Start to work on 2FA

src/controllers/mod.rs

@@ -4,4 +4,5 @@ pub mod login_controller;
 pub mod settings_controller;
 pub mod admin_controller;
 pub mod admin_api;
-pub mod openid_controller;
+pub mod openid_controller;
+pub mod two_factors_controller;

src/controllers/settings_controller.rs

@@ -108,10 +108,9 @@ pub async fn change_password_route(user: CurrentUser,
         }
     }
 
-
     HttpResponse::Ok()
         .body(ChangePasswordPage {
             _p: BaseSettingsPage::get("Change password", &user, danger, success),
             min_pwd_len: MIN_PASS_LEN,
         }.render().unwrap())
-}
+}

src/controllers/two_factors_controller.rs

@@ -0,0 +1,48 @@
+use std::ops::Deref;
+
+use actix_web::{HttpResponse, Responder};
+use askama::Template;
+
+use crate::controllers::settings_controller::BaseSettingsPage;
+use crate::data::current_user::CurrentUser;
+use crate::data::user::User;
+
+#[derive(Template)]
+#[template(path = "settings/two_factors_page.html")]
+struct TwoFactorsPage<'a> {
+    _p: BaseSettingsPage,
+    user: &'a User,
+}
+
+#[derive(Template)]
+#[template(path = "settings/add_2fa_totp_page.html")]
+struct AddTotpPage {
+    _p: BaseSettingsPage,
+}
+
+
+/// Manage two factors authentication methods route
+pub async fn two_factors_route(user: CurrentUser) -> impl Responder {
+    HttpResponse::Ok()
+        .body(TwoFactorsPage {
+            _p: BaseSettingsPage::get(
+                "Two factors auth",
+                &user,
+                None,
+                None),
+            user: user.deref(),
+        }.render().unwrap())
+}
+
+
+/// Configure a new TOTP authentication factor
+pub async fn add_totp_factor_route(user: CurrentUser) -> impl Responder {
+    HttpResponse::Ok()
+        .body(AddTotpPage {
+            _p: BaseSettingsPage::get(
+                "Configure new TOTP factor",
+                &user,
+                None,
+                None),
+        }.render().unwrap())
+}

src/main.rs

@@ -118,6 +118,8 @@ async fn main() -> std::io::Result<()> {
             .route("/settings", web::get().to(settings_controller::account_settings_details_route))
             .route("/settings/change_password", web::get().to(settings_controller::change_password_route))
             .route("/settings/change_password", web::post().to(settings_controller::change_password_route))
+            .route("/settings/two_factors", web::get().to(two_factors_controller::two_factors_route))
+            .route("settings/two_factors/add_totp", web::get().to(two_factors_controller::add_totp_factor_route))
 
             // Admin routes
             .route("/admin", web::get()

templates/settings/add_2fa_totp_page.html

@@ -0,0 +1,6 @@
+{% extends "base_settings_page.html" %}
+{% block content %}
+
+TODO : show a form to add a new TOTP password
+
+{% endblock content %}

templates/settings/base_settings_page.html

@@ -26,6 +26,11 @@
                 Change password
             </a>
         </li>
+        <li>
+            <a href="/settings/two_factors" class="nav-link link-dark">
+                Two-factor authentication
+            </a>
+        </li>
 
         {% if _p.is_admin %}
         <hr/>

templates/settings/two_factors_page.html

@@ -0,0 +1,18 @@
+{% extends "base_settings_page.html" %}
+{% block content %}
+
+
+<div class="alert alert-dismissible alert-warning">
+    <h4 class="alert-heading">Warning!</h4>
+    <p class="mb-0">Once a new factor has been added to your account, you can not access
+        your account anymore using only your password. If you remove all your second factors,
+        2 Factor Authentication is automatically disabled for your account.</p>
+</div>
+
+
+<p>
+    <a href="/settings/two_factors/add_totp" type="button" class="btn btn-primary">Add One Time Password (OTP) factor</a>
+</p>
+TODO : show the list of currently registered 2 factors methods
+
+{% endblock content %}