mirror of
https://github.com/volatiletech/authboss.git
synced 2025-09-16 09:06:20 +02:00
Add two factor events
This commit is contained in:
Aaron L
@@ -3,6 +3,13 @@
|
|||||||
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
|
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
|
||||||
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
|
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
|
||||||
|
|
||||||
|
## [3.2.0] - 2021-08-11
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
- Add additional events so users can take domain-specific actions when a user
|
||||||
|
adds or removes 2fa.
|
||||||
|
|
||||||
## [3.1.1] - 2021-07-01
|
## [3.1.1] - 2021-07-01
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|||||||
@@ -30,6 +30,8 @@ const (
|
|||||||
// Deprecated: EventPasswordReset is used nowhere
|
// Deprecated: EventPasswordReset is used nowhere
|
||||||
EventPasswordReset
|
EventPasswordReset
|
||||||
EventLogout
|
EventLogout
|
||||||
|
EventTwoFactorAdded
|
||||||
|
EventTwoFactorRemoved
|
||||||
)
|
)
|
||||||
|
|
||||||
// EventHandler reacts to events that are fired by Authboss controllers.
|
// EventHandler reacts to events that are fired by Authboss controllers.
|
||||||
|
|||||||
@@ -438,6 +438,14 @@ func (s *SMSValidator) validateCode(w http.ResponseWriter, r *http.Request, user
|
|||||||
|
|
||||||
logger.Infof("user %s enabled sms 2fa", user.GetPID())
|
logger.Infof("user %s enabled sms 2fa", user.GetPID())
|
||||||
data = authboss.HTMLData{twofactor.DataRecoveryCodes: codes}
|
data = authboss.HTMLData{twofactor.DataRecoveryCodes: codes}
|
||||||
|
|
||||||
|
r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, user))
|
||||||
|
if handled, err := s.Authboss.Events.FireAfter(authboss.EventTwoFactorAdded, w, r); err != nil {
|
||||||
|
return err
|
||||||
|
} else if handled {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
case PageSMSRemove:
|
case PageSMSRemove:
|
||||||
user.PutSMSPhoneNumber("")
|
user.PutSMSPhoneNumber("")
|
||||||
if err := s.Authboss.Config.Storage.Server.Save(r.Context(), user); err != nil {
|
if err := s.Authboss.Config.Storage.Server.Save(r.Context(), user); err != nil {
|
||||||
@@ -446,6 +454,13 @@ func (s *SMSValidator) validateCode(w http.ResponseWriter, r *http.Request, user
|
|||||||
|
|
||||||
authboss.DelSession(w, authboss.Session2FA)
|
authboss.DelSession(w, authboss.Session2FA)
|
||||||
|
|
||||||
|
r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, user))
|
||||||
|
if handled, err := s.Authboss.Events.FireAfter(authboss.EventTwoFactorRemoved, w, r); err != nil {
|
||||||
|
return err
|
||||||
|
} else if handled {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
logger.Infof("user %s disabled sms 2fa", user.GetPID())
|
logger.Infof("user %s disabled sms 2fa", user.GetPID())
|
||||||
case PageSMSValidate:
|
case PageSMSValidate:
|
||||||
authboss.PutSession(w, authboss.SessionKey, user.GetPID())
|
authboss.PutSession(w, authboss.SessionKey, user.GetPID())
|
||||||
|
|||||||
@@ -310,6 +310,13 @@ func (t *TOTP) PostConfirm(w http.ResponseWriter, r *http.Request) error {
|
|||||||
logger := t.RequestLogger(r)
|
logger := t.RequestLogger(r)
|
||||||
logger.Infof("user %s enabled totp 2fa", user.GetPID())
|
logger.Infof("user %s enabled totp 2fa", user.GetPID())
|
||||||
|
|
||||||
|
r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, user))
|
||||||
|
if handled, err := t.Authboss.Events.FireAfter(authboss.EventTwoFactorAdded, w, r); err != nil {
|
||||||
|
return err
|
||||||
|
} else if handled {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
data := authboss.HTMLData{twofactor.DataRecoveryCodes: codes}
|
data := authboss.HTMLData{twofactor.DataRecoveryCodes: codes}
|
||||||
return t.Authboss.Core.Responder.Respond(w, r, http.StatusOK, PageTOTPConfirmSuccess, data)
|
return t.Authboss.Core.Responder.Respond(w, r, http.StatusOK, PageTOTPConfirmSuccess, data)
|
||||||
}
|
}
|
||||||
@@ -346,6 +353,13 @@ func (t *TOTP) PostRemove(w http.ResponseWriter, r *http.Request) error {
|
|||||||
|
|
||||||
logger.Infof("user %s disabled totp 2fa", user.GetPID())
|
logger.Infof("user %s disabled totp 2fa", user.GetPID())
|
||||||
|
|
||||||
|
r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, user))
|
||||||
|
if handled, err := t.Authboss.Events.FireAfter(authboss.EventTwoFactorRemoved, w, r); err != nil {
|
||||||
|
return err
|
||||||
|
} else if handled {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
return t.Authboss.Core.Responder.Respond(w, r, http.StatusOK, PageTOTPRemoveSuccess, nil)
|
return t.Authboss.Core.Responder.Respond(w, r, http.StatusOK, PageTOTPRemoveSuccess, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
24
stringers.go
24
stringers.go
@@ -4,9 +4,29 @@ package authboss
|
|||||||
|
|
||||||
import "strconv"
|
import "strconv"
|
||||||
|
|
||||||
const _Event_name = "EventRegisterEventAuthEventAuthHijackEventOAuth2EventAuthFailEventOAuth2FailEventRecoverStartEventRecoverEndEventGetUserEventGetUserSessionEventPasswordReset"
|
func _() {
|
||||||
|
// An "invalid array index" compiler error signifies that the constant values have changed.
|
||||||
|
// Re-run the stringer command to generate them again.
|
||||||
|
var x [1]struct{}
|
||||||
|
_ = x[EventRegister-0]
|
||||||
|
_ = x[EventAuth-1]
|
||||||
|
_ = x[EventAuthHijack-2]
|
||||||
|
_ = x[EventOAuth2-3]
|
||||||
|
_ = x[EventAuthFail-4]
|
||||||
|
_ = x[EventOAuth2Fail-5]
|
||||||
|
_ = x[EventRecoverStart-6]
|
||||||
|
_ = x[EventRecoverEnd-7]
|
||||||
|
_ = x[EventGetUser-8]
|
||||||
|
_ = x[EventGetUserSession-9]
|
||||||
|
_ = x[EventPasswordReset-10]
|
||||||
|
_ = x[EventLogout-11]
|
||||||
|
_ = x[EventTwoFactorAdded-12]
|
||||||
|
_ = x[EventTwoFactorRemoved-13]
|
||||||
|
}
|
||||||
|
|
||||||
var _Event_index = [...]uint8{0, 13, 22, 37, 48, 61, 76, 93, 108, 120, 139, 157}
|
const _Event_name = "EventRegisterEventAuthEventAuthHijackEventOAuth2EventAuthFailEventOAuth2FailEventRecoverStartEventRecoverEndEventGetUserEventGetUserSessionEventPasswordResetEventLogoutEventTwoFactorAddedEventTwoFactorRemoved"
|
||||||
|
|
||||||
|
var _Event_index = [...]uint8{0, 13, 22, 37, 48, 61, 76, 93, 108, 120, 139, 157, 168, 187, 208}
|
||||||
|
|
||||||
func (i Event) String() string {
|
func (i Event) String() string {
|
||||||
if i < 0 || i >= Event(len(_Event_index)-1) {
|
if i < 0 || i >= Event(len(_Event_index)-1) {
|
||||||
|
|||||||
Reference in New Issue
Block a user