Last active
February 10, 2016 15:39
-
-
Save abhiaiyer91/434a98d314ac175c0d2a to your computer and use it in GitHub Desktop.
Proposed 2 factor login
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Two Factor | |
| TwoFactor = new Meteor.Collection('twoFactor'); | |
| //generate login token | |
| var generateLoginToken = function () { | |
| var stampedToken = Accounts._generateStampedLoginToken(); | |
| return [ | |
| stampedToken, | |
| Accounts._hashStampedToken(stampedToken) | |
| ]; | |
| }; | |
| var saveLoginToken = function (userId) { | |
| return Meteor.wrapAsync(function (userId, tokens, callback) { | |
| // In tokens array first is stamped, second is hashed | |
| // Save hashed to Mongo | |
| Meteor.users.update(userId, { | |
| $push: { | |
| 'service.resume.loginTokens': tokens[1] | |
| } | |
| }, function (error) { | |
| if (error) { | |
| callback(new Meteor.Error(500, 'Couldnt save login token into user profile')); | |
| } else { | |
| // Return stamped to user | |
| callback && callback(null, [200, tokens[0].token]); | |
| } | |
| }); | |
| })(userId, generateLoginToken()); | |
| }; | |
| Meteor.methods({ | |
| loginProcedure: function (username, pwDigest, code, hash) { | |
| //does this user exist? | |
| var user = Meteor.users.findOne({ | |
| '$or': [ | |
| { | |
| 'username': username, | |
| }, | |
| { | |
| 'emails.address': username | |
| } | |
| ] | |
| }); | |
| if (!user) { | |
| throw new Meteor.Error(404, 'You are not the user we were looking for.'); | |
| } | |
| var password = {digest: pwDigest, algorithm: 'sha-256'}; | |
| var pwCheck = Accounts._checkPassword(user, password); | |
| if (pwCheck.error) { | |
| throw new Meteor.Error(403, 'PW Fail'); | |
| } | |
| if (!user.meta.twoFactor) { | |
| return saveLoginToken(user._id); | |
| } else { | |
| if (code && hash) { | |
| var session = TwoFactor.findOne({ | |
| hash: hash, | |
| username: username | |
| }); | |
| if (session) { | |
| //TODO: VALIDATE SOMETHING | |
| TwoFactor.update({ | |
| hash: hash | |
| }, { | |
| $set: { | |
| submitted: new Date() | |
| } | |
| }); | |
| return saveLoginToken(user._id); | |
| } else { | |
| throw new Meteor.Error(404, 'Invalid Hash'); | |
| } | |
| } else if (hash) { | |
| var session = TwoFactor.findOne({ | |
| hash: hash, | |
| username: username | |
| }); | |
| if (session) { | |
| //TODO: write validation | |
| return [401, hash]; | |
| } else { | |
| throw new Meteor.Error(404, 'No Session'); | |
| } | |
| } else { | |
| //TODO: write some method of generating a code or some pass into the system | |
| generatedCodeToPass; | |
| var now = new Date(); | |
| //TODO: CRYPTO HASH | |
| var hash = +now; | |
| //Lets put this in our collection | |
| TwoFactor.insert({ | |
| hash: hash, | |
| code: generatedCodeToPass, | |
| username: username, | |
| sent: now | |
| }); | |
| //TODO: Send user a message to complete this | |
| } | |
| } | |
| } | |
| }) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment