merged with master
This commit is contained in:
Me
@@ -35,8 +35,10 @@ export class AuthenticationController {
|
|||||||
console.log('ON EST DANS REDIRECT AUTH CONTROLLER');
|
console.log('ON EST DANS REDIRECT AUTH CONTROLLER');
|
||||||
console.log('On redirige');
|
console.log('On redirige');
|
||||||
const user : User = request.user
|
const user : User = request.user
|
||||||
if (user.isEnabledTwoFactorAuth === false || user.isTwoFactorAuthenticated === true)
|
if (user.isEnabledTwoFactorAuth === false || user.isTwoFactorAuthenticated === true){
|
||||||
{console.log('ON VA VERS PROFILE');return response.status(200).redirect('http://transcendance:8080/#/profile');}
|
console.log('ON VA VERS PROFILE');
|
||||||
|
return response.status(200).redirect('http://transcendance:8080/#/profile');
|
||||||
|
}
|
||||||
console.log('ON VA VERS 2FA')
|
console.log('ON VA VERS 2FA')
|
||||||
return response.status(200).redirect('http://transcendance:8080/#/2fa');
|
return response.status(200).redirect('http://transcendance:8080/#/2fa');
|
||||||
}
|
}
|
||||||
@@ -81,6 +83,6 @@ export class AuthenticationController {
|
|||||||
throw new UnauthorizedException('Wrong Code.');
|
throw new UnauthorizedException('Wrong Code.');
|
||||||
await this.userService.authenticateUserWith2FA(request.user.id);
|
await this.userService.authenticateUserWith2FA(request.user.id);
|
||||||
console.log('ON REDIRIGE');
|
console.log('ON REDIRIGE');
|
||||||
return response.status(200).redirect('http://transcendance:8080/');
|
return response.status(200).redirect('http://transcendance:8080/#/profile');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -42,7 +42,10 @@ export class AuthenticationService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async generate2FaSecret(user : User) {
|
async generate2FaSecret(user : User) {
|
||||||
const secret = authenticator.generateSecret();
|
let secret : string;
|
||||||
|
secret = user.secretTwoFactorAuth;
|
||||||
|
if (!user.secretTwoFactorAuth)
|
||||||
|
secret = authenticator.generateSecret();
|
||||||
const otpauth = authenticator.keyuri(user.email, process.env.TWO_FACTOR_AUTHENTICATION_APP_NAME, secret);
|
const otpauth = authenticator.keyuri(user.email, process.env.TWO_FACTOR_AUTHENTICATION_APP_NAME, secret);
|
||||||
await this.userService.setAuthenticatorSecret(user.id, secret);
|
await this.userService.setAuthenticatorSecret(user.id, secret);
|
||||||
return { secret, otpauth };
|
return { secret, otpauth };
|
||||||
|
|||||||
@@ -1,7 +1,8 @@
|
|||||||
import {
|
import {
|
||||||
Body, Controller, Delete, Get, NotFoundException, Param, Patch, Post, Query, Req, Res, UploadedFile, UseGuards, UseInterceptors
|
Body, Controller, Delete, Get, NotFoundException, Param, Patch, Post, Query, Redirect, Req, Res, UploadedFile, UseGuards, UseInterceptors
|
||||||
} from '@nestjs/common';
|
} from '@nestjs/common';
|
||||||
import { FileInterceptor } from '@nestjs/platform-express';
|
import { FileInterceptor } from '@nestjs/platform-express';
|
||||||
|
import { Response } from 'express';
|
||||||
import { AuthenticateGuard, TwoFactorGuard } from 'src/auth/42/guards/42guards';
|
import { AuthenticateGuard, TwoFactorGuard } from 'src/auth/42/guards/42guards';
|
||||||
import { PaginationQueryDto } from 'src/common/dto/pagination-query.dto';
|
import { PaginationQueryDto } from 'src/common/dto/pagination-query.dto';
|
||||||
import { ValidationPipe } from 'src/common/validation/validation.pipe';
|
import { ValidationPipe } from 'src/common/validation/validation.pipe';
|
||||||
@@ -63,7 +64,7 @@ export class UsersController {
|
|||||||
@UseGuards(AuthenticateGuard)
|
@UseGuards(AuthenticateGuard)
|
||||||
@UseGuards(TwoFactorGuard)
|
@UseGuards(TwoFactorGuard)
|
||||||
@Patch()
|
@Patch()
|
||||||
async update(@Req() req, @Body(new ValidationPipe()) usersUpdateDto: UpdateUsersDto, @Res() response) {
|
async update(@Req() req, @Body(new ValidationPipe()) usersUpdateDto: UpdateUsersDto, @Res() response : Response) {
|
||||||
console.log("DANS PATCH USERS");
|
console.log("DANS PATCH USERS");
|
||||||
const user = await this.usersService.update(req.user.id, usersUpdateDto);
|
const user = await this.usersService.update(req.user.id, usersUpdateDto);
|
||||||
// const user : User = req.user;
|
// const user : User = req.user;
|
||||||
@@ -72,11 +73,10 @@ export class UsersController {
|
|||||||
console.log ("Enbale 2FA " + user.isEnabledTwoFactorAuth + " Is authenticated " + user.isTwoFactorAuthenticated);
|
console.log ("Enbale 2FA " + user.isEnabledTwoFactorAuth + " Is authenticated " + user.isTwoFactorAuthenticated);
|
||||||
if (user.isEnabledTwoFactorAuth === true && user.isTwoFactorAuthenticated === false)
|
if (user.isEnabledTwoFactorAuth === true && user.isTwoFactorAuthenticated === false)
|
||||||
{
|
{
|
||||||
console.log("On est dans la boucle de redirection 2FA / Au niveau de l'update du user")
|
response.status(201).send('2FA redirect')
|
||||||
return response.status(200).redirect("http://transcendance:8080/#/2fa");
|
|
||||||
}
|
}
|
||||||
return response.status(200).redirect("http://transcendance:8080/#/profile");
|
console.log("ON RETOURNE 200\n")
|
||||||
// return response.status(200);
|
response.status(200).send("OK")
|
||||||
}
|
}
|
||||||
|
|
||||||
@UseGuards(AuthenticateGuard)
|
@UseGuards(AuthenticateGuard)
|
||||||
|
|||||||
@@ -13,6 +13,7 @@
|
|||||||
let set = { username: '', tfa: false };
|
let set = { username: '', tfa: false };
|
||||||
let nameTmp; // annoying...
|
let nameTmp; // annoying...
|
||||||
const errors = { username: '', checkbox: '', avatar: ''};
|
const errors = { username: '', checkbox: '', avatar: ''};
|
||||||
|
let success = {username: '', avatar: '' };
|
||||||
|
|
||||||
onMount( async() => {
|
onMount( async() => {
|
||||||
user = await fetch('http://transcendance:8080/api/v2/user')
|
user = await fetch('http://transcendance:8080/api/v2/user')
|
||||||
@@ -50,51 +51,41 @@
|
|||||||
})
|
})
|
||||||
|
|
||||||
const settingsHandler = async() => {
|
const settingsHandler = async() => {
|
||||||
let valid = false;
|
|
||||||
|
|
||||||
// I don't really care which i use at this point...
|
// I don't really care which i use at this point...
|
||||||
// if (set.username === nameTmp) {
|
// if (set.username === nameTmp) {
|
||||||
// if (set.username === user.username || (set.username !== '' && set.username.trim() === '')) {
|
if ((set.username.trim() === '') && set.tfa === user.isEnabledTwoFactorAuth) {
|
||||||
// if (set.username !== '' && set.username.trim() === '') {
|
|
||||||
if (set.username === undefined || (set.username !== '' && set.username.trim() === '')) {
|
|
||||||
errors.username = 'Invalid new username';
|
errors.username = 'Invalid new username';
|
||||||
valid = false;
|
return;
|
||||||
} else {
|
}
|
||||||
|
else if ((set.username.trim() === '') && set.tfa !== user.isEnabledTwoFactorAuth) {
|
||||||
|
set.username = user.username
|
||||||
|
}
|
||||||
|
else {
|
||||||
errors.username = '';
|
errors.username = '';
|
||||||
valid = true;
|
|
||||||
}
|
|
||||||
if (set.username === '') {
|
|
||||||
// set.username = nameTmp;
|
|
||||||
set.username = user.username;
|
|
||||||
}
|
}
|
||||||
|
await fetch('http://transcendance:8080/api/v2/user',{
|
||||||
|
method: 'PATCH',
|
||||||
|
headers: {
|
||||||
|
'Content-Type': 'application/json'
|
||||||
|
},
|
||||||
|
body: JSON.stringify({
|
||||||
|
"username": set.username,
|
||||||
|
"isEnabledTwoFactorAuth": set.tfa
|
||||||
|
})
|
||||||
|
})
|
||||||
|
.then((response) => {
|
||||||
|
if (response.status === 200)
|
||||||
|
success.username = "Your changes have been saved"
|
||||||
|
else if (response.status === 201)
|
||||||
|
push("/2fa")
|
||||||
|
else
|
||||||
|
errors.username = "Something went wrong"
|
||||||
|
}
|
||||||
|
)
|
||||||
|
.catch((err) => errors.username = err)
|
||||||
|
|
||||||
console.log("valid is " + valid)
|
// .then((result) => console.log(result))
|
||||||
console.log("username is " + set.username)
|
|
||||||
|
|
||||||
if (valid) {
|
|
||||||
console.log('settings valid about to fetch')
|
|
||||||
const response = await fetch('http://transcendance:8080/api/v2/user',
|
|
||||||
{
|
|
||||||
method: 'PATCH',
|
|
||||||
headers: {
|
|
||||||
'Content-Type': 'application/json'
|
|
||||||
},
|
|
||||||
body: JSON.stringify({
|
|
||||||
"username": set.username,
|
|
||||||
"isEnabledTwoFactorAuth": set.tfa
|
|
||||||
})
|
|
||||||
})
|
|
||||||
// .then(() => push('/profile'))
|
|
||||||
// .then(response => response.json())
|
|
||||||
// .then((result) => console.log("this is result " + result))
|
|
||||||
// .then(() => console.log('successful sub of new settings'))
|
// .then(() => console.log('successful sub of new settings'))
|
||||||
console.log('end of settings is valid')
|
|
||||||
// if (response.status === 200) {
|
|
||||||
// push('/profile');
|
|
||||||
// console.log('valid Code for 2FA')
|
|
||||||
// }
|
|
||||||
}
|
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
const uploadAvatar = async() => {
|
const uploadAvatar = async() => {
|
||||||
@@ -103,23 +94,28 @@
|
|||||||
errors.avatar = 'You need to pick a file.'
|
errors.avatar = 'You need to pick a file.'
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
const data = new FormData();
|
const data = new FormData();
|
||||||
data.append("file", newAvatar[0]);
|
data.append("file", newAvatar[0]);
|
||||||
|
|
||||||
// tmp
|
// tmp
|
||||||
console.log(data);
|
console.log(data);
|
||||||
|
|
||||||
await fetch("http://transcendance:8080/api/v2/user/avatar",
|
await fetch("http://transcendance:8080/api/v2/user/avatar",
|
||||||
{
|
{
|
||||||
method : 'POST',
|
method : 'POST',
|
||||||
body : data,
|
body : data,
|
||||||
})
|
})
|
||||||
.then(() => uploadAvatarSuccess = true ) // for some reason it needs to be a function, i think a TS thing, not a promis otherwise
|
.then(() => uploadAvatarSuccess = true ) // for some reason it needs to be a function, i think a TS thing, not a promis otherwise
|
||||||
.then(() => push('/profile') )
|
.then(() => success.avatar = 'Your changes have been saved')
|
||||||
.catch(() => errors.avatar = 'Sorry failed to upload your new Avatar' )
|
.catch(() => errors.avatar = 'Sorry failed to upload your new Avatar' );
|
||||||
// some of this shit is unnecessary...
|
await fetch("http://transcendance:8080/api/v2/user/avatar", {method: "GET"})
|
||||||
// also i'm not convinced the .catch works...
|
.then(response => {return response.blob()})
|
||||||
}
|
.then(data => {
|
||||||
|
const url = URL.createObjectURL(data);
|
||||||
|
avatar = url;
|
||||||
|
})
|
||||||
|
.catch(() => errors.avatar = 'Sorry your avatar could not be loaded' );
|
||||||
|
}
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
@@ -134,6 +130,7 @@
|
|||||||
<!-- it really hates {user.username} and ${user.username} -->
|
<!-- it really hates {user.username} and ${user.username} -->
|
||||||
<!-- <input type="text" placeholder="current username: ${user.username}" bind:value={set.username}> -->
|
<!-- <input type="text" placeholder="current username: ${user.username}" bind:value={set.username}> -->
|
||||||
<input type="text" placeholder="current username: {nameTmp}" bind:value={set.username}>
|
<input type="text" placeholder="current username: {nameTmp}" bind:value={set.username}>
|
||||||
|
<div class="success">{success.username}</div>
|
||||||
<div class="error">{errors.username}</div>
|
<div class="error">{errors.username}</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-field">
|
<div class="form-field">
|
||||||
@@ -217,5 +214,10 @@
|
|||||||
color: red;
|
color: red;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.success{
|
||||||
|
font-size: 0.8em;
|
||||||
|
font-weight: bold;
|
||||||
|
color: green;
|
||||||
|
}
|
||||||
|
|
||||||
</style>
|
</style>
|
||||||
|
|||||||
Reference in New Issue
Block a user