Mirrors/notesnook
1
0
Fork 0
mirror of https://github.com/streetwriters/notesnook.git synced 2025-12-23 15:09:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

core: impl new 3-step authentication flow (& deprecate old one)

Browse Source
This commit is contained in:
Abdullah Atta
2022-12-09 12:14:12 +05:00
committed by Abdullah Atta
parent e3f35ac567
commit 12d1b3fcc9
1 changed files with 69 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
packages/core/api/user-manager.js
View File

@@ -78,10 +78,76 @@ class UserManager {
return await this._login({ email, password, hashedPassword }); return await this._login({ email, password, hashedPassword });
} }
async authenticateEmail(email) {
if (!email) throw new Error("Email is required.");
email = email.toLowerCase();
await http.post(`${constants.AUTH_HOST}${ENDPOINTS.token}`, {
email,
grant_type: "email",
client_id: "notesnook"
});
}
async authenticateMultiFactorCode(code, method, token) {
if (!code || !method || !token)
throw new Error("code, method & token are required.");
await http.post(
`${constants.AUTH_HOST}${ENDPOINTS.token}`,
{
grant_type: "mfa",
client_id: "notesnook",
"mfa:code": code,
"mfa:method": method
},
token
);
return true;
}
async authenticatePassword(email, password, token, hashedPassword = null) {
if (!email || !password || !token)
throw new Error("email, password & token are required.");
email = email.toLowerCase();
if (!hashedPassword) {
hashedPassword = await this._storage.hash(password, email);
}
await this.tokenManager.saveToken(
await http.post(
`${constants.AUTH_HOST}${ENDPOINTS.token}`,
{
grant_type: "mfa_password",
client_id: "notesnook",
scope: "notesnook.sync offline_access IdentityServerApi",
password: hashedPassword
},
token
)
);
const user = await this.fetchUser();
await this._storage.deriveCryptoKey(`_uk_@${user.email}`, {
password,
salt: user.salt
});
EV.publish(EVENTS.userLoggedIn, user);
}
/**
* @deprecated Please use `authenticateEmail`, `authenticateMultiFactorCode` & `authenticatePassword` for login
*/
async login(email, password, hashedPassword = undefined) { async login(email, password, hashedPassword = undefined) {
return this._login({ email, password, hashedPassword }); return this._login({ email, password, hashedPassword });
} }
/**
* @deprecated Please use `authenticateEmail`, `authenticateMultiFactorCode` & `authenticatePassword` for login
*/
async mfaLogin(email, password, { code, method }) { async mfaLogin(email, password, { code, method }) {
return this._login({ email, password, code, method }); return this._login({ email, password, code, method });
} }
@@ -90,9 +156,9 @@ class UserManager {
* @private * @private
*/ */
async _login({ email, password, hashedPassword, code, method }) { async _login({ email, password, hashedPassword, code, method }) {
email = email.toLowerCase(); email = email && email.toLowerCase();
if (!hashedPassword) { if (!hashedPassword && password) {
hashedPassword = await this._storage.hash(password, email); hashedPassword = await this._storage.hash(password, email);
} }
@@ -100,7 +166,7 @@ class UserManager {
await http.post(`${constants.AUTH_HOST}${ENDPOINTS.token}`, { await http.post(`${constants.AUTH_HOST}${ENDPOINTS.token}`, {
username: email, username: email,
password: hashedPassword, password: hashedPassword,
grant_type: "password", grant_type: code ? "mfa" : "password",
scope: "notesnook.sync offline_access openid IdentityServerApi", scope: "notesnook.sync offline_access openid IdentityServerApi",
client_id: "notesnook", client_id: "notesnook",
"mfa:code": code, "mfa:code": code,