From d0cfe112e11c52acaeebb42c3229a37af23c846a Mon Sep 17 00:00:00 2001 From: syuilo Date: Sun, 10 Dec 2017 02:45:32 +0900 Subject: [PATCH] #973 --- locales/en.yml | 3 +++ locales/ja.yml | 3 +++ src/api/endpoints.ts | 17 ++++++++++++---- src/api/endpoints/i/2fa/unregister.ts | 28 +++++++++++++++++++++++++++ src/web/app/desktop/tags/settings.tag | 21 +++++++++++++++++++- 5 files changed, 67 insertions(+), 5 deletions(-) create mode 100644 src/api/endpoints/i/2fa/unregister.ts diff --git a/locales/en.yml b/locales/en.yml index 4dadcb806..8392e170c 100644 --- a/locales/en.yml +++ b/locales/en.yml @@ -311,6 +311,9 @@ desktop: url: "https://www.google.com/landing/2step/" caution: "As a caveat, security improves, but you can not sign in to Misskey if you lose a registered device, etc." register: "Register a device" + already-registered: "The setting has already been completed." + unregister: "Disable" + unregistered: "Two-step authentication has been disabled." enter-password: "Enter the password" authenticator: "First, you need install Google Authenticator to your device:" howtoinstall: "How to install" diff --git a/locales/ja.yml b/locales/ja.yml index d38ae682e..f9d41d909 100644 --- a/locales/ja.yml +++ b/locales/ja.yml @@ -311,6 +311,9 @@ desktop: url: "https://www.google.co.jp/intl/ja/landing/2step/" caution: "登録したデバイスを紛失するなどした場合、Misskeyにサインインできなくなりますのでご注意ください。" register: "デバイスを登録する" + already-registered: "既に設定は完了しています。" + unregister: "設定を解除" + unregistered: "二段階認証が無効になりました。" enter-password: "パスワードを入力してください" authenticator: "まず、Google Authenticatorをお使いのデバイスにインストールします:" howtoinstall: "インストール方法はこちら" diff --git a/src/api/endpoints.ts b/src/api/endpoints.ts index 49871c0ce..1138df193 100644 --- a/src/api/endpoints.ts +++ b/src/api/endpoints.ts @@ -157,11 +157,18 @@ const endpoints: Endpoint[] = [ }, { name: 'i/2fa/register', - withCredential: true + withCredential: true, + secure: true + }, + { + name: 'i/2fa/unregister', + withCredential: true, + secure: true }, { name: 'i/2fa/done', - withCredential: true + withCredential: true, + secure: true }, { name: 'i/update', @@ -179,11 +186,13 @@ const endpoints: Endpoint[] = [ }, { name: 'i/change_password', - withCredential: true + withCredential: true, + secure: true }, { name: 'i/regenerate_token', - withCredential: true + withCredential: true, + secure: true }, { name: 'i/pin', diff --git a/src/api/endpoints/i/2fa/unregister.ts b/src/api/endpoints/i/2fa/unregister.ts new file mode 100644 index 000000000..6bee6a26f --- /dev/null +++ b/src/api/endpoints/i/2fa/unregister.ts @@ -0,0 +1,28 @@ +/** + * Module dependencies + */ +import $ from 'cafy'; +import * as bcrypt from 'bcryptjs'; +import User from '../../../models/user'; + +module.exports = async (params, user) => new Promise(async (res, rej) => { + // Get 'password' parameter + const [password, passwordErr] = $(params.password).string().$; + if (passwordErr) return rej('invalid password param'); + + // Compare password + const same = await bcrypt.compare(password, user.password); + + if (!same) { + return rej('incorrect password'); + } + + await User.update(user._id, { + $set: { + two_factor_secret: null, + two_factor_enabled: false + } + }); + + res(); +}); diff --git a/src/web/app/desktop/tags/settings.tag b/src/web/app/desktop/tags/settings.tag index 9f71da687..3fa1f50fc 100644 --- a/src/web/app/desktop/tags/settings.tag +++ b/src/web/app/desktop/tags/settings.tag @@ -266,7 +266,11 @@

%i18n:desktop.tags.mk-2fa-setting.intro%%i18n:desktop.tags.mk-2fa-setting.detail%

%fa:exclamation-triangle%%i18n:desktop.tags.mk-2fa-setting.caution%

-

+

+ +

%i18n:desktop.tags.mk-2fa-setting.already-registered%

+ +
  1. %i18n:desktop.tags.mk-2fa-setting.authenticator% %i18n:desktop.tags.mk-2fa-setting.howtoinstall%
  2. @@ -288,6 +292,7 @@ import passwordDialog from '../scripts/password-dialog'; import notify from '../scripts/notify'; + this.mixin('i'); this.mixin('api'); this.register = () => { @@ -302,11 +307,25 @@ }); }; + this.unregister = () => { + passwordDialog('%i18n:desktop.tags.mk-2fa-setting.enter-password%', password => { + this.api('i/2fa/unregister', { + password: password + }).then(data => { + notify('%i18n:desktop.tags.mk-2fa-setting.unregistered%'); + this.I.two_factor_enabled = false; + this.I.update(); + }); + }); + }; + this.submit = () => { this.api('i/2fa/done', { token: this.refs.token.value }).then(() => { notify('%i18n:desktop.tags.mk-2fa-setting.success%'); + this.I.two_factor_enabled = true; + this.I.update(); }).catch(() => { notify('%i18n:desktop.tags.mk-2fa-setting.failed%'); });