|
|
@ -265,7 +265,7 @@ exports.entryPage = "dashboard";
|
|
|
|
if (user) {
|
|
|
|
if (user) {
|
|
|
|
afterLogin(socket, user);
|
|
|
|
afterLogin(socket, user);
|
|
|
|
|
|
|
|
|
|
|
|
if (user.twofaStatus == 0) {
|
|
|
|
if (user.twofa_status == 0) {
|
|
|
|
callback({
|
|
|
|
callback({
|
|
|
|
ok: true,
|
|
|
|
ok: true,
|
|
|
|
token: jwt.sign({
|
|
|
|
token: jwt.sign({
|
|
|
@ -274,7 +274,7 @@ exports.entryPage = "dashboard";
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (user.twofaStatus == 1 && !data.token) {
|
|
|
|
if (user.twofa_status == 1 && !data.token) {
|
|
|
|
callback({
|
|
|
|
callback({
|
|
|
|
tokenRequired: true,
|
|
|
|
tokenRequired: true,
|
|
|
|
});
|
|
|
|
});
|
|
|
@ -283,7 +283,13 @@ exports.entryPage = "dashboard";
|
|
|
|
if (data.token) {
|
|
|
|
if (data.token) {
|
|
|
|
let verify = notp.totp.verify(data.token, user.twofa_secret, twofa_verification_opts);
|
|
|
|
let verify = notp.totp.verify(data.token, user.twofa_secret, twofa_verification_opts);
|
|
|
|
|
|
|
|
|
|
|
|
if (verify && verify.delta == 0) {
|
|
|
|
if (user.twofa_last_token !== data.token && verify) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
await R.exec("UPDATE `user` SET twofa_last_token = ? WHERE id = ? ", [
|
|
|
|
|
|
|
|
data.token,
|
|
|
|
|
|
|
|
socket.userID,
|
|
|
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
|
|
callback({
|
|
|
|
callback({
|
|
|
|
ok: true,
|
|
|
|
ok: true,
|
|
|
|
token: jwt.sign({
|
|
|
|
token: jwt.sign({
|
|
|
@ -401,7 +407,7 @@ exports.entryPage = "dashboard";
|
|
|
|
|
|
|
|
|
|
|
|
let verify = notp.totp.verify(token, user.twofa_secret, twofa_verification_opts);
|
|
|
|
let verify = notp.totp.verify(token, user.twofa_secret, twofa_verification_opts);
|
|
|
|
|
|
|
|
|
|
|
|
if (verify && verify.delta == 0) {
|
|
|
|
if (user.twofa_last_token !== token && verify) {
|
|
|
|
callback({
|
|
|
|
callback({
|
|
|
|
ok: true,
|
|
|
|
ok: true,
|
|
|
|
valid: true,
|
|
|
|
valid: true,
|
|
|
|