OpenServer/OpenAuth_server
1
1
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Added U2F Support for YubiKey

Browse Source
This commit is contained in:
Fabian Stamm
2019-03-12 21:06:09 -04:00
parent aa47e6c92f
commit c54406564c
41 changed files with 2955 additions and 2005 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/models/login_token.ts
View File

@ -1,6 +1,7 @@
import DB from "../database";
import { ModelDataBase } from "@hibas123/safe_mongo/lib/model";
import { ObjectID } from "mongodb";
import moment = require("moment");
export interface ILoginToken extends ModelDataBase {
token: string;
@ -9,6 +10,9 @@ export interface ILoginToken extends ModelDataBase {
validTill: Date;
valid: boolean;
validated: boolean;
data: any;
ip: string;
browser: string;
}
const LoginToken = DB.addModel<ILoginToken>({
name: "login_token",
@ -31,7 +35,31 @@ const LoginToken = DB.addModel<ILoginToken>({
valid: { type: Boolean },
validated: { type: Boolean, default: false }
}
}, {
migration: (doc: ILoginToken) => { doc.validated = true; },
schema: {
token: { type: String },
special: { type: Boolean, default: () => false },
user: { type: ObjectID },
validTill: { type: Date },
valid: { type: Boolean },
validated: { type: Boolean, default: false },
data: { type: "any", optional: true },
ip: { type: String, optional: true },
browser: { type: String, optional: true }
}
}]
})
export async function CheckToken(token: ILoginToken, validated: boolean = true): Promise<boolean> {
if (!token || !token.valid) return false;
if (validated && !token.validated) return false;
if (moment().isAfter(token.validTill)) {
token.valid = false;
await LoginToken.save(token)
return false;
}
return true;
}
export default LoginToken;

57
src/models/twofactor.ts Normal file
View File

@ -0,0 +1,57 @@
import DB from "../database";
import { ModelDataBase } from "@hibas123/safe_mongo/lib/model";
import { ObjectID } from "bson";
export enum TFATypes {
OTC,
BACKUP_CODE,
U2F,
APP_ALLOW
}
export interface ITwoFactor extends ModelDataBase {
user: ObjectID
valid: boolean
expires?: Date;
name?: string;
type: TFATypes
data: any;
}
export interface IOTP extends ITwoFactor {
data: string;
}
export interface IYubiKey extends ITwoFactor {
data: {
registration?: any;
publicKey: string;
keyHandle: string;
}
}
export interface IU2F extends ITwoFactor {
data: {
challenge?: string;
publicKey: string;
keyHandle: string;
registration?: string;
}
}
const TwoFactor = DB.addModel<ITwoFactor>({
name: "twofactor",
versions: [{
migration: (e) => { },
schema: {
user: { type: ObjectID },
valid: { type: Boolean },
expires: { type: Date, optional: true },
name: { type: String, optional: true },
type: { type: Number },
data: { type: "any" },
}
}]
});
export default TwoFactor;

33
src/models/user.ts
View File

@ -11,11 +11,6 @@ export enum Gender {
other
}
export enum TokenTypes {
OTC,
BACKUP_CODE
}
export interface IUser extends ModelDataBase {
uid: string;
username: string;
@ -28,7 +23,6 @@ export interface IUser extends ModelDataBase {
salt: string;
mails: ObjectID[];
phones: { phone: string, verified: boolean, primary: boolean }[];
twofactor: { token: string, valid: boolean, type: TokenTypes }[];
encryption_key: string;
}
@ -100,6 +94,33 @@ const User = DB.addModel<IUser>({
default: () => randomString(64)
}
}
},
{
migration: (e: any) => { delete e.twofactor },
schema: {
uid: { type: String, default: () => v4() },
username: { type: String },
name: { type: String },
birthday: { type: Date, optional: true },
gender: { type: Number },
admin: { type: Boolean },
password: { type: String },
salt: { type: String },
mails: { type: Array, default: () => [] },
phones: {
array: true,
model: true,
type: {
phone: { type: String },
verified: { type: Boolean },
primary: { type: Boolean }
}
},
encryption_key: {
type: String,
default: () => randomString(64)
}
}
}]
})