2020-01-29 20:37:25 +01:00
|
|
|
<template>
|
2020-01-30 03:10:42 +01:00
|
|
|
<section class="_card">
|
2020-10-17 13:12:00 +02:00
|
|
|
<div class="_title"><Fa :icon="faLock"/> {{ $t('twoStepAuthentication') }}</div>
|
2020-01-29 20:37:25 +01:00
|
|
|
<div class="_content">
|
2020-12-19 02:55:52 +01:00
|
|
|
<MkButton v-if="!data && !$i.twoFactorEnabled" @click="register">{{ $t('_2fa.registerDevice') }}</MkButton>
|
|
|
|
<template v-if="$i.twoFactorEnabled">
|
2020-07-24 18:56:52 +02:00
|
|
|
<p>{{ $t('_2fa.alreadyRegistered') }}</p>
|
2020-10-17 13:12:00 +02:00
|
|
|
<MkButton @click="unregister">{{ $t('unregister') }}</MkButton>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
|
|
|
<template v-if="supportsCredentials">
|
|
|
|
<hr class="totp-method-sep">
|
|
|
|
|
2020-07-24 18:56:52 +02:00
|
|
|
<h2 class="heading">{{ $t('securityKey') }}</h2>
|
|
|
|
<p>{{ $t('_2fa.securityKeyInfo') }}</p>
|
2020-01-29 20:37:25 +01:00
|
|
|
<div class="key-list">
|
2020-12-19 02:55:52 +01:00
|
|
|
<div class="key" v-for="key in $i.securityKeysList">
|
2020-01-30 05:05:14 +01:00
|
|
|
<h3>{{ key.name }}</h3>
|
2020-10-17 13:12:00 +02:00
|
|
|
<div class="last-used">{{ $t('lastUsed') }}<MkTime :time="key.lastUsed"/></div>
|
|
|
|
<MkButton @click="unregisterKey(key)">{{ $t('unregister') }}</MkButton>
|
2020-01-29 20:37:25 +01:00
|
|
|
</div>
|
|
|
|
</div>
|
|
|
|
|
2020-12-19 02:55:52 +01:00
|
|
|
<MkSwitch v-model:value="usePasswordLessLogin" @update:value="updatePasswordLessLogin" v-if="$i.securityKeysList.length > 0">{{ $t('passwordLessLogin') }}</MkSwitch>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2020-10-17 13:12:00 +02:00
|
|
|
<MkInfo warn v-if="registration && registration.error">{{ $t('error') }} {{ registration.error }}</MkInfo>
|
|
|
|
<MkButton v-if="!registration || registration.error" @click="addSecurityKey">{{ $t('_2fa.registerKey') }}</MkButton>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
|
|
|
<ol v-if="registration && !registration.error">
|
|
|
|
<li v-if="registration.stage >= 0">
|
2020-05-09 01:20:22 +02:00
|
|
|
{{ $t('tapSecurityKey') }}
|
2020-10-17 13:12:00 +02:00
|
|
|
<Fa icon="spinner" pulse fixed-width v-if="registration.saving && registration.stage == 0" />
|
2020-01-29 20:37:25 +01:00
|
|
|
</li>
|
|
|
|
<li v-if="registration.stage >= 1">
|
2020-10-17 13:12:00 +02:00
|
|
|
<MkForm :disabled="registration.stage != 1 || registration.saving">
|
|
|
|
<MkInput v-model:value="keyName" :max="30">
|
2020-07-24 18:56:52 +02:00
|
|
|
<span>{{ $t('securityKeyName') }}</span>
|
2020-10-17 13:12:00 +02:00
|
|
|
</MkInput>
|
|
|
|
<MkButton @click="registerKey" :disabled="keyName.length == 0">{{ $t('registerSecurityKey') }}</MkButton>
|
|
|
|
<Fa icon="spinner" pulse fixed-width v-if="registration.saving && registration.stage == 1" />
|
|
|
|
</MkForm>
|
2020-01-29 20:37:25 +01:00
|
|
|
</li>
|
|
|
|
</ol>
|
|
|
|
</template>
|
|
|
|
</template>
|
2020-12-19 02:55:52 +01:00
|
|
|
<div v-if="data && !$i.twoFactorEnabled">
|
2020-01-29 20:37:25 +01:00
|
|
|
<ol style="margin: 0; padding: 0 0 0 1em;">
|
|
|
|
<li>
|
2020-10-17 13:12:00 +02:00
|
|
|
<i18n-t keypath="_2fa.step1" tag="span">
|
|
|
|
<template #a>
|
|
|
|
<a href="https://authy.com/" rel="noopener" target="_blank" class="_link">Authy</a>
|
|
|
|
</template>
|
|
|
|
<template #b>
|
|
|
|
<a href="https://support.google.com/accounts/answer/1066447" rel="noopener" target="_blank" class="_link">Google Authenticator</a>
|
|
|
|
</template>
|
|
|
|
</i18n-t>
|
2020-01-29 20:37:25 +01:00
|
|
|
</li>
|
|
|
|
<li>{{ $t('_2fa.step2') }}<br><img :src="data.qr"></li>
|
|
|
|
<li>{{ $t('_2fa.step3') }}<br>
|
2020-10-17 13:12:00 +02:00
|
|
|
<MkInput v-model:value="token" type="text" pattern="^[0-9]{6}$" autocomplete="off" spellcheck="false">{{ $t('token') }}</MkInput>
|
|
|
|
<MkButton primary @click="submit">{{ $t('done') }}</MkButton>
|
2020-01-29 20:37:25 +01:00
|
|
|
</li>
|
|
|
|
</ol>
|
2020-10-17 13:12:00 +02:00
|
|
|
<MkInfo>{{ $t('_2fa.step4') }}</MkInfo>
|
2020-01-29 20:37:25 +01:00
|
|
|
</div>
|
|
|
|
</div>
|
|
|
|
</section>
|
|
|
|
</template>
|
|
|
|
|
|
|
|
<script lang="ts">
|
2020-10-17 13:12:00 +02:00
|
|
|
import { defineComponent } from 'vue';
|
2020-01-29 20:37:25 +01:00
|
|
|
import { faLock } from '@fortawesome/free-solid-svg-icons';
|
2020-10-17 13:12:00 +02:00
|
|
|
import { hostname } from '@/config';
|
|
|
|
import { byteify, hexify, stringify } from '@/scripts/2fa';
|
|
|
|
import MkButton from '@/components/ui/button.vue';
|
|
|
|
import MkInfo from '@/components/ui/info.vue';
|
|
|
|
import MkInput from '@/components/ui/input.vue';
|
|
|
|
import MkSwitch from '@/components/ui/switch.vue';
|
2020-11-25 13:31:34 +01:00
|
|
|
import FormBase from '@/components/form/base.vue';
|
|
|
|
import FormGroup from '@/components/form/group.vue';
|
|
|
|
import FormButton from '@/components/form/button.vue';
|
2020-10-17 13:12:00 +02:00
|
|
|
import * as os from '@/os';
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2020-10-17 13:12:00 +02:00
|
|
|
export default defineComponent({
|
2020-01-29 20:37:25 +01:00
|
|
|
components: {
|
2020-11-25 13:31:34 +01:00
|
|
|
FormBase,
|
2020-01-30 10:31:08 +01:00
|
|
|
MkButton, MkInfo, MkInput, MkSwitch
|
2020-01-29 20:37:25 +01:00
|
|
|
},
|
2020-11-25 13:31:34 +01:00
|
|
|
|
|
|
|
emits: ['info'],
|
|
|
|
|
2020-01-29 20:37:25 +01:00
|
|
|
data() {
|
|
|
|
return {
|
2020-11-25 13:31:34 +01:00
|
|
|
INFO: {
|
|
|
|
title: this.$t('twoStepAuthentication'),
|
|
|
|
icon: faLock
|
|
|
|
},
|
2020-01-29 20:37:25 +01:00
|
|
|
data: null,
|
|
|
|
supportsCredentials: !!navigator.credentials,
|
2020-12-19 02:55:52 +01:00
|
|
|
usePasswordLessLogin: this.$i.usePasswordLessLogin,
|
2020-01-29 20:37:25 +01:00
|
|
|
registration: null,
|
|
|
|
keyName: '',
|
|
|
|
token: null,
|
|
|
|
faLock
|
|
|
|
};
|
|
|
|
},
|
2020-11-25 13:31:34 +01:00
|
|
|
|
2020-01-29 20:37:25 +01:00
|
|
|
methods: {
|
|
|
|
register() {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.dialog({
|
2020-01-29 20:37:25 +01:00
|
|
|
title: this.$t('password'),
|
|
|
|
input: {
|
|
|
|
type: 'password'
|
|
|
|
}
|
|
|
|
}).then(({ canceled, result: password }) => {
|
|
|
|
if (canceled) return;
|
2020-10-17 13:12:00 +02:00
|
|
|
os.api('i/2fa/register', {
|
2020-01-29 20:37:25 +01:00
|
|
|
password: password
|
|
|
|
}).then(data => {
|
|
|
|
this.data = data;
|
|
|
|
});
|
|
|
|
});
|
|
|
|
},
|
|
|
|
|
|
|
|
unregister() {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.dialog({
|
2020-01-29 20:37:25 +01:00
|
|
|
title: this.$t('password'),
|
|
|
|
input: {
|
|
|
|
type: 'password'
|
|
|
|
}
|
|
|
|
}).then(({ canceled, result: password }) => {
|
|
|
|
if (canceled) return;
|
2020-10-17 13:12:00 +02:00
|
|
|
os.api('i/2fa/unregister', {
|
2020-01-29 20:37:25 +01:00
|
|
|
password: password
|
|
|
|
}).then(() => {
|
|
|
|
this.usePasswordLessLogin = false;
|
|
|
|
this.updatePasswordLessLogin();
|
|
|
|
}).then(() => {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.success();
|
2020-12-19 02:55:52 +01:00
|
|
|
this.$i.twoFactorEnabled = false;
|
2020-01-29 20:37:25 +01:00
|
|
|
});
|
|
|
|
});
|
|
|
|
},
|
|
|
|
|
|
|
|
submit() {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.api('i/2fa/done', {
|
2020-01-29 20:37:25 +01:00
|
|
|
token: this.token
|
|
|
|
}).then(() => {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.success();
|
2020-12-19 02:55:52 +01:00
|
|
|
this.$i.twoFactorEnabled = true;
|
2020-01-29 20:37:25 +01:00
|
|
|
}).catch(e => {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.dialog({
|
2020-01-29 20:37:25 +01:00
|
|
|
type: 'error',
|
2020-10-17 13:12:00 +02:00
|
|
|
text: e
|
2020-01-29 20:37:25 +01:00
|
|
|
});
|
|
|
|
});
|
|
|
|
},
|
|
|
|
|
|
|
|
registerKey() {
|
|
|
|
this.registration.saving = true;
|
2020-10-17 13:12:00 +02:00
|
|
|
os.api('i/2fa/key-done', {
|
2020-01-29 20:37:25 +01:00
|
|
|
password: this.registration.password,
|
|
|
|
name: this.keyName,
|
|
|
|
challengeId: this.registration.challengeId,
|
|
|
|
// we convert each 16 bits to a string to serialise
|
2020-05-09 01:20:22 +02:00
|
|
|
clientDataJSON: stringify(this.registration.credential.response.clientDataJSON),
|
|
|
|
attestationObject: hexify(this.registration.credential.response.attestationObject)
|
2020-01-29 20:37:25 +01:00
|
|
|
}).then(key => {
|
|
|
|
this.registration = null;
|
|
|
|
key.lastUsed = new Date();
|
2020-10-17 13:12:00 +02:00
|
|
|
os.success();
|
2020-01-29 20:37:25 +01:00
|
|
|
})
|
|
|
|
},
|
|
|
|
|
|
|
|
unregisterKey(key) {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.dialog({
|
2020-01-29 20:37:25 +01:00
|
|
|
title: this.$t('password'),
|
|
|
|
input: {
|
|
|
|
type: 'password'
|
|
|
|
}
|
|
|
|
}).then(({ canceled, result: password }) => {
|
|
|
|
if (canceled) return;
|
2020-10-17 13:12:00 +02:00
|
|
|
return os.api('i/2fa/remove-key', {
|
2020-01-29 20:37:25 +01:00
|
|
|
password,
|
|
|
|
credentialId: key.id
|
|
|
|
}).then(() => {
|
|
|
|
this.usePasswordLessLogin = false;
|
|
|
|
this.updatePasswordLessLogin();
|
|
|
|
}).then(() => {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.success();
|
2020-01-29 20:37:25 +01:00
|
|
|
});
|
|
|
|
});
|
|
|
|
},
|
|
|
|
|
|
|
|
addSecurityKey() {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.dialog({
|
2020-01-29 20:37:25 +01:00
|
|
|
title: this.$t('password'),
|
|
|
|
input: {
|
|
|
|
type: 'password'
|
|
|
|
}
|
|
|
|
}).then(({ canceled, result: password }) => {
|
|
|
|
if (canceled) return;
|
2020-10-17 13:12:00 +02:00
|
|
|
os.api('i/2fa/register-key', {
|
2020-01-29 20:37:25 +01:00
|
|
|
password
|
|
|
|
}).then(registration => {
|
|
|
|
this.registration = {
|
|
|
|
password,
|
|
|
|
challengeId: registration.challengeId,
|
|
|
|
stage: 0,
|
|
|
|
publicKeyOptions: {
|
2020-05-09 01:20:22 +02:00
|
|
|
challenge: byteify(registration.challenge, 'base64'),
|
2020-01-29 20:37:25 +01:00
|
|
|
rp: {
|
|
|
|
id: hostname,
|
|
|
|
name: 'Misskey'
|
|
|
|
},
|
|
|
|
user: {
|
2020-12-19 02:55:52 +01:00
|
|
|
id: byteify(this.$i.id, 'ascii'),
|
|
|
|
name: this.$i.username,
|
|
|
|
displayName: this.$i.name,
|
2020-01-29 20:37:25 +01:00
|
|
|
},
|
2020-05-06 11:59:58 +02:00
|
|
|
pubKeyCredParams: [{ alg: -7, type: 'public-key' }],
|
2020-01-29 20:37:25 +01:00
|
|
|
timeout: 60000,
|
|
|
|
attestation: 'direct'
|
|
|
|
},
|
|
|
|
saving: true
|
|
|
|
};
|
|
|
|
return navigator.credentials.create({
|
|
|
|
publicKey: this.registration.publicKeyOptions
|
|
|
|
});
|
|
|
|
}).then(credential => {
|
|
|
|
this.registration.credential = credential;
|
|
|
|
this.registration.saving = false;
|
|
|
|
this.registration.stage = 1;
|
|
|
|
}).catch(err => {
|
|
|
|
console.warn('Error while registering?', err);
|
|
|
|
this.registration.error = err.message;
|
|
|
|
this.registration.stage = -1;
|
|
|
|
});
|
|
|
|
});
|
|
|
|
},
|
2020-11-25 13:31:34 +01:00
|
|
|
|
2020-01-29 20:37:25 +01:00
|
|
|
updatePasswordLessLogin() {
|
2020-10-17 13:12:00 +02:00
|
|
|
os.api('i/2fa/password-less', {
|
2020-01-29 20:37:25 +01:00
|
|
|
value: !!this.usePasswordLessLogin
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|
|
|
|
</script>
|