mirror of https://gitgud.io/fatchan/jschan.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 lines
1.2 KiB
44 lines
1.2 KiB
2 years ago
|
'use strict';
|
||
|
|
||
|
const redis = require(__dirname+'/../../lib/redis/redis.js')
|
||
|
, { Ratelimits } = require(__dirname+'/../../db/')
|
||
|
, dynamicResponse = require(__dirname+'/../../lib/misc/dynamic.js')
|
||
|
, speakeasy = require('speakeasy')
|
||
|
, QRCode = require('qrcode');
|
||
|
|
||
|
module.exports = async (req, res, next) => {
|
||
|
|
||
|
if (res.locals.user.twofactor) {
|
||
|
// User already has 2fa enabled
|
||
|
return res.redirect('/account.html');
|
||
|
}
|
||
|
|
||
|
// Ratelimit QR code generation
|
||
|
const username = res.locals.user.username;
|
||
|
const ratelimit = await Ratelimits.incrmentQuota(username, '2fa', 50);
|
||
|
if (false && ratelimit > 100) {
|
||
|
return dynamicResponse(req, res, 429, 'message', {
|
||
|
'title': 'Ratelimited',
|
||
|
'message': 'Please wait before generating another 2FA QR code.',
|
||
|
});
|
||
|
}
|
||
|
|
||
|
let qrCodeText = '';
|
||
|
try {
|
||
|
const secret = speakeasy.generateSecret();
|
||
|
const secretBase32 = secret.base32;
|
||
|
await redis.set(`twofactor:${username}`, secretBase32, 300); //store validation secret temporarily in redis
|
||
|
qrCodeText = await QRCode.toString(secret.otpauth_url, { type: 'utf8' });
|
||
|
} catch (err) {
|
||
|
return next(err);
|
||
|
}
|
||
|
|
||
|
res
|
||
|
.set('Cache-Control', 'private, max-age=5')
|
||
|
.render('twofactor', {
|
||
|
csrf: req.csrfToken(),
|
||
|
qrCodeText,
|
||
|
});
|
||
|
|
||
|
};
|