2020-01-29 20:37:25 +01:00
|
|
|
<template>
|
2021-11-28 12:07:37 +01:00
|
|
|
<div>
|
2022-05-05 15:41:10 +02:00
|
|
|
<MkButton v-if="!twoFactorData && !$i.twoFactorEnabled" @click="register">{{ i18n.ts._2fa.registerDevice }}</MkButton>
|
2021-11-28 12:07:37 +01:00
|
|
|
<template v-if="$i.twoFactorEnabled">
|
2022-05-05 15:41:10 +02:00
|
|
|
<p>{{ i18n.ts._2fa.alreadyRegistered }}</p>
|
|
|
|
<MkButton @click="unregister">{{ i18n.ts.unregister }}</MkButton>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2021-11-28 12:07:37 +01:00
|
|
|
<template v-if="supportsCredentials">
|
|
|
|
<hr class="totp-method-sep">
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
<h2 class="heading">{{ i18n.ts.securityKey }}</h2>
|
|
|
|
<p>{{ i18n.ts._2fa.securityKeyInfo }}</p>
|
2021-11-28 12:07:37 +01:00
|
|
|
<div class="key-list">
|
|
|
|
<div v-for="key in $i.securityKeysList" class="key">
|
|
|
|
<h3>{{ key.name }}</h3>
|
2022-05-05 15:41:10 +02:00
|
|
|
<div class="last-used">{{ i18n.ts.lastUsed }}<MkTime :time="key.lastUsed"/></div>
|
|
|
|
<MkButton @click="unregisterKey(key)">{{ i18n.ts.unregister }}</MkButton>
|
2020-01-29 20:37:25 +01:00
|
|
|
</div>
|
2021-11-28 12:07:37 +01:00
|
|
|
</div>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
<MkSwitch v-if="$i.securityKeysList.length > 0" v-model="usePasswordLessLogin" @update:modelValue="updatePasswordLessLogin">{{ i18n.ts.passwordLessLogin }}</MkSwitch>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
<MkInfo v-if="registration && registration.error" warn>{{ i18n.ts.error }} {{ registration.error }}</MkInfo>
|
|
|
|
<MkButton v-if="!registration || registration.error" @click="addSecurityKey">{{ i18n.ts._2fa.registerKey }}</MkButton>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2021-11-28 12:07:37 +01:00
|
|
|
<ol v-if="registration && !registration.error">
|
|
|
|
<li v-if="registration.stage >= 0">
|
2022-05-05 15:41:10 +02:00
|
|
|
{{ i18n.ts.tapSecurityKey }}
|
2021-11-28 12:07:37 +01:00
|
|
|
<i v-if="registration.saving && registration.stage == 0" class="fas fa-spinner fa-pulse fa-fw"></i>
|
2020-01-29 20:37:25 +01:00
|
|
|
</li>
|
2021-11-28 12:07:37 +01:00
|
|
|
<li v-if="registration.stage >= 1">
|
|
|
|
<MkForm :disabled="registration.stage != 1 || registration.saving">
|
|
|
|
<MkInput v-model="keyName" :max="30">
|
2022-05-05 15:41:10 +02:00
|
|
|
<template #label>{{ i18n.ts.securityKeyName }}</template>
|
2021-11-28 12:07:37 +01:00
|
|
|
</MkInput>
|
2022-05-05 15:41:10 +02:00
|
|
|
<MkButton :disabled="keyName.length == 0" @click="registerKey">{{ i18n.ts.registerSecurityKey }}</MkButton>
|
2021-11-28 12:07:37 +01:00
|
|
|
<i v-if="registration.saving && registration.stage == 1" class="fas fa-spinner fa-pulse fa-fw"></i>
|
|
|
|
</MkForm>
|
2020-01-29 20:37:25 +01:00
|
|
|
</li>
|
|
|
|
</ol>
|
2021-11-28 12:07:37 +01:00
|
|
|
</template>
|
|
|
|
</template>
|
2022-05-05 15:41:10 +02:00
|
|
|
<div v-if="twoFactorData && !$i.twoFactorEnabled">
|
2021-11-28 12:07:37 +01:00
|
|
|
<ol style="margin: 0; padding: 0 0 0 1em;">
|
|
|
|
<li>
|
2022-05-05 15:41:10 +02:00
|
|
|
<I18n :src="i18n.ts._2fa.step1" tag="span">
|
2021-11-28 12:07:37 +01:00
|
|
|
<template #a>
|
|
|
|
<a href="https://authy.com/" rel="noopener" target="_blank" class="_link">Authy</a>
|
|
|
|
</template>
|
|
|
|
<template #b>
|
|
|
|
<a href="https://support.google.com/accounts/answer/1066447" rel="noopener" target="_blank" class="_link">Google Authenticator</a>
|
|
|
|
</template>
|
|
|
|
</I18n>
|
|
|
|
</li>
|
2022-05-23 21:55:06 +02:00
|
|
|
<li>{{ i18n.ts._2fa.step2 }}<br><img :src="twoFactorData.qr"><p>{{ $ts._2fa.step2Url }}<br>{{ twoFactorData.url }}</p></li>
|
2022-05-14 08:00:15 +02:00
|
|
|
<li>
|
|
|
|
{{ i18n.ts._2fa.step3 }}<br>
|
2022-07-04 10:35:27 +02:00
|
|
|
<MkInput v-model="token" type="text" pattern="^[0-9]{6}$" autocomplete="off" :spellcheck="false"><template #label>{{ i18n.ts.token }}</template></MkInput>
|
2022-05-05 15:41:10 +02:00
|
|
|
<MkButton primary @click="submit">{{ i18n.ts.done }}</MkButton>
|
2021-11-28 12:07:37 +01:00
|
|
|
</li>
|
|
|
|
</ol>
|
2022-05-05 15:41:10 +02:00
|
|
|
<MkInfo>{{ i18n.ts._2fa.step4 }}</MkInfo>
|
2020-01-29 20:37:25 +01:00
|
|
|
</div>
|
2021-11-28 12:07:37 +01:00
|
|
|
</div>
|
2020-01-29 20:37:25 +01:00
|
|
|
</template>
|
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
<script lang="ts" setup>
|
|
|
|
import { ref } from 'vue';
|
2021-11-11 18:02:25 +01:00
|
|
|
import { hostname } from '@/config';
|
|
|
|
import { byteify, hexify, stringify } from '@/scripts/2fa';
|
|
|
|
import MkButton from '@/components/ui/button.vue';
|
|
|
|
import MkInfo from '@/components/ui/info.vue';
|
|
|
|
import MkInput from '@/components/form/input.vue';
|
|
|
|
import MkSwitch from '@/components/form/switch.vue';
|
|
|
|
import * as os from '@/os';
|
2022-05-05 15:41:10 +02:00
|
|
|
import { $i } from '@/account';
|
|
|
|
import { i18n } from '@/i18n';
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
const twoFactorData = ref<any>(null);
|
|
|
|
const supportsCredentials = ref(!!navigator.credentials);
|
|
|
|
const usePasswordLessLogin = ref($i!.usePasswordLessLogin);
|
|
|
|
const registration = ref<any>(null);
|
|
|
|
const keyName = ref('');
|
|
|
|
const token = ref(null);
|
2020-11-25 13:31:34 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
function register() {
|
|
|
|
os.inputText({
|
|
|
|
title: i18n.ts.password,
|
|
|
|
type: 'password'
|
|
|
|
}).then(({ canceled, result: password }) => {
|
|
|
|
if (canceled) return;
|
|
|
|
os.api('i/2fa/register', {
|
|
|
|
password: password
|
|
|
|
}).then(data => {
|
|
|
|
twoFactorData.value = data;
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
2020-11-25 13:31:34 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
function unregister() {
|
|
|
|
os.inputText({
|
|
|
|
title: i18n.ts.password,
|
|
|
|
type: 'password'
|
|
|
|
}).then(({ canceled, result: password }) => {
|
|
|
|
if (canceled) return;
|
|
|
|
os.api('i/2fa/unregister', {
|
|
|
|
password: password
|
|
|
|
}).then(() => {
|
|
|
|
usePasswordLessLogin.value = false;
|
|
|
|
updatePasswordLessLogin();
|
|
|
|
}).then(() => {
|
|
|
|
os.success();
|
|
|
|
$i!.twoFactorEnabled = false;
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
function submit() {
|
|
|
|
os.api('i/2fa/done', {
|
|
|
|
token: token.value
|
|
|
|
}).then(() => {
|
|
|
|
os.success();
|
|
|
|
$i!.twoFactorEnabled = true;
|
2022-05-26 15:53:09 +02:00
|
|
|
}).catch(err => {
|
2022-05-05 15:41:10 +02:00
|
|
|
os.alert({
|
|
|
|
type: 'error',
|
2022-05-26 15:53:09 +02:00
|
|
|
text: err,
|
2022-05-05 15:41:10 +02:00
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
function registerKey() {
|
|
|
|
registration.value.saving = true;
|
|
|
|
os.api('i/2fa/key-done', {
|
|
|
|
password: registration.value.password,
|
|
|
|
name: keyName.value,
|
|
|
|
challengeId: registration.value.challengeId,
|
|
|
|
// we convert each 16 bits to a string to serialise
|
|
|
|
clientDataJSON: stringify(registration.value.credential.response.clientDataJSON),
|
|
|
|
attestationObject: hexify(registration.value.credential.response.attestationObject)
|
|
|
|
}).then(key => {
|
|
|
|
registration.value = null;
|
|
|
|
key.lastUsed = new Date();
|
|
|
|
os.success();
|
2022-06-10 07:36:55 +02:00
|
|
|
});
|
2022-05-05 15:41:10 +02:00
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
function unregisterKey(key) {
|
|
|
|
os.inputText({
|
|
|
|
title: i18n.ts.password,
|
|
|
|
type: 'password'
|
|
|
|
}).then(({ canceled, result: password }) => {
|
|
|
|
if (canceled) return;
|
|
|
|
return os.api('i/2fa/remove-key', {
|
|
|
|
password,
|
|
|
|
credentialId: key.id
|
|
|
|
}).then(() => {
|
|
|
|
usePasswordLessLogin.value = false;
|
|
|
|
updatePasswordLessLogin();
|
|
|
|
}).then(() => {
|
|
|
|
os.success();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
function addSecurityKey() {
|
|
|
|
os.inputText({
|
|
|
|
title: i18n.ts.password,
|
|
|
|
type: 'password'
|
|
|
|
}).then(({ canceled, result: password }) => {
|
|
|
|
if (canceled) return;
|
|
|
|
os.api('i/2fa/register-key', {
|
|
|
|
password
|
|
|
|
}).then(reg => {
|
|
|
|
registration.value = {
|
|
|
|
password,
|
|
|
|
challengeId: reg!.challengeId,
|
|
|
|
stage: 0,
|
|
|
|
publicKeyOptions: {
|
|
|
|
challenge: byteify(reg!.challenge, 'base64'),
|
|
|
|
rp: {
|
|
|
|
id: hostname,
|
2022-07-19 04:00:45 +02:00
|
|
|
name: 'Calckey'
|
2022-05-05 15:41:10 +02:00
|
|
|
},
|
|
|
|
user: {
|
|
|
|
id: byteify($i!.id, 'ascii'),
|
|
|
|
name: $i!.username,
|
|
|
|
displayName: $i!.name,
|
|
|
|
},
|
|
|
|
pubKeyCredParams: [{ alg: -7, type: 'public-key' }],
|
|
|
|
timeout: 60000,
|
|
|
|
attestation: 'direct'
|
|
|
|
},
|
|
|
|
saving: true
|
|
|
|
};
|
|
|
|
return navigator.credentials.create({
|
|
|
|
publicKey: registration.value.publicKeyOptions
|
2020-01-29 20:37:25 +01:00
|
|
|
});
|
2022-05-05 15:41:10 +02:00
|
|
|
}).then(credential => {
|
|
|
|
registration.value.credential = credential;
|
|
|
|
registration.value.saving = false;
|
|
|
|
registration.value.stage = 1;
|
|
|
|
}).catch(err => {
|
|
|
|
console.warn('Error while registering?', err);
|
|
|
|
registration.value.error = err.message;
|
|
|
|
registration.value.stage = -1;
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
2020-11-25 13:31:34 +01:00
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
async function updatePasswordLessLogin() {
|
|
|
|
await os.api('i/2fa/password-less', {
|
|
|
|
value: !!usePasswordLessLogin.value
|
|
|
|
});
|
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
</script>
|