MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2024-12-26 23:25:53 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fixed using timed OTP when backup codes are not allowed (#4268)

Browse Source
This commit is contained in:
Ylian Saint-Hilaire 2022-07-14 13:55:28 -07:00
parent 636f801bd7
commit 138fc507c8
2 changed files with 6 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
meshuser.js
View File

@ -3330,9 +3330,6 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Do not allow this command if 2FA's are locked // Do not allow this command if 2FA's are locked
if ((domain.passwordrequirements) && (domain.passwordrequirements.lock2factor == true)) { ws.send(JSON.stringify({ action: 'otpauth-request', err: 1 })); return; } if ((domain.passwordrequirements) && (domain.passwordrequirements.lock2factor == true)) { ws.send(JSON.stringify({ action: 'otpauth-request', err: 1 })); return; }
// Do not allow this command if backup codes are not allowed
if ((domain.passwordrequirements) && (domain.passwordrequirements.backupcode2factor == false)) { ws.send(JSON.stringify({ action: 'otpauth-request', err: 2 })); return; }
// Do not allow this command when logged in using a login token // Do not allow this command when logged in using a login token
if (req.session.loginToken != null) { ws.send(JSON.stringify({ action: 'otpauth-request', err: 3 })); return; } if (req.session.loginToken != null) { ws.send(JSON.stringify({ action: 'otpauth-request', err: 3 })); return; }
@ -3361,9 +3358,6 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Do not allow this command if 2FA's are locked // Do not allow this command if 2FA's are locked
if ((domain.passwordrequirements) && (domain.passwordrequirements.lock2factor == true)) return; if ((domain.passwordrequirements) && (domain.passwordrequirements.lock2factor == true)) return;
// Do not allow this command if backup codes are not allowed
if ((domain.passwordrequirements) && (domain.passwordrequirements.backupcode2factor == false)) return;
// Do not allow this command when logged in using a login token // Do not allow this command when logged in using a login token
if (req.session.loginToken != null) break; if (req.session.loginToken != null) break;

18
views/default.handlebars
View File

@ -2931,11 +2931,9 @@
QS('dialog').bottom = '80px'; QS('dialog').bottom = '80px';
QS('dialog').top = QS('dialog').left = QS('dialog').right = '100px'; QS('dialog').top = QS('dialog').left = QS('dialog').right = '100px';
if (d4EditEncodingVal == 1) { if (d4EditEncodingVal == 1) {
// UTF8 Encoding Q('d4editorarea').value = decode_utf8(atob(message.data)); // UTF8 Encoding
Q('d4editorarea').value = decode_utf8(atob(message.data));
} else { } else {
// RAW Encoding Q('d4editorarea').value = atob(message.data); // RAW Encoding
Q('d4editorarea').value = atob(message.data);
} }
break; break;
} }
@ -10717,11 +10715,9 @@
QS('dialog').bottom = '80px'; QS('dialog').bottom = '80px';
QS('dialog').top = QS('dialog').left = QS('dialog').right = '100px'; QS('dialog').top = QS('dialog').left = QS('dialog').right = '100px';
if (d4EditEncodingVal == 1) { if (d4EditEncodingVal == 1) {
// UTF8 Encoding Q('d4editorarea').value = decode_utf8(gdownloadFile.data); // UTF8 Encoding
Q('d4editorarea').value = decode_utf8(gdownloadFile.data);
} else { } else {
// RAW Encoding Q('d4editorarea').value = gdownloadFile.data; // RAW Encoding
Q('d4editorarea').value = gdownloadFile.data;
} }
gdownloadFile = null; gdownloadFile = null;
} else { } else {
@ -10767,11 +10763,9 @@
function p13editSaveBack(b, tag) { function p13editSaveBack(b, tag) {
var data; var data;
if (d4EditEncodingVal == 1) { if (d4EditEncodingVal == 1) {
// UTF8 encoding data = new TextEncoder().encode(Q('d4editorarea').value); // UTF8 encoding
data = new TextEncoder().encode(Q('d4editorarea').value);
} else { } else {
// RAW encoding data = new TextEncoder().encode(decode_utf8(Q('d4editorarea').value)); // RAW encoding
data = new TextEncoder().encode(decode_utf8(Q('d4editorarea').value));
} }
p13uploadFileContinue(1, [{ name: tag, size: data.byteLength, type: 'text/plain', xdata: data }]); p13uploadFileContinue(1, [{ name: tag, size: data.byteLength, type: 'text/plain', xdata: data }]);
} }