From dc4795d085500c10386e55115c8c2d332caed57b Mon Sep 17 00:00:00 2001 From: Andrew Woodlee Date: Sat, 12 Nov 2022 14:48:59 -0600 Subject: [PATCH] added otp backup tokens --- app/controllers/admin.js | 1 + app/controllers/admin/otp.js | 59 +++++++++++++++++++++++++++++++++++ app/services/otp-auth.js | 7 +++++ app/views/admin/otp/index.pug | 12 +++++++ 4 files changed, 79 insertions(+) create mode 100644 app/controllers/admin/otp.js create mode 100644 app/views/admin/otp/index.pug diff --git a/app/controllers/admin.js b/app/controllers/admin.js index ae3bc10..33bc8e9 100644 --- a/app/controllers/admin.js +++ b/app/controllers/admin.js @@ -51,6 +51,7 @@ class AdminController extends SiteController { router.use('/log', await this.loadChild(path.join(__dirname, 'admin', 'log'))); router.use('/newsletter', await this.loadChild(path.join(__dirname, 'admin', 'newsletter'))); router.use('/newsroom', await this.loadChild(path.join(__dirname, 'admin', 'newsroom'))); + router.use('/otp', await this.loadChild(path.join(__dirname, 'admin', 'otp'))); router.use('/settings', await this.loadChild(path.join(__dirname, 'admin', 'settings'))); router.use('/service-node', await this.loadChild(path.join(__dirname, 'admin', 'service-node'))); router.use('/user', await this.loadChild(path.join(__dirname, 'admin', 'user'))); diff --git a/app/controllers/admin/otp.js b/app/controllers/admin/otp.js new file mode 100644 index 0000000..aa319eb --- /dev/null +++ b/app/controllers/admin/otp.js @@ -0,0 +1,59 @@ +// admin/otp.js +// Copyright (C) 2021 Digital Telepresence, LLC +// License: Apache-2.0 + +'use strict'; + +const express = require('express'); +// const multer = require('multer'); + +const { SiteController, SiteError } = require('../../../lib/site-lib'); + +class OtpAdminController extends SiteController { + + constructor (dtp) { + super(dtp, module.exports); + } + + async start ( ) { + // const upload = multer({ dest: `/tmp/${this.dtp.config.site.domainKey}/uploads/${module.exports.slug}` }); + + const router = express.Router(); + router.use(async (req, res, next) => { + res.locals.currentView = 'admin'; + res.locals.adminView = 'otp'; + return next(); + }); + + // router.param('otp', this.populateOtp.bind(this)); + + + + router.get('/', this.getIndex.bind(this)); + + // router.delete('/:postId', this.deletePost.bind(this)); + + return router; + } + + async getIndex (req, res, next) { + try { + const { otpAuth: otpAuthService } = this.dtp.services; + if (!req.user) { + throw new SiteError(402, "Error getting user"); + } + res.locals.tokens = await otpAuthService.getBackupTokens(req.user, "Admin"); + res.render('admin/otp/index'); + } catch (error) { + this.log.error('failed to get tokens', { error }); + return next(error); + } + } + +} + +module.exports = { + name: 'adminOtp', + slug: 'admin-opt', + create: async (dtp) => { return new OtpAdminController(dtp); }, +}; \ No newline at end of file diff --git a/app/services/otp-auth.js b/app/services/otp-auth.js index 85fb0b4..44dc651 100644 --- a/app/services/otp-auth.js +++ b/app/services/otp-auth.js @@ -220,6 +220,13 @@ class OtpAuthService extends SiteService { async removeForUser (user) { return await OtpAccount.deleteMany({ user: user }); } + + async getBackupTokens (user, serviceName) { + const tokens = await OtpAccount.findOne({ user: user._id, service: serviceName }) + .select('+backupTokens') + .lean(); + return tokens.backupTokens; + } } module.exports = { diff --git a/app/views/admin/otp/index.pug b/app/views/admin/otp/index.pug new file mode 100644 index 0000000..ba18b58 --- /dev/null +++ b/app/views/admin/otp/index.pug @@ -0,0 +1,12 @@ +extends ../layouts/main +block content + + div(uk-grid) + .uk-width-expand + h1 Tokens + .uk-card-body + h3 These tokens should be saved in a safe place so you can get into your account should you lose your 2FA device + each token of tokens + ul.uk-list.uk-list-divider + li + .uk-text-small= token.token