mirror of
				https://github.com/iv-org/invidious.git
				synced 2025-10-26 10:48:28 -05:00 
			
		
		
		
	Update 2fa routes to be in the form of /2fa/<action>
This commit is contained in:
		
							parent
							
								
									4828253093
								
							
						
					
					
						commit
						2928e3e80e
					
				| @ -449,7 +449,7 @@ end | |||||||
| 
 | 
 | ||||||
| def call_totp_validator(env, user, sid, locale) | def call_totp_validator(env, user, sid, locale) | ||||||
|   referer = URI.decode_www_form(env.get?("current_page").to_s) |   referer = URI.decode_www_form(env.get?("current_page").to_s) | ||||||
|   csrf_token = generate_response(sid, {":validate_2fa"}, HMAC_KEY) |   csrf_token = generate_response(sid, {":2fa/validate"}, HMAC_KEY) | ||||||
|   email, password = {user.email, nil} |   email, password = {user.email, nil} | ||||||
|   return templated "user/validate_2fa" |   return templated "user/validate_2fa" | ||||||
| end | end | ||||||
|  | |||||||
| @ -384,7 +384,7 @@ module Invidious::Routes::Account | |||||||
| 
 | 
 | ||||||
|     user = user.as(User) |     user = user.as(User) | ||||||
|     sid = sid.as(String) |     sid = sid.as(String) | ||||||
|     csrf_token = generate_response(sid, {":setup_2fa"}, HMAC_KEY) |     csrf_token = generate_response(sid, {":2fa/setup"}, HMAC_KEY) | ||||||
| 
 | 
 | ||||||
|     db_secret = Random::Secure.random_bytes(16).hexstring |     db_secret = Random::Secure.random_bytes(16).hexstring | ||||||
|     totp = CrOTP::TOTP.new(db_secret) |     totp = CrOTP::TOTP.new(db_secret) | ||||||
| @ -472,10 +472,10 @@ module Invidious::Routes::Account | |||||||
| 
 | 
 | ||||||
|         if CONFIG.domain |         if CONFIG.domain | ||||||
|           env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", domain: "#{CONFIG.domain}", value: sid, expires: Time.utc + 2.years, |           env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", domain: "#{CONFIG.domain}", value: sid, expires: Time.utc + 2.years, | ||||||
|             secure: secure, http_only: true) |             secure: secure, http_only: true, path: "/") | ||||||
|         else |         else | ||||||
|           env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", value: sid, expires: Time.utc + 2.years, |           env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", value: sid, expires: Time.utc + 2.years, | ||||||
|             secure: secure, http_only: true) |             secure: secure, http_only: true, path: "/") | ||||||
|         end |         end | ||||||
|       else |       else | ||||||
|         return error_template(401, "Wrong username or password") |         return error_template(401, "Wrong username or password") | ||||||
| @ -499,9 +499,9 @@ module Invidious::Routes::Account | |||||||
|       end |       end | ||||||
| 
 | 
 | ||||||
|       if CONFIG.domain |       if CONFIG.domain | ||||||
|         env.response.cookies["2faVerified"] = HTTP::Cookie.new(name: "2faVerified", domain: "#{CONFIG.domain}", value: "1", expires: Time.utc + 1.hours, secure: secure, http_only: true) |         env.response.cookies["2faVerified"] = HTTP::Cookie.new(name: "2faVerified", domain: "#{CONFIG.domain}", value: "1", expires: Time.utc + 1.hours, secure: secure, http_only: true, path: "/") | ||||||
|       else |       else | ||||||
|         env.response.cookies["2faVerified"] = HTTP::Cookie.new(name: "2faVerified", value: "1", expires: Time.utc + 1.hours, secure: secure, http_only: true) |         env.response.cookies["2faVerified"] = HTTP::Cookie.new(name: "2faVerified", value: "1", expires: Time.utc + 1.hours, secure: secure, http_only: true, path: "/") | ||||||
|       end |       end | ||||||
|     end |     end | ||||||
| 
 | 
 | ||||||
| @ -515,7 +515,7 @@ module Invidious::Routes::Account | |||||||
| 
 | 
 | ||||||
|     user = env.get("user").as(User) |     user = env.get("user").as(User) | ||||||
|     sid = env.get("sid").as(String) |     sid = env.get("sid").as(String) | ||||||
|     csrf_token = generate_response(sid, {":remove_2fa"}, HMAC_KEY) |     csrf_token = generate_response(sid, {":2fa/remove"}, HMAC_KEY) | ||||||
| 
 | 
 | ||||||
|     return templated "user/remove_2fa" |     return templated "user/remove_2fa" | ||||||
|   end |   end | ||||||
|  | |||||||
| @ -56,8 +56,8 @@ module Invidious::Routes::Login | |||||||
|       user = Invidious::Database::Users.select(email: email) |       user = Invidious::Database::Users.select(email: email) | ||||||
| 
 | 
 | ||||||
|       if user |       if user | ||||||
|         if Crypto::Bcrypt::Password.new(user.password.not_nil!).verify(password.byte_slice(0, 55)) \ |         if Crypto::Bcrypt::Password.new(user.password.not_nil!).verify(password.byte_slice(0, 55)) | ||||||
|                       # If the password is correct then we'll go ahead and begin 2fa if applicable |           # If the password is correct then we'll go ahead and begin 2fa if applicable | ||||||
|           if user.totp_secret |           if user.totp_secret | ||||||
|             csrf_token = nil # setting this to false for compatibility reasons. |             csrf_token = nil # setting this to false for compatibility reasons. | ||||||
|             return templated "user/validate_2fa" |             return templated "user/validate_2fa" | ||||||
|  | |||||||
| @ -80,11 +80,11 @@ module Invidious::Routing | |||||||
|     get "/subscription_manager", Routes::Subscriptions, :subscription_manager |     get "/subscription_manager", Routes::Subscriptions, :subscription_manager | ||||||
| 
 | 
 | ||||||
|     # 2fa routes |     # 2fa routes | ||||||
|     Invidious::Routing.get "/setup_2fa", Routes::Account, :setup_2fa_page |     Invidious::Routing.get "/2fa/setup", Routes::Account, :setup_2fa_page | ||||||
|     Invidious::Routing.post "/setup_2fa", Routes::Account, :setup_2fa |     Invidious::Routing.post "/2fa/setup", Routes::Account, :setup_2fa | ||||||
|     Invidious::Routing.post "/validate_2fa", Routes::Account, :validate_2fa |     Invidious::Routing.get "/2fa/remove", Routes::Account, :remove_2fa_page | ||||||
|     Invidious::Routing.get "/remove_2fa", Routes::Account, :remove_2fa_page |     Invidious::Routing.post "/2fa/remove", Routes::Account, :remove_2fa | ||||||
|     Invidious::Routing.post "/remove_2fa", Routes::Account, :remove_2fa |     Invidious::Routing.post "/2fa/validate", Routes::Account, :validate_2fa | ||||||
|   end |   end | ||||||
| 
 | 
 | ||||||
|   def register_iv_playlist_routes |   def register_iv_playlist_routes | ||||||
|  | |||||||
| @ -346,7 +346,7 @@ | |||||||
|                 </div> |                 </div> | ||||||
| 
 | 
 | ||||||
|                 <div class="pure-control-group"> |                 <div class="pure-control-group"> | ||||||
|                     <a href="/setup_2fa?referer=<%= URI.encode_www_form(referer) %>"><%= translate(locale, "setup_totp_form_header") %></a> |                     <a href="/2fa/setup?referer=<%= URI.encode_www_form(referer) %>"><%= translate(locale, "setup_totp_form_header") %></a> | ||||||
|                 </div> |                 </div> | ||||||
| 
 | 
 | ||||||
|                 <div class="pure-control-group"> |                 <div class="pure-control-group"> | ||||||
|  | |||||||
| @ -3,7 +3,7 @@ | |||||||
| <% end %> | <% end %> | ||||||
| 
 | 
 | ||||||
| <div class="h-box"> | <div class="h-box"> | ||||||
|     <form class="pure-form pure-form-aligned" action="/remove_2fa?referer=<%= URI.encode_www_form(referer) %>" method="post"> |     <form class="pure-form pure-form-aligned" action="/2fa/remove?referer=<%= URI.encode_www_form(referer) %>" method="post"> | ||||||
|         <legend><%= translate(locale, "remove_totp_confirm_message") %></legend> |         <legend><%= translate(locale, "remove_totp_confirm_message") %></legend> | ||||||
| 
 | 
 | ||||||
|         <div class="pure-g"> |         <div class="pure-g"> | ||||||
|  | |||||||
| @ -6,7 +6,7 @@ | |||||||
|     <div class="pure-u-1 pure-u-lg-1-5"></div> |     <div class="pure-u-1 pure-u-lg-1-5"></div> | ||||||
|     <div class="pure-u-1 pure-u-lg-3-5"> |     <div class="pure-u-1 pure-u-lg-3-5"> | ||||||
|         <div class="h-box"> |         <div class="h-box"> | ||||||
|             <form class="pure-form pure-form-aligned" action="/setup_2fa?referer=<%= URI.encode_www_form(referer) %>" method="post"> |             <form class="pure-form pure-form-aligned" action="/2fa/setup?referer=<%= URI.encode_www_form(referer) %>" method="post"> | ||||||
|                 <legend><%= translate(locale, "setup_totp_form_header") %></legend> |                 <legend><%= translate(locale, "setup_totp_form_header") %></legend> | ||||||
|                 <fieldset> |                 <fieldset> | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -6,7 +6,7 @@ | |||||||
|     <div class="pure-u-1 pure-u-lg-1-5"></div> |     <div class="pure-u-1 pure-u-lg-1-5"></div> | ||||||
|     <div class="pure-u-1 pure-u-lg-3-5"> |     <div class="pure-u-1 pure-u-lg-3-5"> | ||||||
|         <div class="h-box"> |         <div class="h-box"> | ||||||
|             <form class="pure-form pure-form-aligned" action="/validate_2fa?referer=<%= URI.encode_www_form(referer) %>" method="post"> |             <form class="pure-form pure-form-aligned" action="/2fa/validate?referer=<%= URI.encode_www_form(referer) %>" method="post"> | ||||||
|                 <legend><%= translate(locale, "general_totp_enter_code_header") %></legend> |                 <legend><%= translate(locale, "general_totp_enter_code_header") %></legend> | ||||||
|                 <fieldset> |                 <fieldset> | ||||||
|                  |                  | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user