From 8597646a12fba8fbe53788930c2c04ac5c8c7e43 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Sp=C3=B6ttel?= <1682504+fspoettel@users.noreply.github.com> Date: Wed, 2 Sep 2020 19:41:06 +0200 Subject: [PATCH] Update API route naming, update setup page * Rename /two-factor-auth/ => /2fa/ * Nest totp routes under /2fa/totp/ * Update ids and methods in panel to allow for different setup types --- management/daemon.py | 28 ++++---- management/templates/index.html | 2 +- management/templates/two-factor-auth.html | 80 +++++++++++------------ 3 files changed, 56 insertions(+), 54 deletions(-) diff --git a/management/daemon.py b/management/daemon.py index b80b1e7..e1e5be6 100755 --- a/management/daemon.py +++ b/management/daemon.py @@ -412,29 +412,31 @@ def ssl_provision_certs(): # Two Factor Auth -@app.route('/two-factor-auth/status', methods=['GET']) +@app.route('/2fa/status', methods=['GET']) @authorized_personnel_only def two_factor_auth_get_status(): - email, privs = auth_service.authenticate(request, env) - two_factor_secret, two_factor_token = get_two_factor_info(email, env) + email, _ = auth_service.authenticate(request, env) + two_factor_secret, _ = get_two_factor_info(email, env) if two_factor_secret != None: - return json_response({ 'status': 'on' }) + return json_response({ + "type": 'totp' + }) secret = totp.get_secret() secret_url = totp.get_otp_uri(secret, email) secret_qr = totp.get_qr_code(secret_url) return json_response({ - "status": 'off', - "secret": secret, - "qr_code": secret_qr + "type": None, + "totp_secret": secret, + "totp_qr": secret_qr }) -@app.route('/two-factor-auth/setup', methods=['POST']) +@app.route('/2fa/totp/enable', methods=['POST']) @authorized_personnel_only -def two_factor_auth_post_setup(): - email, privs = auth_service.authenticate(request, env) +def totp_post_enable(): + email, _ = auth_service.authenticate(request, env) secret = request.form.get('secret') token = request.form.get('token') @@ -448,10 +450,10 @@ def two_factor_auth_post_setup(): return json_response({ "error": 'token_mismatch' }, 400) -@app.route('/two-factor-auth/disable', methods=['POST']) +@app.route('/2fa/totp/disable', methods=['POST']) @authorized_personnel_only -def two_factor_auth_post_disable(): - email, privs = auth_service.authenticate(request, env) +def totp_post_disable(): + email, _ = auth_service.authenticate(request, env) remove_two_factor_secret(email, env) return json_response({}) diff --git a/management/templates/index.html b/management/templates/index.html index b0d86dd..7f8a1e3 100644 --- a/management/templates/index.html +++ b/management/templates/index.html @@ -136,7 +136,7 @@ {% include "two-factor-auth.html" %} -
+
{% include "login.html" %}
diff --git a/management/templates/two-factor-auth.html b/management/templates/two-factor-auth.html index 9f1a8b5..810e600 100644 --- a/management/templates/two-factor-auth.html +++ b/management/templates/two-factor-auth.html @@ -1,5 +1,5 @@