mirror of
https://github.com/spacebarchat/server.git
synced 2024-11-09 20:22:47 +01:00
Merge branch 'master' of github.com:fosscord/fosscord-server
This commit is contained in:
commit
9bbe5b733f
@ -64,20 +64,23 @@ router.post(
|
||||
await User.update({ id: user.id }, { totp_last_ticket: "" });
|
||||
|
||||
const clientAttestationResponse = JSON.parse(code);
|
||||
const securityKey = await SecurityKey.findOneOrFail({
|
||||
where: {
|
||||
user_id: req.user_id,
|
||||
key_id: clientAttestationResponse.rawId,
|
||||
},
|
||||
});
|
||||
|
||||
if (!clientAttestationResponse.rawId)
|
||||
throw new HTTPError("Missing rawId", 400);
|
||||
|
||||
clientAttestationResponse.rawId = toArrayBuffer(
|
||||
Buffer.from(clientAttestationResponse.rawId, "base64"),
|
||||
Buffer.from(clientAttestationResponse.rawId, "base64url"),
|
||||
);
|
||||
|
||||
const securityKey = await SecurityKey.findOneOrFail({
|
||||
where: {
|
||||
key_id: Buffer.from(
|
||||
clientAttestationResponse.rawId,
|
||||
"base64url",
|
||||
).toString("base64"),
|
||||
},
|
||||
});
|
||||
|
||||
const assertionExpectations: ExpectedAssertionResult = JSON.parse(
|
||||
Buffer.from(
|
||||
clientAttestationResponse.response.clientDataJSON,
|
||||
|
@ -17,7 +17,7 @@
|
||||
*/
|
||||
|
||||
import { route } from "@fosscord/api";
|
||||
import { SecurityKey } from "@fosscord/util";
|
||||
import { SecurityKey, User } from "@fosscord/util";
|
||||
import { Request, Response, Router } from "express";
|
||||
const router = Router();
|
||||
|
||||
@ -29,6 +29,12 @@ router.delete("/", route({}), async (req: Request, res: Response) => {
|
||||
user_id: req.user_id,
|
||||
});
|
||||
|
||||
const keys = await SecurityKey.count({ where: { user_id: req.user_id } });
|
||||
|
||||
// disable webauthn if there are no keys left
|
||||
if (keys === 0)
|
||||
await User.update({ id: req.user_id }, { webauthn_enabled: false });
|
||||
|
||||
res.sendStatus(204);
|
||||
});
|
||||
|
||||
|
@ -181,7 +181,10 @@ router.post(
|
||||
key_id: keyId,
|
||||
});
|
||||
|
||||
await securityKey.save();
|
||||
await Promise.all([
|
||||
securityKey.save(),
|
||||
User.update({ id: req.user_id }, { webauthn_enabled: true }),
|
||||
]);
|
||||
|
||||
return res.json({
|
||||
name,
|
||||
|
Loading…
Reference in New Issue
Block a user