From 8c2df71cdea0a9285b2f3e66bd0c3b9ba1a3b63f Mon Sep 17 00:00:00 2001 From: batche Date: Thu, 8 Dec 2022 13:51:56 +0100 Subject: [PATCH 1/3] les redirections fonctionnent --- .../src/auth/42/authentication.controller.ts | 8 +- .../api_back/src/users/users.controller.ts | 11 +-- .../src/pages/profile/ProfileSettings.svelte | 90 ++++++++++++------- 3 files changed, 67 insertions(+), 42 deletions(-) diff --git a/srcs/requirements/nestjs/api_back/src/auth/42/authentication.controller.ts b/srcs/requirements/nestjs/api_back/src/auth/42/authentication.controller.ts index ef6f6075..6746e911 100644 --- a/srcs/requirements/nestjs/api_back/src/auth/42/authentication.controller.ts +++ b/srcs/requirements/nestjs/api_back/src/auth/42/authentication.controller.ts @@ -35,8 +35,10 @@ export class AuthenticationController { console.log('ON EST DANS REDIRECT AUTH CONTROLLER'); console.log('On redirige'); const user : User = request.user - if (user.isEnabledTwoFactorAuth === false || user.isTwoFactorAuthenticated === true) - {console.log('ON VA VERS PROFILE');return response.status(200).redirect('http://transcendance:8080/#/profile');} + if (user.isEnabledTwoFactorAuth === false || user.isTwoFactorAuthenticated === true){ + console.log('ON VA VERS PROFILE'); + return response.status(200).redirect('http://transcendance:8080/#/profile'); + } console.log('ON VA VERS 2FA') return response.status(200).redirect('http://transcendance:8080/#/2fa'); } @@ -81,6 +83,6 @@ export class AuthenticationController { throw new UnauthorizedException('Wrong Code.'); await this.userService.authenticateUserWith2FA(request.user.id); console.log('ON REDIRIGE'); - return response.status(200).redirect('http://transcendance:8080/'); + return response.status(200).redirect('http://transcendance:8080/#/profile'); } } diff --git a/srcs/requirements/nestjs/api_back/src/users/users.controller.ts b/srcs/requirements/nestjs/api_back/src/users/users.controller.ts index 452690a4..22b70512 100644 --- a/srcs/requirements/nestjs/api_back/src/users/users.controller.ts +++ b/srcs/requirements/nestjs/api_back/src/users/users.controller.ts @@ -1,7 +1,8 @@ import { - Body, Controller, Delete, Get, NotFoundException, Param, Patch, Post, Query, Req, Res, UploadedFile, UseGuards, UseInterceptors + Body, Controller, Delete, Get, NotFoundException, Param, Patch, Post, Query, Redirect, Req, Res, UploadedFile, UseGuards, UseInterceptors } from '@nestjs/common'; import { FileInterceptor } from '@nestjs/platform-express'; +import { Response } from 'express'; import { AuthenticateGuard, TwoFactorGuard } from 'src/auth/42/guards/42guards'; import { PaginationQueryDto } from 'src/common/dto/pagination-query.dto'; import { ValidationPipe } from 'src/common/validation/validation.pipe'; @@ -63,7 +64,7 @@ export class UsersController { @UseGuards(AuthenticateGuard) @UseGuards(TwoFactorGuard) @Patch() - async update(@Req() req, @Body(new ValidationPipe()) usersUpdateDto: UpdateUsersDto, @Res() response) { + async update(@Req() req, @Body(new ValidationPipe()) usersUpdateDto: UpdateUsersDto, @Res() response : Response) { console.log("DANS PATCH USERS"); const user = await this.usersService.update(req.user.id, usersUpdateDto); // const user : User = req.user; @@ -72,10 +73,10 @@ export class UsersController { console.log ("Enbale 2FA " + user.isEnabledTwoFactorAuth + " Is authenticated " + user.isTwoFactorAuthenticated); if (user.isEnabledTwoFactorAuth === true && user.isTwoFactorAuthenticated === false) { - console.log("On est dans la boucle de redirection 2FA / Au niveau de l'update du user") - return response.status(200).redirect("http://transcendance:8080/#/2fa"); + response.status(201).send('2FA redirect') } - return response.status(200).redirect("http://transcendance:8080/#/profile") + console.log("ON RETOURNE 200\n") + response.status(200).send("OK") } @UseGuards(AuthenticateGuard) diff --git a/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte b/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte index 4d215982..e378c429 100644 --- a/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte +++ b/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte @@ -14,6 +14,7 @@ let set = { username: '', tfa: false }; let nameTmp; // annoying... const errors = { username: '', checkbox: '', avatar: ''}; + let success = {username: '', avatar: '' }; onMount( async() => { user = await fetch('http://transcendance:8080/api/v2/user') @@ -55,30 +56,40 @@ // I don't really care which i use at this point... // if (set.username === nameTmp) { - if (set.username === user.username || (set.username.trim() === '' && set.username !== '')) { + if ((set.username.trim() === '')) { errors.username = 'Invalid new username'; - valid = false; - } else { - errors.username = ''; - valid = true; + return; } + else if (set.username === user.username){ + errors.username = "You must choose a different username than the previous" + return; + } + else { + errors.username = ''; + } + const res = await fetch('http://transcendance:8080/api/v2/user',{ + method: 'PATCH', + headers: { + 'Content-Type': 'application/json' + }, + body: JSON.stringify({ + "username": set.username, + "isEnabledTwoFactorAuth": set.tfa + }) + }) + .then((response) => { + if (response.status === 200) + success.username = "Your changes have been saved" + else if (response.status === 201) + push("/2fa") + else + errors.username = "Something went wrong" + } + ) + .catch((err) => errors.username = err) - if (valid) { - await fetch('http://transcendance:8080/api/v2/user',{ - method: 'PATCH', - headers: { - 'Content-Type': 'application/json' - }, - body: JSON.stringify({ - "username": set.username, - "isEnabledTwoFactorAuth": set.tfa - }) - }) - .then(response => response.json()) // .then((result) => console.log(result)) // .then(() => console.log('successful sub of new settings')) - } - }; const uploadAvatar = async() => { @@ -87,23 +98,28 @@ errors.avatar = 'You need to pick a file.' return; } - const data = new FormData(); - data.append("file", newAvatar[0]); + const data = new FormData(); + data.append("file", newAvatar[0]); - // tmp - console.log(data); +// tmp + console.log(data); - await fetch("http://transcendance:8080/api/v2/user/avatar", - { - method : 'POST', - body : data, - }) - .then(() => uploadAvatarSuccess = true ) // for some reason it needs to be a function, i think a TS thing, not a promis otherwise - .then(() => push('/profile') ) - .catch(() => errors.avatar = 'Sorry failed to upload your new Avatar' ) - // some of this shit is unnecessary... - // also i'm not convinced the .catch works... - } + await fetch("http://transcendance:8080/api/v2/user/avatar", + { + method : 'POST', + body : data, + }) + .then(() => uploadAvatarSuccess = true ) // for some reason it needs to be a function, i think a TS thing, not a promis otherwise + .then(() => success.avatar = 'Your changes have been saved') + .catch(() => errors.avatar = 'Sorry failed to upload your new Avatar' ); + await fetch("http://transcendance:8080/api/v2/user/avatar", {method: "GET"}) + .then(response => {return response.blob()}) + .then(data => { + const url = URL.createObjectURL(data); + avatar = url; + }) + .catch(() => errors.avatar = 'Sorry your avatar could not be loaded' ); + } @@ -118,6 +134,7 @@ +
{success.username}
{errors.username}
@@ -201,5 +218,10 @@ color: red; } + .success{ + font-size: 0.8em; + font-weight: bold; + color: green; + } From b00c9e1474cb76941f789281d559a456a79c446a Mon Sep 17 00:00:00 2001 From: batche Date: Thu, 8 Dec 2022 14:01:07 +0100 Subject: [PATCH 2/3] changements mineurs --- .../src/pages/profile/ProfileSettings.svelte | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte b/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte index e378c429..b3e0c4f2 100644 --- a/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte +++ b/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte @@ -52,22 +52,19 @@ }) const settingsHandler = async() => { - let valid = false; - // I don't really care which i use at this point... // if (set.username === nameTmp) { - if ((set.username.trim() === '')) { + if ((set.username.trim() === '') && set.tfa === user.isEnabledTwoFactorAuth) { errors.username = 'Invalid new username'; return; } - else if (set.username === user.username){ - errors.username = "You must choose a different username than the previous" - return; + else if ((set.username.trim() === '') && set.tfa !== user.isEnabledTwoFactorAuth) { + set.username = user.username } else { errors.username = ''; } - const res = await fetch('http://transcendance:8080/api/v2/user',{ + await fetch('http://transcendance:8080/api/v2/user',{ method: 'PATCH', headers: { 'Content-Type': 'application/json' From 46fcb423e5102dc0eee26034e0ade42c15df1c51 Mon Sep 17 00:00:00 2001 From: batche Date: Thu, 8 Dec 2022 14:34:14 +0100 Subject: [PATCH 3/3] changements mineurs --- .../nestjs/api_back/src/auth/42/authentication.service.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/srcs/requirements/nestjs/api_back/src/auth/42/authentication.service.ts b/srcs/requirements/nestjs/api_back/src/auth/42/authentication.service.ts index 591d7f9d..b338ce7b 100644 --- a/srcs/requirements/nestjs/api_back/src/auth/42/authentication.service.ts +++ b/srcs/requirements/nestjs/api_back/src/auth/42/authentication.service.ts @@ -42,7 +42,10 @@ export class AuthenticationService { } async generate2FaSecret(user : User) { - const secret = authenticator.generateSecret(); + let secret : string; + secret = user.secretTwoFactorAuth; + if (!user.secretTwoFactorAuth) + secret = authenticator.generateSecret(); const otpauth = authenticator.keyuri(user.email, process.env.TWO_FACTOR_AUTHENTICATION_APP_NAME, secret); await this.userService.setAuthenticatorSecret(user.id, secret); return { secret, otpauth };