PatrickKalkman
/ two-factor-registration.js
Created
January 16, 2022 15:25
Enable two factor authentication temple
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <template> | |
| <div> | |
| <h3>Two Factor Registration</h3> | |
| <img v-bind:src="qr" /> | |
| <form @submit.prevent="validateToken"> | |
| <label for="token"> | |
| Enter token to enable two factor authentication: | |
| </label> | |
| <input v-model="token" type="text" name="token" value /> | |
| <button type="submit" name="button">validate</button> |
PatrickKalkman
/ store-validate-token.js
Created
January 15, 2022 14:42
The validate token method in the Vuex store
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| validateToken({ commit }, credentials) { | |
| return apiClient | |
| .post('/user/validatetoken', credentials) | |
| .then(({ data }) => { | |
| commit('SET_TWOFACTOR_LOGIN', data.validated); | |
| }); | |
| }, |
PatrickKalkman
/ validate-token.js
Created
January 15, 2022 14:29
The validateToken method of the LoginUser.vue component
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| validateToken() { | |
| this.$store | |
| .dispatch('validateToken', { | |
| token: this.token, | |
| }) | |
| .then(() => { | |
| if (this.$store.state.twofactorvalidated) { | |
| this.$router.push({ name: 'dashboard' }); | |
| } else { | |
| this.error = 'The provided token was not valid, please try again'; |
PatrickKalkman
/ login-template.js
Created
January 15, 2022 14:18
template part of the login vue component
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <template> | |
| <div> | |
| <h3>{{ title }}</h3> | |
| <form v-if="!showTwoFactorPanel" @submit.prevent="login"> | |
| <label for="email"> Email: </label> | |
| <input v-model="email" type="email" name="email" value /> | |
| <label for="password"> Password: </label> | |
| <input v-model="password" type="password" name="password" value /> | |
| <button type="submit" name="button">Login</button> | |
| <p>{{ error }}</p> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| userController.validateToken = function (req, reply) { | |
| tokenVerification.extractAndVerifyJwtToken(req, (err, isValidJwtToken, email) => { | |
| if (!err && isValidJwtToken) { | |
| const user = db.getUser(email); | |
| if (typeof user !== 'undefined') { | |
| const validated = speakeasy.totp.verify({ | |
| secret: user.secret, | |
| encoding: 'base32', | |
| token: req.body.token, | |
| }); |
PatrickKalkman
/ Dashboard.js
Created
January 11, 2022 20:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <template> | |
| <div> | |
| <h1>Dashboard</h1> | |
| <template v-if="!isLoading"> | |
| <CustomerCard | |
| v-for="customer in customers" | |
| :key="customer.id" | |
| :customer="customer" | |
| /> | |
| </template> |
PatrickKalkman
/ user-controller-enable-2fa-step2.js
Created
January 9, 2022 19:08
Enabling two factor authentication step 2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| userController.enableTwoFactorAuthStep2 = function (req, reply) { | |
| tokenVerification.extractAndVerifyToken(req, (err, isValidJwtToken, email) => { | |
| if (!err && isValidJwtToken) { | |
| const user = db.getUser(email); | |
| if (typeof user !== 'undefined') { | |
| log.info(req.body); | |
| const base32secret = req.body.base32; | |
| const userToken = req.body.token; | |
| const verified = speakeasy.totp.verify({ secret: base32secret, encoding: 'base32', token: userToken }); | |
| if (verified) { |
PatrickKalkman
/ enable-2fa-step1-response.json
Last active
January 9, 2022 18:56
Enable two factor authentication step 1 response
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "qr": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAALQAAAC0CAYAAAA9zQYyAAAAAklEQVR4Aew==", | |
| "secret": { | |
| "ascii": "WMi%T54iXy@cx203AoOzBf0xD]$/mb@D", | |
| "hex": "574d6925543534695879406378323033416f4f7a42663078445d242f6d624044", | |
| "base32": "K5GWSJKUGU2GSWDZIBRXQMRQGNAW6T32IJTDA6CELUSC63LCIBCA", | |
| "otpauth_url": "otpauth://totp/SecretKey?secret=K5GWSJKUGU2GSWDZIBRXQMRQGNAW6T32IJTDA6CELUSC63LCIBCA" | |
| } | |
| } |
PatrickKalkman
/ user-controller-enable-2fa-step1.js
Last active
January 9, 2022 19:08
Enabling two factor authentication step 1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| userController.enableTwoFactorAuthStep1 = function (req, reply) { | |
| tokenVerification.extractAndVerifyToken(req, (err, isValidToken, email) => { | |
| if (!err && isValidToken) { | |
| const secret = speakeasy.generateSecret(); | |
| qrcode.toDataURL(secret.otpauth_url, function (err, qrImage) { | |
| if (!err) { | |
| reply.code(200).send({ qr: qrImage, secret: secret }); | |
| } else { | |
| reply.internalServerError(err); | |
| } |
PatrickKalkman
/ user-controller-login.js
Last active
January 9, 2022 16:06
First layer of authentication
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| userController.login = function (req, reply) { | |
| if (isValidUserRequest(req)) { | |
| let user = db.getCleanedUser(req.body.email); | |
| if (typeof user !== 'undefined') { | |
| if (bcrypt.compareSync(req.body.password, user.password)) { | |
| delete user.password; | |
| const token = jwt.sign(user, config.jwt.secret); | |
| const newUser = { ...user, token }; | |
| reply.code(200).send(newUser); | |
| } |