chore: remember2FA

meili-NG · Sep 7, 2022 · 0a277e9 · 0a277e9
1 parent c682a7b
commit 0a277e9
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 40 deletions.
diff --git a/src/common/meiling/v1/interfaces/query.ts b/src/common/meiling/v1/interfaces/query.ts
@@ -47,7 +47,7 @@ export interface PasswordResetBody {
 export interface SigninTwoFactor {
   type: SigninType.TWO_FACTOR_AUTH;
   data?: SigninAuthenticationData;
-  skip2FA?: boolean;
+  remember2FA?: boolean;
 }
 
 interface SigninPasswordLess {

diff --git a/src/common/meiling/v1/interfaces/session.ts b/src/common/meiling/v1/interfaces/session.ts
@@ -32,7 +32,7 @@ export interface LoggedInUser {
 
 export interface PreviouslyLoggedInUser {
   id: string;
-  skip2FA?: boolean;
+  remember2FA?: boolean;
 }
 
 export interface SessionPasswordReset extends SessionChallengeBody {

diff --git a/src/common/meiling/v1/session.ts b/src/common/meiling/v1/session.ts
@@ -348,7 +348,7 @@ export async function setSession(req: FastifyRequest, data?: MeilingSession): Pr
                 try {
                   // not async function since we don't need to wait it to complete.
                   Meiling.Identity.User.updateLastAuthenticated(user.id);
-                } catch (e) {}
+                } catch (e) { }
               }
             }
           }
@@ -444,7 +444,7 @@ export async function setExtendedAuthenticationSessionMethodAndChallenge(
   }
 }
 
-export async function canSkip2FA(req: FastifyRequest, user: UserModel | string): Promise<boolean> {
+export async function is2FARemembered(req: FastifyRequest, user: UserModel | string): Promise<boolean> {
   const session = await getSessionFromRequest(req);
 
   if (session) {
@@ -460,8 +460,7 @@ export async function canSkip2FA(req: FastifyRequest, user: UserModel | string):
     const userId = userData.id;
 
     const result = session.previouslyLoggedIn.find((n) => n.id === userId);
-
-    return result !== null && result?.skip2FA === true;
+    return result !== null && result?.remember2FA === true;
   } else {
     return false;
   }
@@ -490,7 +489,7 @@ export async function getPreviouslyLoggedIn(req: FastifyRequest, user: UserModel
   }
 }
 
-export async function login(req: FastifyRequest, user: UserModel | string, skip2FA = false): Promise<void> {
+export async function login(req: FastifyRequest, user: UserModel | string, remember2FA = false): Promise<void> {
   const session = await getSessionFromRequest(req);
 
   if (session) {
@@ -516,7 +515,7 @@ export async function login(req: FastifyRequest, user: UserModel | string, skip2
     if (session.previouslyLoggedIn.map((user) => user.id === userData.id).indexOf(true) < 0) {
       session.previouslyLoggedIn.push({
         id: userData.id,
-        skip2FA,
+        remember2FA,
       });
     }
 

diff --git a/src/routes/v1/meiling/signin.ts b/src/routes/v1/meiling/signin.ts
@@ -21,7 +21,7 @@ export async function signinHandler(req: FastifyRequest, rep: FastifyReply): Pro
   }
 
   let userToLogin: UserModel;
-  let markToSkip2FA = false;
+  let markToRemember2FA = false;
 
   if (body.type === Meiling.V1.Interfaces.SigninType.USERNAME_CHECK) {
     const username = body?.data?.username;
@@ -91,9 +91,9 @@ export async function signinHandler(req: FastifyRequest, rep: FastifyReply): Pro
     }
 
     const user = userToLogin;
-    const shouldSkip2FA = await Meiling.V1.Session.canSkip2FA(req, user);
+    const is2FARemembered = await Meiling.V1.Session.is2FARemembered(req, user);
     if (user.useTwoFactor) {
-      if (shouldSkip2FA) {
+      if (is2FARemembered) {
         const twoFactorMethods = await Meiling.V1.User.getAvailableExtendedAuthenticationMethods(user, body.type);
 
         if (twoFactorMethods.length > 0) {
@@ -111,7 +111,7 @@ export async function signinHandler(req: FastifyRequest, rep: FastifyReply): Pro
           return;
         }
       } else {
-        markToSkip2FA = true;
+        markToRemember2FA = true;
       }
     }
   } else if (
@@ -311,33 +311,33 @@ export async function signinHandler(req: FastifyRequest, rep: FastifyReply): Pro
         webauthn:
           signinMethod === ExtendedAuthMethods.WEBAUTHN
             ? {
-                allowCredentials: (
-                  await getPrismaClient().authentication.findMany({
-                    where: {
-                      user: {
-                        id: {
-                          in: targetUsers.filter((n) => n !== undefined).map((n) => (n as UserModel).id),
-                        },
+              allowCredentials: (
+                await getPrismaClient().authentication.findMany({
+                  where: {
+                    user: {
+                      id: {
+                        in: targetUsers.filter((n) => n !== undefined).map((n) => (n as UserModel).id),
                       },
-                      method: 'WEBAUTHN',
-                      allowSingleFactor: body.type === SigninType.PASSWORDLESS ? true : undefined,
-                      allowTwoFactor: body.type === SigninType.TWO_FACTOR_AUTH ? true : undefined,
                     },
-                  })
-                )
-                  .map((n) => {
-                    const data = n.data as unknown as AuthenticationJSONObject;
-                    if (data.type !== 'WEBAUTHN') {
-                      return;
-                    }
-
-                    return {
-                      id: data.data.key.id,
-                      type: 'public-key',
-                    };
-                  })
-                  .filter((n) => n !== undefined),
-              }
+                    method: 'WEBAUTHN',
+                    allowSingleFactor: body.type === SigninType.PASSWORDLESS ? true : undefined,
+                    allowTwoFactor: body.type === SigninType.TWO_FACTOR_AUTH ? true : undefined,
+                  },
+                })
+              )
+                .map((n) => {
+                  const data = n.data as unknown as AuthenticationJSONObject;
+                  if (data.type !== 'WEBAUTHN') {
+                    return;
+                  }
+
+                  return {
+                    id: data.data.key.id,
+                    type: 'public-key',
+                  };
+                })
+                .filter((n) => n !== undefined),
+            }
             : undefined,
       };
 
@@ -499,8 +499,8 @@ please request this endpoint without challengeResponse field to request challeng
     if (authorizedUsers.length === 1) {
       userToLogin = authorizedUsers[0];
 
-      if ((body as Meiling.V1.Interfaces.SigninTwoFactor).skip2FA === true) {
-        markToSkip2FA = true;
+      if ((body as Meiling.V1.Interfaces.SigninTwoFactor).remember2FA === true) {
+        markToRemember2FA = true;
       }
     } else if (authorizedUsers.length > 1) {
       throw new Meiling.V1.Error.MeilingError(
@@ -517,7 +517,7 @@ please request this endpoint without challengeResponse field to request challeng
     return;
   }
 
-  await Meiling.V1.Session.login(req, userToLogin, markToSkip2FA);
+  await Meiling.V1.Session.login(req, userToLogin, markToRemember2FA);
   await Meiling.V1.Session.setExtendedAuthenticationSession(req, undefined);
 
   Meiling.Identity.User.updateLastAuthenticated(userToLogin);