added otp backup tokens

2 years ago · dc4795d085
parent 47189dd9a7
commit dc4795d085
4 changed files with 79 additions and 0 deletions
--- a/app/controllers/admin.js
+++ b/app/controllers/admin.js
@ -51,6 +51,7 @@ class AdminController extends SiteController {
    router.use('/log', await this.loadChild(path.join(__dirname, 'admin', 'log')));
    router.use('/newsletter', await this.loadChild(path.join(__dirname, 'admin', 'newsletter')));
    router.use('/newsroom', await this.loadChild(path.join(__dirname, 'admin', 'newsroom')));
+    router.use('/otp', await this.loadChild(path.join(__dirname, 'admin', 'otp')));
    router.use('/settings', await this.loadChild(path.join(__dirname, 'admin', 'settings')));
    router.use('/service-node', await this.loadChild(path.join(__dirname, 'admin', 'service-node')));
    router.use('/user', await this.loadChild(path.join(__dirname, 'admin', 'user')));
--- a/app/controllers/admin/otp.js
+++ b/app/controllers/admin/otp.js
@ -0,0 +1,59 @@
+// admin/otp.js
+// Copyright (C) 2021 Digital Telepresence, LLC
+// License: Apache-2.0
+
+'use strict';
+
+const express = require('express');
+// const multer = require('multer');
+
+const { SiteController, SiteError } = require('../../../lib/site-lib');
+
+class OtpAdminController extends SiteController {
+
+  constructor (dtp) {
+    super(dtp, module.exports);
+  }
+
+  async start ( ) {
+    // const upload = multer({ dest: `/tmp/${this.dtp.config.site.domainKey}/uploads/${module.exports.slug}` });
+
+    const router = express.Router();
+    router.use(async (req, res, next) => {
+      res.locals.currentView = 'admin';
+      res.locals.adminView = 'otp';
+      return next();
+    });
+
+    // router.param('otp', this.populateOtp.bind(this));
+
+
+
+    router.get('/', this.getIndex.bind(this));
+
+    // router.delete('/:postId', this.deletePost.bind(this));
+
+    return router;
+  }
+
+  async getIndex (req, res, next) {
+    try {
+      const { otpAuth: otpAuthService } = this.dtp.services;
+      if (!req.user) {
+        throw new SiteError(402, "Error getting user");
+      }
+      res.locals.tokens = await otpAuthService.getBackupTokens(req.user, "Admin");
+      res.render('admin/otp/index');
+    } catch (error) {
+      this.log.error('failed to get tokens', { error });
+      return next(error);
+    }
+  }
+
+}
+
+module.exports = {
+  name: 'adminOtp',
+  slug: 'admin-opt',
+  create: async (dtp) => { return new OtpAdminController(dtp); },
+};
--- a/app/services/otp-auth.js
+++ b/app/services/otp-auth.js
@ -220,6 +220,13 @@ class OtpAuthService extends SiteService {
  async removeForUser (user) {
    return await OtpAccount.deleteMany({ user: user });
  }
+
+  async getBackupTokens (user, serviceName) {
+    const tokens = await OtpAccount.findOne({ user: user._id, service: serviceName })
+    .select('+backupTokens')
+    .lean();
+    return tokens.backupTokens;
+  }
 }

 module.exports = {
--- a/app/views/admin/otp/index.pug
+++ b/app/views/admin/otp/index.pug
@ -0,0 +1,12 @@
+extends ../layouts/main
+block content
+
+  div(uk-grid)
+    .uk-width-expand
+      h1 Tokens
+      .uk-card-body
+        h3 These tokens should be saved in a safe place so you can get into your account should you lose your 2FA device
+        each token of tokens
+          ul.uk-list.uk-list-divider
+            li
+              .uk-text-small= token.token