Merge branch 'mfa/login_form' into 'develop'

mfa: fix login and recovery form See merge request pleroma/pleroma-fe!1031
2019-12-13 10:18:50 +00:00 · 2019-12-13 10:18:50 +00:00 · 9789123b1c
parent 051b9703df addacf36d1
commit 9789123b1c
5 changed files with 24 additions and 20 deletions
--- a/src/components/login_form/login_form.js
+++ b/src/components/login_form/login_form.js
@ -58,7 +58,7 @@ const LoginForm = {
        ).then((result) => {
          if (result.error) {
            if (result.error === 'mfa_required') {
-              this.requireMFA({ app: app, settings: result })
+              this.requireMFA({ settings: result })
            } else if (result.identifier === 'password_reset_required') {
              this.$router.push({ name: 'password-reset', params: { passwordResetRequested: true } })
            } else {
--- a/src/components/mfa_form/recovery_form.js
+++ b/src/components/mfa_form/recovery_form.js
@ -8,18 +8,23 @@ export default {
  }),
  computed: {
    ...mapGetters({
-      authApp: 'authFlow/app',
      authSettings: 'authFlow/settings'
    }),
-    ...mapState({ instance: 'instance' })
+    ...mapState({
+      instance: 'instance',
+      oauth: 'oauth'
+    })
  },
  methods: {
    ...mapMutations('authFlow', ['requireTOTP', 'abortMFA']),
    ...mapActions({ login: 'authFlow/login' }),
    clearError () { this.error = false },
    submit () {
+      const { clientId, clientSecret } = this.oauth
+
      const data = {
-        app: this.authApp,
+        clientId,
+        clientSecret,
        instance: this.instance.server,
        mfaToken: this.authSettings.mfa_token,
        code: this.code
--- a/src/components/mfa_form/totp_form.js
+++ b/src/components/mfa_form/totp_form.js
@ -7,18 +7,23 @@ export default {
  }),
  computed: {
    ...mapGetters({
-      authApp: 'authFlow/app',
      authSettings: 'authFlow/settings'
    }),
-    ...mapState({ instance: 'instance' })
+    ...mapState({
+      instance: 'instance',
+      oauth: 'oauth'
+    })
  },
  methods: {
    ...mapMutations('authFlow', ['requireRecovery', 'abortMFA']),
    ...mapActions({ login: 'authFlow/login' }),
    clearError () { this.error = false },
    submit () {
+      const { clientId, clientSecret } = this.oauth
+
      const data = {
-        app: this.authApp,
+        clientId,
+        clientSecret,
        instance: this.instance.server,
        mfaToken: this.authSettings.mfa_token,
        code: this.code
--- a/src/modules/auth_flow.js
+++ b/src/modules/auth_flow.js
@ -7,7 +7,6 @@ const RECOVERY_STRATEGY = 'recovery'

 // initial state
 const state = {
-  app: null,
  settings: {},
  strategy: PASSWORD_STRATEGY,
  initStrategy: PASSWORD_STRATEGY // default strategy from config
@ -16,14 +15,10 @@ const state = {
 const resetState = (state) => {
  state.strategy = state.initStrategy
  state.settings = {}
-  state.app = null
 }

 // getters
 const getters = {
-  app: (state, getters) => {
-    return state.app
-  },
  settings: (state, getters) => {
    return state.settings
  },
@ -55,9 +50,8 @@ const mutations = {
  requireToken (state) {
    state.strategy = TOKEN_STRATEGY
  },
-  requireMFA (state, { app, settings }) {
+  requireMFA (state, { settings }) {
    state.settings = settings
-    state.app = app
    state.strategy = TOTP_STRATEGY // default strategy of MFA
  },
  requireRecovery (state) {
--- a/src/services/new_api/mfa.js
+++ b/src/services/new_api/mfa.js
@ -1,9 +1,9 @@
-const verifyOTPCode = ({ app, instance, mfaToken, code }) => {
+const verifyOTPCode = ({ clientId, clientSecret, instance, mfaToken, code }) => {
  const url = `${instance}/oauth/mfa/challenge`
  const form = new window.FormData()

-  form.append('client_id', app.client_id)
-  form.append('client_secret', app.client_secret)
+  form.append('client_id', clientId)
+  form.append('client_secret', clientSecret)
  form.append('mfa_token', mfaToken)
  form.append('code', code)
  form.append('challenge_type', 'totp')
@ -14,12 +14,12 @@ const verifyOTPCode = ({ app, instance, mfaToken, code }) => {
  }).then((data) => data.json())
 }

-const verifyRecoveryCode = ({ app, instance, mfaToken, code }) => {
+const verifyRecoveryCode = ({ clientId, clientSecret, instance, mfaToken, code }) => {
  const url = `${instance}/oauth/mfa/challenge`
  const form = new window.FormData()

-  form.append('client_id', app.client_id)
-  form.append('client_secret', app.client_secret)
+  form.append('client_id', clientId)
+  form.append('client_secret', clientSecret)
  form.append('mfa_token', mfaToken)
  form.append('code', code)
  form.append('challenge_type', 'recovery')