1 files changed, 57 insertions, 0 deletions

diff --git a/server/hornchat.authentication.totp.js b/server/hornchat.authentication.totp.js
new file mode 100644
index 0000000..ab2fb3e
--- /dev/null
+++ b/server/hornchat.authentication.totp.js
@@ -0,0 +1,57 @@
+const twofactor = require("node-2fa");
+const uuid = require("uuid-v4");
+const crypto = require("crypto");
+const fs = require("fs");
+
+module.exports = (socket, data, req) => {
+    console.log("[" + socket.id + "] Username:", data.username, "TOTP:", data.totp);
+
+    if (userCredentials.filter((i) => i.id === data.username).length > 0) {
+        if (userCredentials.filter((i) => i.id === data.username)[0].totp.secret) {
+            let verify = twofactor.verifyToken(userCredentials.filter((i) => i.id === data.username)[0].totp.secret, data.totp);
+
+            if (verify !== null) {
+                if (verify.delta > -2 && verify.delta < 2) {
+                    let deviceInfo = {
+                        id: uuid(),
+                        token: crypto.randomBytes(256).toString('hex'),
+                        platform: require('ua-parser').parse(req.headers['user-agent']),
+                        addresses: [socket.ip],
+                        firstSeen: new Date(),
+                        lastSeen: new Date()
+                    }
+
+                    console.log("[" + socket.id + "] Authenticated successfully, added device " + deviceInfo.id);
+
+                    global.userCredentials = userCredentials.map((i) => {
+                        if (i.id === data.username) {
+                            i.devices.push(deviceInfo);
+                        }
+
+                        return i;
+                    })
+
+                    fs.writeFileSync(dataPath + "/users.json", JSON.stringify(userCredentials, null, 2));
+
+                    socket.send(JSON.stringify({error: null, success: true, device: deviceInfo}));
+                    socket.close();
+                } else {
+                    socket.send(JSON.stringify({error:"INVALID_TOTP", success: false, device: null}));
+                    console.log("[" + socket.id + "] Unable to authenticate");
+                    rateLimits[socket.ip] = new Date();
+                    socket.close();
+                }
+            } else {
+                socket.send(JSON.stringify({error:"INVALID_TOTP", success: false, device: null}));
+                console.log("[" + socket.id + "] Unable to authenticate");
+                rateLimits[socket.ip] = new Date();
+                socket.close();
+            }
+        }
+    } else {
+        socket.send(JSON.stringify({error:"USER_NOT_FOUND", success: false, device: null}));
+        console.log("[" + socket.id + "] Unable to authenticate");
+        rateLimits[socket.ip] = new Date();
+        socket.close();
+    }
+}
\ No newline at end of file