Add endpoint to get the current users totp status

This commit is contained in:
kolaente 2020-04-18 00:22:59 +02:00
parent 24904585a2
commit 87d0c9088d
No known key found for this signature in database
GPG key ID: F40E70337AB24C9B
3 changed files with 30 additions and 4 deletions

View file

@ -122,3 +122,27 @@ func UserTOTPQrCode(c echo.Context) error {
return c.Blob(http.StatusOK, "image/jpeg", buff.Bytes())
}
// UserTOTP returns the current totp implementation if any is enabled.
// @Summary Totp setting for the current user
// @Description Returns the current user totp setting or an error if it is not enabled.
// @tags user
// @Accept json
// @Produce json
// @Security JWTKeyAuth
// @Success 200 {object} user.TOTP "The totp settings."
// @Failure 500 {object} models.Message "Internal server error."
// @Router /user/settings/totp [get]
func UserTOTP(c echo.Context) error {
u, err := user.GetCurrentUser(c)
if err != nil {
return handler.HandleHTTPError(err, c)
}
t, err := user.GetTOTPForUser(u)
if err != nil {
return handler.HandleHTTPError(err, c)
}
return c.JSON(http.StatusOK, t)
}

View file

@ -209,6 +209,7 @@ func registerAPIRoutes(a *echo.Group) {
u.GET("s", apiv1.UserList)
u.POST("/token", apiv1.RenewToken)
u.POST("/settings/email", apiv1.UpdateUserEmail)
u.GET("/settings/totp", apiv1.UserTOTP)
u.POST("/settings/totp/enroll", apiv1.UserTOTPEnroll)
u.POST("/settings/totp/enable", apiv1.UserTOTPEnable)
u.GET("/settings/totp/qrcode", apiv1.UserTOTPQrCode)

View file

@ -44,12 +44,13 @@ type TOTPPasscode struct {
Passcode string `json:"passcode"`
}
// TOTPEnabledForUser checks if totp is enabled for a user - not if it is activated, use getTOTPForUser to check that.
// TOTPEnabledForUser checks if totp is enabled for a user - not if it is activated, use GetTOTPForUser to check that.
func TOTPEnabledForUser(user *User) (bool, error) {
return x.Where("user_id = ?", user.ID).Exist(&TOTP{})
}
func getTOTPForUser(user *User) (t *TOTP, err error) {
// GetTOTPForUser returns the current state of totp settings for the user.
func GetTOTPForUser(user *User) (t *TOTP, err error) {
t = &TOTP{}
exists, err := x.Where("user_id = ?", user.ID).Get(t)
if err != nil {
@ -106,7 +107,7 @@ func EnableTOTP(passcode *TOTPPasscode) (err error) {
// ValidateTOTPPasscode validated totp codes of users.
func ValidateTOTPPasscode(passcode *TOTPPasscode) (t *TOTP, err error) {
t, err = getTOTPForUser(passcode.User)
t, err = GetTOTPForUser(passcode.User)
if err != nil {
return
}
@ -120,7 +121,7 @@ func ValidateTOTPPasscode(passcode *TOTPPasscode) (t *TOTP, err error) {
// GetTOTPQrCodeForUser returns a qrcode for a user's totp setting
func GetTOTPQrCodeForUser(user *User) (qrcode image.Image, err error) {
t, err := getTOTPForUser(user)
t, err := GetTOTPForUser(user)
if err != nil {
return
}