,11 @@ update ( referrer, oauth ) flags msg model =
in
( model, Api.login flags userPass AuthResp, Nothing )
AuthOtp acc ->
AuthOtp token ->
let
sf =
{ rememberMe = model.rememberMe
, token = Maybe.withDefault "" acc.token
, token = token
, otp = model.otp
}
in
@ -53,7 +53,7 @@ update ( referrer, oauth ) flags msg model =
AuthResp (Ok lr) ->
let
gotoRef =
Maybe.withDefault HomePage referrer |> Page.goto
Maybe.withDefault HomePage loginData.referrer |> Page.goto
in
if lr.success && not lr.requireSecondFactor then
( { model | formState = AuthSuccess lr, password = "" }
@ -62,7 +62,11 @@ update ( referrer, oauth ) flags msg model =
)
else if lr.success && lr.requireSecondFactor then
( { model | formState = FormInitial, authStep = StepOtp lr, password = "" }
( { model
| formState = FormInitial
, authStep = StepOtp <| Maybe.withDefault "" lr.token
, password = ""
}
, Cmd.none
, Nothing
)
@ -77,11 +81,22 @@ update ( referrer, oauth ) flags msg model =
let
empty =
Api.Model.AuthResult.empty
session =
Maybe.withDefault "" loginData.session
in
( { model | password = "", formState = HttpError err }
, Ports.removeAccount ()
, Just empty
)
-- A value of 2 indicates that TOTP is required
if loginData.openid == 2 then
( { model | formState = FormInitial, authStep = StepOtp session, password = "" }
, Cmd.none
, Nothing
)
else
( { model | password = "", formState = HttpError err }
, Ports.removeAccount ()
, Just empty
)
setAccount : AuthResult -> Cmd msg

View File

@ -104,11 +104,11 @@ openIdLinks texts flags =
]
otpForm : Texts -> Flags -> Model -> AuthResult -> Html Msg
otpForm texts flags model acc =
otpForm : Texts -> Flags -> Model -> String -> Html Msg
otpForm texts flags model token =
Html.form
[ action "#"
, onSubmit (AuthOtp acc)
, onSubmit (AuthOtp token)
, autocomplete False
]
[ div [ class "flex flex-col mt-6" ]

View File

@ -97,7 +97,7 @@ update flags msg model =
cmd =
if r.success then
Page.goto (LoginPage ( Nothing, False ))
Page.goto (LoginPage Page.emptyLoginData)
else
Cmd.none

View File

@ -232,7 +232,7 @@ viewContent texts flags _ model =
[ text texts.alreadySignedUp
]
, a
[ Page.href (LoginPage ( Nothing, False ))
[ Page.href (LoginPage Page.emptyLoginData)
, class ("ml-2" ++ S.link)
]
[ i [ class "fa fa-user-plus mr-1" ] []