yetangitu/Peertube
1
0
Fork 0
mirror of https://github.com/Chocobozzz/PeerTube.git synced 2025-10-05 19:42:24 +02:00
Code Issues Releases Wiki Activity

Encrypt OTP secret

Browse source
This commit is contained in:
Chocobozzz 2022-10-10 11:12:23 +02:00
parent a0da6f90d1
commit a3e5f804ad
No known key found for this signature in database
GPG key ID: 583A612D890159BE
16 changed files with 149 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

4
server/lib/auth/oauth.ts
View file

@ -9,12 +9,12 @@ import OAuth2Server, {
UnsupportedGrantTypeError
} from '@node-oauth/oauth2-server'
import { randomBytesPromise } from '@server/helpers/core-utils'
import { isOTPValid } from '@server/helpers/otp'
import { MOAuthClient } from '@server/types/models'
import { sha1 } from '@shared/extra-utils'
import { HttpStatusCode } from '@shared/models'
import { OAUTH_LIFETIME, OTP } from '../../initializers/constants'
import { BypassLogin, getClient, getRefreshToken, getUser, revokeToken, saveToken } from './oauth-model'
import { isOTPValid } from '@server/helpers/otp'
class MissingTwoFactorError extends Error {
code = HttpStatusCode.UNAUTHORIZED_401
@ -138,7 +138,7 @@ async function handlePasswordGrant (options: {
throw new MissingTwoFactorError('Missing two factor header')
}
if (isOTPValid({ secret: user.otpSecret, token: request.headers[OTP.HEADER_NAME] }) !== true) {
if (await isOTPValid({ encryptedSecret: user.otpSecret, token: request.headers[OTP.HEADER_NAME] }) !== true) {
throw new InvalidTwoFactorError('Invalid two factor header')
}
}