Refact, verification login with secret (#6943)

Signed-off-by: fufesou <shuanglongchen@yeah.net>
2024-01-21 19:14:28 -08:00 · 2024-01-21 19:14:28 -08:00 · a42df9a27b
commit a42df9a27b
parent 48102e9c53
4 changed files with 30 additions and 11 deletions
--- a/flutter/lib/common/hbbs/hbbs.dart
+++ b/flutter/lib/common/hbbs/hbbs.dart
@ -121,6 +121,7 @@ class LoginRequest {
  String? type;
  String? verificationCode;
  String? tfaCode;
+  String? secret;

  LoginRequest(
      {this.username,
@ -130,7 +131,8 @@ class LoginRequest {
      this.autoLogin,
      this.type,
      this.verificationCode,
-      this.tfaCode});
+      this.tfaCode,
+      this.secret});

  Map<String, dynamic> toJson() {
    final Map<String, dynamic> data = <String, dynamic>{};
@ -144,6 +146,7 @@ class LoginRequest {
      data['verificationCode'] = verificationCode;
    }
    if (tfaCode != null) data['tfaCode'] = tfaCode;
+    if (secret != null) data['secret'] = secret;

    Map<String, dynamic> deviceInfo = {};
    try {
@ -160,14 +163,17 @@ class LoginResponse {
  String? access_token;
  String? type;
  String? tfa_type;
+  String? secret;
  UserPayload? user;

-  LoginResponse({this.access_token, this.type, this.tfa_type, this.user});
+  LoginResponse(
+      {this.access_token, this.type, this.tfa_type, this.secret, this.user});

  LoginResponse.fromJson(Map<String, dynamic> json) {
    access_token = json['access_token'];
    type = json['type'];
    tfa_type = json['tfa_type'];
+    secret = json['secret'];
    user = json['user'] != null ? UserPayload.fromJson(json['user']) : null;
  }
 }
--- a/flutter/lib/common/widgets/login.dart
+++ b/flutter/lib/common/widgets/login.dart
@ -390,8 +390,7 @@ class LoginWidgetUserPass extends StatelessWidget {

 const kAuthReqTypeOidc = 'oidc/';

-/// common login dialog for desktop
-/// call this directly
+// call this directly
 Future<bool?> loginDialog() async {
  var username =
      TextEditingController(text: UserModel.getLocalUserInfo()?['name'] ?? '');
@ -457,11 +456,12 @@ Future<bool?> loginDialog() async {
          if (isEmailVerification != null) {
            if (isMobile) {
              if (close != null) close(false);
-              verificationCodeDialog(resp.user, isEmailVerification);
+              verificationCodeDialog(
+                  resp.user, resp.secret, isEmailVerification);
            } else {
              setState(() => isInProgress = false);
-              final res =
-                  await verificationCodeDialog(resp.user, isEmailVerification);
+              final res = await verificationCodeDialog(
+                  resp.user, resp.secret, isEmailVerification);
              if (res == true) {
                if (close != null) close(false);
                return;
@ -611,7 +611,7 @@ Future<bool?> loginDialog() async {
 }

 Future<bool?> verificationCodeDialog(
-    UserPayload? user, bool isEmailVerification) async {
+    UserPayload? user, String? secret, bool isEmailVerification) async {
  var autoLogin = true;
  var isInProgress = false;
  String? errorText;
@ -626,6 +626,7 @@ Future<bool?> verificationCodeDialog(
        final resp = await gFFI.userModel.login(LoginRequest(
            verificationCode: code.text,
            tfaCode: isEmailVerification ? null : code.text,
+            secret: secret,
            username: user?.name,
            id: await bind.mainGetMyId(),
            uuid: await bind.mainGetUuid(),
--- a/src/hbbs_http/account.rs
+++ b/src/hbbs_http/account.rs
@ -97,6 +97,8 @@ pub struct AuthBody {
    pub r#type: String,
    #[serde(default)]
    pub tfa_type: String,
+    #[serde(default)]
+    pub secret: String,
    pub user: UserPayload,
 }

--- a/src/ui/index.tis
+++ b/src/ui/index.tis
@ -1242,9 +1242,10 @@ function login() {
 }

 function on_2fa_check(last_msg) {
-    var isEmailCheck = !last_msg.tfa_type || last_msg.tfa_type == 'email_check';
+    const isEmailCheck = !last_msg.tfa_type || last_msg.tfa_type == 'email_check';
+    const secret = last_msg.secret;
+    const emailHint = last_msg.user.email;

-    var emailHint = last_msg.user.email;
    msgbox("custom-2fa-verification-code", translate('Verification code'), <div .form .set-password> 
            { isEmailCheck && <div><span>{translate('Email')}:</span><span>{emailHint}</span></div> }
            <div><span>{translate(isEmailCheck ? 'Verification code' : '2FA code')}:</span><input|text name="verification_code" .outline-focus /></div> 
@ -1260,7 +1261,16 @@ function on_2fa_check(last_msg) {
            }
            abLoading = true;
            var url = handler.get_api_server();
-            const loginData = {username: last_msg.user.name, id: my_id, uuid: handler.get_uuid(), type: 'email_code', verificationCode: code, tfaCode: isEmailCheck ? '' : code, deviceInfo: getDeviceInfo()};
+            const loginData = {
+                username: last_msg.user.name,
+                id: my_id,
+                uuid: handler.get_uuid(),
+                type: 'email_code',
+                verificationCode: code,
+                tfaCode: isEmailCheck ? '' : code,
+                secret: secret,
+                deviceInfo: getDeviceInfo()
+            };
            httpRequest(url + "/api/login", #post, loginData, 
                function(data) {
                    if (data.error) {