full 2fa flow pt2

This commit is contained in:
c0repwn3r 2023-02-23 14:43:24 -05:00
parent 5bdcac5e89
commit 2798d06c81
Signed by: core
GPG key ID: FDBF740DADDCEECF

View file

@ -39,7 +39,7 @@ pub struct VerifyTotpAuthenticatorResponse {
pub metadata: VerifyTotpAuthenticatorResponseMetadata,
}
#[options("/v1/auth/verify-totp-authenticator")]
#[options("/v1/verify-totp-authenticator")]
pub async fn options() -> &'static str {
""
}
@ -52,7 +52,7 @@ pub async fn verify_totp_authenticator_request(req: Json<VerifyTotpAuthenticator
Err(e) => return Err((Status::Unauthorized, format!("{{\"errors\":[{{\"code\":\"{}\",\"message\":\"{} - {}\"}}]}}", "ERR_UNAUTHORIZED", "this token is invalid", e)))
};
if !totpmachine.check_current(&req.0.code).unwrap() {
return Err((Status::Unauthorized, format!("{{\"errors\":[{{\"code\":\"{}\",\"message\":\"{}\",\"path\":\"totpToken\"}}]}}", "ERR_INVALID_TOTP_TOKEN", "TOTP token does not exist (maybe it expired?)")))
return Err((Status::Unauthorized, format!("{{\"errors\":[{{\"code\":\"{}\",\"message\":\"{}\",\"path\":\"totpToken\"}}]}}", "ERR_INVALID_TOTP_CODE", "Invalid TOTP code")))
}
match use_totp_token(req.0.totp_token, user.email, db.inner()).await {
Ok(_) => (),