jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Handle more 2fa route errors

Browse Source
This commit is contained in:
Johannes Zellner
2018-04-26 16:14:37 +02:00
parent 9cd6333cf7
commit fbba636fb3
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/profile.js
+3
View File
@@ -87,6 +87,9 @@ function enableTwoFactorAuthentication(req, res, next) {
if (!req.body.totpToken || typeof req.body.totpToken !== 'string') return next(new HttpError(400, 'totpToken must be a nonempty string'));
user.enableTwoFactorAuthentication(req.user.id, req.body.totpToken, function (error) {
if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'User not found'));
if (error && error.reason === UserError.BAD_TOKEN) return next(new HttpError(403, 'Invalid token'));
if (error && error.reason === UserError.ALREADY_EXISTS) return next(new HttpError(409, 'TwoFactor Authentication is already enabled'));
if (error) return next(new HttpError(500, error));
next(new HttpSuccess(202, {}));
});
src/user.js
+3 -3
View File
@@ -573,7 +573,7 @@ function setTwoFactorAuthenticationSecret(userId, callback) {
if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserError(UserError.NOT_FOUND));
if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
if (result.twoFactorAuthenticationEnabled) return callback(new UserError(UserError.ALREADY_EXISTS, 'TwoFactor Authentication is enabled, disable first'));
if (result.twoFactorAuthenticationEnabled) return callback(new UserError(UserError.ALREADY_EXISTS));
var secret = speakeasy.generateSecret({ name: 'cloudron' });
@@ -599,9 +599,9 @@ function enableTwoFactorAuthentication(userId, totpToken, callback) {
if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
var verified = speakeasy.totp.verify({ secret: result.twoFactorAuthenticationSecret, encoding: 'base32', token: totpToken });
if (!verified) return callback(new UserError(UserError.BAD_TOKEN, 'Invalid token'));
if (!verified) return callback(new UserError(UserError.BAD_TOKEN));
if (result.twoFactorAuthenticationEnabled) return callback(new UserError(UserError.ALREADY_EXISTS, 'TwoFactor Authentication is already enabled'));
if (result.twoFactorAuthenticationEnabled) return callback(new UserError(UserError.ALREADY_EXISTS));
userdb.update(userId, { twoFactorAuthenticationEnabled: true }, function (error) {
if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));