Add endpoint to get the current users totp status
This commit is contained in:
kolaente
parent
24904585a2
commit
87d0c9088d
3 changed files with 30 additions and 4 deletions
|
|
@ -122,3 +122,27 @@ func UserTOTPQrCode(c echo.Context) error {
|
|||
|
||||
return c.Blob(http.StatusOK, "image/jpeg", buff.Bytes())
|
||||
}
|
||||
|
||||
// UserTOTP returns the current totp implementation if any is enabled.
|
||||
// @Summary Totp setting for the current user
|
||||
// @Description Returns the current user totp setting or an error if it is not enabled.
|
||||
// @tags user
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Security JWTKeyAuth
|
||||
// @Success 200 {object} user.TOTP "The totp settings."
|
||||
// @Failure 500 {object} models.Message "Internal server error."
|
||||
// @Router /user/settings/totp [get]
|
||||
func UserTOTP(c echo.Context) error {
|
||||
u, err := user.GetCurrentUser(c)
|
||||
if err != nil {
|
||||
return handler.HandleHTTPError(err, c)
|
||||
}
|
||||
|
||||
t, err := user.GetTOTPForUser(u)
|
||||
if err != nil {
|
||||
return handler.HandleHTTPError(err, c)
|
||||
}
|
||||
|
||||
return c.JSON(http.StatusOK, t)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -209,6 +209,7 @@ func registerAPIRoutes(a *echo.Group) {
|
|||
u.GET("s", apiv1.UserList)
|
||||
u.POST("/token", apiv1.RenewToken)
|
||||
u.POST("/settings/email", apiv1.UpdateUserEmail)
|
||||
u.GET("/settings/totp", apiv1.UserTOTP)
|
||||
u.POST("/settings/totp/enroll", apiv1.UserTOTPEnroll)
|
||||
u.POST("/settings/totp/enable", apiv1.UserTOTPEnable)
|
||||
u.GET("/settings/totp/qrcode", apiv1.UserTOTPQrCode)
|
||||
|
|
|
|||
|
|
@ -44,12 +44,13 @@ type TOTPPasscode struct {
|
|||
Passcode string `json:"passcode"`
|
||||
}
|
||||
|
||||
// TOTPEnabledForUser checks if totp is enabled for a user - not if it is activated, use getTOTPForUser to check that.
|
||||
// TOTPEnabledForUser checks if totp is enabled for a user - not if it is activated, use GetTOTPForUser to check that.
|
||||
func TOTPEnabledForUser(user *User) (bool, error) {
|
||||
return x.Where("user_id = ?", user.ID).Exist(&TOTP{})
|
||||
}
|
||||
|
||||
func getTOTPForUser(user *User) (t *TOTP, err error) {
|
||||
// GetTOTPForUser returns the current state of totp settings for the user.
|
||||
func GetTOTPForUser(user *User) (t *TOTP, err error) {
|
||||
t = &TOTP{}
|
||||
exists, err := x.Where("user_id = ?", user.ID).Get(t)
|
||||
if err != nil {
|
||||
|
|
@ -106,7 +107,7 @@ func EnableTOTP(passcode *TOTPPasscode) (err error) {
|
|||
|
||||
// ValidateTOTPPasscode validated totp codes of users.
|
||||
func ValidateTOTPPasscode(passcode *TOTPPasscode) (t *TOTP, err error) {
|
||||
t, err = getTOTPForUser(passcode.User)
|
||||
t, err = GetTOTPForUser(passcode.User)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -120,7 +121,7 @@ func ValidateTOTPPasscode(passcode *TOTPPasscode) (t *TOTP, err error) {
|
|||
|
||||
// GetTOTPQrCodeForUser returns a qrcode for a user's totp setting
|
||||
func GetTOTPQrCodeForUser(user *User) (qrcode image.Image, err error) {
|
||||
t, err := getTOTPForUser(user)
|
||||
t, err := GetTOTPForUser(user)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue