commit 760e0ab805c3e7610777ddad2c7d8392b765c7c6
parent 8f5bfe7938b9037fb802c0811b28f2575f3b0e89
Author: Roman Hargrave <roman@hargrave.info>
Date: Fri, 9 Nov 2018 00:00:31 -0600
Initial u2f fix
Diffstat:
2 files changed, 29 insertions(+), 0 deletions(-)
diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs
@@ -80,6 +80,7 @@ pub fn routes() -> Vec<Route> {
activate_authenticator,
activate_authenticator_put,
generate_u2f,
+ generate_u2f_challenge,
activate_u2f,
activate_u2f_put,
diff --git a/src/api/core/two_factor.rs b/src/api/core/two_factor.rs
@@ -273,6 +273,34 @@ fn generate_u2f(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn)
})))
}
+#[post("/two-factor/get-u2f-challenge", data = "<data>")]
+fn generate_u2f_challenge(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn) -> JsonResult {
+ let data: PasswordData = data.into_inner().data;
+
+ if !headers.user.check_valid_password(&data.MasterPasswordHash) {
+ err!("Invalid password");
+ }
+
+ let user_uuid = &headers.user.uuid;
+
+ let u2f_type = TwoFactorType::U2f as i32;
+ let register_type = TwoFactorType::U2fRegisterChallenge;
+ let (enabled, challenge) = match TwoFactor::find_by_user_and_type(user_uuid, u2f_type, &conn) {
+ Some(_) => (true, String::new()),
+ None => {
+ let c = _create_u2f_challenge(user_uuid, register_type, &conn);
+ (false, c.challenge)
+ }
+ };
+
+ Ok(Json(json!({
+ "UserId": headers.user.uuid,
+ "AppId": APP_ID.to_string(),
+ "Challenge": challenge,
+ "Version": U2F_VERSION,
+ })))
+}
+
#[derive(Deserialize, Debug)]
#[allow(non_snake_case)]
struct EnableU2FData {
