Catch OTP errors

pull/6598/merge
Chocobozzz 2024-11-04 09:25:26 +01:00
parent 6ce6ff06f1
commit 7476abe8b5
No known key found for this signature in database
GPG Key ID: 583A612D890159BE
1 changed files with 20 additions and 14 deletions

View File

@ -1,6 +1,7 @@
import { Secret, TOTP } from 'otpauth'
import { CONFIG } from '@server/initializers/config.js' import { CONFIG } from '@server/initializers/config.js'
import { WEBSERVER } from '@server/initializers/constants.js' import { WEBSERVER } from '@server/initializers/constants.js'
import { Secret, TOTP } from 'otpauth'
import { logger } from './logger.js'
import { decrypt } from './peertube-crypto.js' import { decrypt } from './peertube-crypto.js'
async function isOTPValid (options: { async function isOTPValid (options: {
@ -9,22 +10,28 @@ async function isOTPValid (options: {
}) { }) {
const { token, encryptedSecret } = options const { token, encryptedSecret } = options
const secret = await decrypt(encryptedSecret, CONFIG.SECRETS.PEERTUBE) try {
const secret = await decrypt(encryptedSecret, CONFIG.SECRETS.PEERTUBE)
const totp = new TOTP({ const totp = new TOTP({
...baseOTPOptions(), ...baseOTPOptions(),
secret secret
}) })
const delta = totp.validate({ const delta = totp.validate({
token, token,
window: 1 window: 1
}) })
if (delta === null) return false if (delta === null) return false
return true return true
} catch (err) {
logger.error('Cannot decrypt/validate OTP', { err })
return false
}
} }
function generateOTPSecret (email: string) { function generateOTPSecret (email: string) {
@ -42,8 +49,7 @@ function generateOTPSecret (email: string) {
} }
export { export {
isOTPValid, generateOTPSecret, isOTPValid
generateOTPSecret
} }
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------