Generate & return webauthn registration challenge

2022-04-20 21:06:53 +02:00
parent 10982190e7
commit 1f0e6d05c8
11 changed files with 336 additions and 4 deletions
--- a/src/controllers/two_factors_controller.rs
+++ b/src/controllers/two_factors_controller.rs
@ -9,6 +9,7 @@ use crate::data::app_config::AppConfig;
 use crate::data::current_user::CurrentUser;
 use crate::data::totp_key::TotpKey;
 use crate::data::user::User;
+use crate::data::webauthn_manager::WebAuthManagerReq;

 #[derive(Template)]
 #[template(path = "settings/two_factors_page.html")]
@ -26,6 +27,13 @@ struct AddTotpPage {
    secret_key: String,
 }

+#[derive(Template)]
+#[template(path = "settings/add_webauthn_page.html")]
+struct AddWebauhtnPage {
+    _p: BaseSettingsPage,
+    opaque_state: String,
+    challenge_json: String,
+}

 /// Manage two factors authentication methods route
 pub async fn two_factors_route(user: CurrentUser) -> impl Responder {
@ -69,4 +77,35 @@ pub async fn add_totp_factor_route(user: CurrentUser, app_conf: web::Data<AppCon
            account_name: key.account_name(&user, &app_conf),
            secret_key: key.get_secret(),
        }.render().unwrap())
+}
+
+/// Configure a new security key factor
+pub async fn add_webauthn_factor_route(user: CurrentUser, manager: WebAuthManagerReq) -> impl Responder {
+    let registration_request = match manager.start_register(&user) {
+        Ok(r) => r,
+        Err(e) => {
+            log::error!("Failed to request new key! {:?}", e);
+            return HttpResponse::InternalServerError().body("Failed to generate request for registration!");
+        }
+    };
+
+    let challenge_json = match serde_json::to_string(&registration_request.creation_challenge) {
+        Ok(r) => r,
+        Err(e) => {
+            log::error!("Failed to serialize challenge! {:?}", e);
+            return HttpResponse::InternalServerError().body("Failed to serialize challenge!");
+        }
+    };
+
+    HttpResponse::Ok()
+        .body(AddWebauhtnPage {
+            _p: BaseSettingsPage::get(
+                "New security key",
+                &user,
+                None,
+                None),
+
+            opaque_state: registration_request.opaque_state,
+            challenge_json: urlencoding::encode(&challenge_json).to_string(),
+        }.render().unwrap())
 }