Mizah/Sharkey
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Sharkey/packages/backend/src/server/api/endpoints/i/2fa/register.ts
syuilo 510de87607
refactor: use ajv instead of cafy (#8324) 
* wip

* wip

* Update abuse-user-reports.ts

* Update files.ts

* Update list-remote.ts

* Update list.ts

* Update show-users.ts

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* Update update.ts

* Update search.ts

* Update reactions.ts

* Update search.ts

* wip

* wip

* wip

* wip

* Update update.ts

* Update relation.ts

* Update available.ts

* wip

* wip

* wip

* Update packages/backend/src/server/api/define.ts

Co-authored-by: Johann150 <johann.galle@protonmail.com>

* Update define.ts

* Update define.ts

* typo

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* Update update.ts

* wip

* Update signup.ts

* Update call.ts

* minimum for limit

* type

* remove needless annotation

* wip

* Update signup.ts

* wip

* wip

* fix

* Update create.ts

Co-authored-by: Johann150 <johann.galle@protonmail.com>
2022-02-19 14:05:32 +09:00

56 lines
1.2 KiB
TypeScript
Raw Blame History

import * as bcrypt from 'bcryptjs';
import * as speakeasy from 'speakeasy';
import * as QRCode from 'qrcode';
import config from '@/config/index';
import define from '../../../define';
import { UserProfiles } from '@/models/index';
export const meta = {
requireCredential: true,
secure: true,
} as const;
const paramDef = {
type: 'object',
properties: {
password: { type: 'string' },
},
required: ['password'],
} as const;
// eslint-disable-next-line import/no-default-export
export default define(meta, paramDef, async (ps, user) => {
const profile = await UserProfiles.findOneOrFail(user.id);
// Compare password
const same = await bcrypt.compare(ps.password, profile.password!);
if (!same) {
throw new Error('incorrect password');
}
// Generate user's secret key
const secret = speakeasy.generateSecret({
length: 32,
});
await UserProfiles.update(user.id, {
twoFactorTempSecret: secret.base32,
});
// Get the data URL of the authenticator URL
const dataUrl = await QRCode.toDataURL(speakeasy.otpauthURL({
secret: secret.base32,
encoding: 'base32',
label: user.username,
issuer: config.host,
}));
return {
qr: dataUrl,
secret: secret.base32,
label: user.username,
issuer: config.host,
};
});
Reference in a new issue View git blame Copy permalink