interesting
/
PeerTube
mirror of https://github.com/Chocobozzz/PeerTube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Catch OTP errors

This commit is contained in:
Chocobozzz 2024-11-04 09:25:26 +01:00
parent 6ce6ff06f1
commit 7476abe8b5
No known key found for this signature in database
GPG Key ID: 583A612D890159BE
1 changed files with 20 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
server/core/helpers/otp.ts
View File

@ -1,6 +1,7 @@
import { Secret, TOTP } from 'otpauth'
import { CONFIG } from '@server/initializers/config.js' import { CONFIG } from '@server/initializers/config.js'
import { WEBSERVER } from '@server/initializers/constants.js' import { WEBSERVER } from '@server/initializers/constants.js'
import { Secret, TOTP } from 'otpauth'
import { logger } from './logger.js'
import { decrypt } from './peertube-crypto.js' import { decrypt } from './peertube-crypto.js'
async function isOTPValid (options: { async function isOTPValid (options: {
@ -9,6 +10,7 @@ async function isOTPValid (options: {
}) { }) {
const { token, encryptedSecret } = options const { token, encryptedSecret } = options
try {
const secret = await decrypt(encryptedSecret, CONFIG.SECRETS.PEERTUBE) const secret = await decrypt(encryptedSecret, CONFIG.SECRETS.PEERTUBE)
const totp = new TOTP({ const totp = new TOTP({
@ -25,6 +27,11 @@ async function isOTPValid (options: {
if (delta === null) return false if (delta === null) return false
return true return true
} catch (err) {
logger.error('Cannot decrypt/validate OTP', { err })
return false
}
} }
function generateOTPSecret (email: string) { function generateOTPSecret (email: string) {
@ -42,8 +49,7 @@ function generateOTPSecret (email: string) {
} }
export { export {
isOTPValid, generateOTPSecret, isOTPValid
generateOTPSecret
} }
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------