Two factor authentication : TOTP #5
@ -5,3 +5,4 @@ pub mod settings_controller;
|
||||
pub mod admin_controller;
|
||||
pub mod admin_api;
|
||||
pub mod openid_controller;
|
||||
pub mod two_factors_controller;
|
@ -108,7 +108,6 @@ pub async fn change_password_route(user: CurrentUser,
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
HttpResponse::Ok()
|
||||
.body(ChangePasswordPage {
|
||||
_p: BaseSettingsPage::get("Change password", &user, danger, success),
|
||||
|
48
src/controllers/two_factors_controller.rs
Normal file
48
src/controllers/two_factors_controller.rs
Normal file
@ -0,0 +1,48 @@
|
||||
use std::ops::Deref;
|
||||
|
||||
use actix_web::{HttpResponse, Responder};
|
||||
use askama::Template;
|
||||
|
||||
use crate::controllers::settings_controller::BaseSettingsPage;
|
||||
use crate::data::current_user::CurrentUser;
|
||||
use crate::data::user::User;
|
||||
|
||||
#[derive(Template)]
|
||||
#[template(path = "settings/two_factors_page.html")]
|
||||
struct TwoFactorsPage<'a> {
|
||||
_p: BaseSettingsPage,
|
||||
user: &'a User,
|
||||
}
|
||||
|
||||
#[derive(Template)]
|
||||
#[template(path = "settings/add_2fa_totp_page.html")]
|
||||
struct AddTotpPage {
|
||||
_p: BaseSettingsPage,
|
||||
}
|
||||
|
||||
|
||||
/// Manage two factors authentication methods route
|
||||
pub async fn two_factors_route(user: CurrentUser) -> impl Responder {
|
||||
HttpResponse::Ok()
|
||||
.body(TwoFactorsPage {
|
||||
_p: BaseSettingsPage::get(
|
||||
"Two factors auth",
|
||||
&user,
|
||||
None,
|
||||
None),
|
||||
user: user.deref(),
|
||||
}.render().unwrap())
|
||||
}
|
||||
|
||||
|
||||
/// Configure a new TOTP authentication factor
|
||||
pub async fn add_totp_factor_route(user: CurrentUser) -> impl Responder {
|
||||
HttpResponse::Ok()
|
||||
.body(AddTotpPage {
|
||||
_p: BaseSettingsPage::get(
|
||||
"Configure new TOTP factor",
|
||||
&user,
|
||||
None,
|
||||
None),
|
||||
}.render().unwrap())
|
||||
}
|
@ -118,6 +118,8 @@ async fn main() -> std::io::Result<()> {
|
||||
.route("/settings", web::get().to(settings_controller::account_settings_details_route))
|
||||
.route("/settings/change_password", web::get().to(settings_controller::change_password_route))
|
||||
.route("/settings/change_password", web::post().to(settings_controller::change_password_route))
|
||||
.route("/settings/two_factors", web::get().to(two_factors_controller::two_factors_route))
|
||||
.route("settings/two_factors/add_totp", web::get().to(two_factors_controller::add_totp_factor_route))
|
||||
|
||||
// Admin routes
|
||||
.route("/admin", web::get()
|
||||
|
6
templates/settings/add_2fa_totp_page.html
Normal file
6
templates/settings/add_2fa_totp_page.html
Normal file
@ -0,0 +1,6 @@
|
||||
{% extends "base_settings_page.html" %}
|
||||
{% block content %}
|
||||
|
||||
TODO : show a form to add a new TOTP password
|
||||
|
||||
{% endblock content %}
|
@ -26,6 +26,11 @@
|
||||
Change password
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="/settings/two_factors" class="nav-link link-dark">
|
||||
Two-factor authentication
|
||||
</a>
|
||||
</li>
|
||||
|
||||
{% if _p.is_admin %}
|
||||
<hr/>
|
||||
|
18
templates/settings/two_factors_page.html
Normal file
18
templates/settings/two_factors_page.html
Normal file
@ -0,0 +1,18 @@
|
||||
{% extends "base_settings_page.html" %}
|
||||
{% block content %}
|
||||
|
||||
|
||||
<div class="alert alert-dismissible alert-warning">
|
||||
<h4 class="alert-heading">Warning!</h4>
|
||||
<p class="mb-0">Once a new factor has been added to your account, you can not access
|
||||
your account anymore using only your password. If you remove all your second factors,
|
||||
2 Factor Authentication is automatically disabled for your account.</p>
|
||||
</div>
|
||||
|
||||
|
||||
<p>
|
||||
<a href="/settings/two_factors/add_totp" type="button" class="btn btn-primary">Add One Time Password (OTP) factor</a>
|
||||
</p>
|
||||
TODO : show the list of currently registered 2 factors methods
|
||||
|
||||
{% endblock content %}
|
Loading…
Reference in New Issue
Block a user