Add 2fa routest and business logic

2018-04-25 19:08:15 +02:00
parent d1ed2aa2ce
commit 6574b22cf6
3 changed files with 101 additions and 2 deletions
@@ -3,7 +3,10 @@
 exports = module.exports = {
    get: get,
    update: update,
-    changePassword: changePassword
+    changePassword: changePassword,
+    setTwoFactorAuthenticationSecret: setTwoFactorAuthenticationSecret,
+    enableTwoFactorAuthentication: enableTwoFactorAuthentication,
+    disableTwoFactorAuthentication: disableTwoFactorAuthentication
 };

 var assert = require('assert'),
@@ -65,3 +68,34 @@ function changePassword(req, res, next) {
        next(new HttpSuccess(204));
    });
 }
+
+function setTwoFactorAuthenticationSecret(req, res, next) {
+    assert.strictEqual(typeof req.params.userId, 'string');
+
+    user.setTwoFactorAuthenticationSecret(req.params.userId, function (error, result) {
+        if (error && error.reason === UserError.ALREADY_EXISTS) return next(new HttpError(409, 'TwoFactor Authentication is enabled, disable first'));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(201, { enabled: false, secret: result.secret, qrcode: result.qrcode }));
+    });
+}
+
+function enableTwoFactorAuthentication(req, res, next) {
+    assert.strictEqual(typeof req.params.userId, 'string');
+
+    if (!req.body.totpToken || typeof req.body.totpToken !== 'string') return next(new HttpError(400, 'totpToken must be a nonempty string'));
+
+    user.enableTwoFactorAuthentication(req.params.userId, req.body.totpToken, function (error) {
+        if (error) return next(new HttpError(500, error));
+        next(new HttpSuccess(202, {}));
+    });
+}
+
+function disableTwoFactorAuthentication(req, res, next) {
+    assert.strictEqual(typeof req.params.userId, 'string');
+
+    user.disableTwoFactorAuthentication(req.params.userId, function (error) {
+        if (error) return next(new HttpError(500, error));
+        next(new HttpSuccess(202, {}));
+    });
+}