diff options
| author | Minteck <contact@minteck.org> | 2022-08-10 10:38:44 +0200 |
|---|---|---|
| committer | Minteck <contact@minteck.org> | 2022-08-10 10:38:44 +0200 |
| commit | c6dbf0450566c40efc4a26f4f0717452b6ef95cd (patch) | |
| tree | b4be2d508223820d0a77d5a3e35e82684da3b6ec /server/hornchat.authentication.totp.js | |
| download | hornchat-c6dbf0450566c40efc4a26f4f0717452b6ef95cd.tar.gz hornchat-c6dbf0450566c40efc4a26f4f0717452b6ef95cd.tar.bz2 hornchat-c6dbf0450566c40efc4a26f4f0717452b6ef95cd.zip | |
Diffstat (limited to 'server/hornchat.authentication.totp.js')
| -rw-r--r-- | server/hornchat.authentication.totp.js | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/server/hornchat.authentication.totp.js b/server/hornchat.authentication.totp.js new file mode 100644 index 0000000..ab2fb3e --- /dev/null +++ b/server/hornchat.authentication.totp.js @@ -0,0 +1,57 @@ +const twofactor = require("node-2fa"); +const uuid = require("uuid-v4"); +const crypto = require("crypto"); +const fs = require("fs"); + +module.exports = (socket, data, req) => { + console.log("[" + socket.id + "] Username:", data.username, "TOTP:", data.totp); + + if (userCredentials.filter((i) => i.id === data.username).length > 0) { + if (userCredentials.filter((i) => i.id === data.username)[0].totp.secret) { + let verify = twofactor.verifyToken(userCredentials.filter((i) => i.id === data.username)[0].totp.secret, data.totp); + + if (verify !== null) { + if (verify.delta > -2 && verify.delta < 2) { + let deviceInfo = { + id: uuid(), + token: crypto.randomBytes(256).toString('hex'), + platform: require('ua-parser').parse(req.headers['user-agent']), + addresses: [socket.ip], + firstSeen: new Date(), + lastSeen: new Date() + } + + console.log("[" + socket.id + "] Authenticated successfully, added device " + deviceInfo.id); + + global.userCredentials = userCredentials.map((i) => { + if (i.id === data.username) { + i.devices.push(deviceInfo); + } + + return i; + }) + + fs.writeFileSync(dataPath + "/users.json", JSON.stringify(userCredentials, null, 2)); + + socket.send(JSON.stringify({error: null, success: true, device: deviceInfo})); + socket.close(); + } else { + socket.send(JSON.stringify({error:"INVALID_TOTP", success: false, device: null})); + console.log("[" + socket.id + "] Unable to authenticate"); + rateLimits[socket.ip] = new Date(); + socket.close(); + } + } else { + socket.send(JSON.stringify({error:"INVALID_TOTP", success: false, device: null})); + console.log("[" + socket.id + "] Unable to authenticate"); + rateLimits[socket.ip] = new Date(); + socket.close(); + } + } + } else { + socket.send(JSON.stringify({error:"USER_NOT_FOUND", success: false, device: null})); + console.log("[" + socket.id + "] Unable to authenticate"); + rateLimits[socket.ip] = new Date(); + socket.close(); + } +}
\ No newline at end of file |