UNPKG

auth-center

Version:
93 lines (79 loc) 1.6 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.qrcode = qrcode; exports.login = login; var _nanoid = require("nanoid"); var _util = require("../util"); async function qrcode(ctx) { const { QRCode, User } = ctx.orm(); const { renew } = ctx.request.body; const key = 'LOGIN_QRCODE'; const code = ctx.session[key]; const exp = Date.now() - 120 * 1000; if (renew || !code || code.time < exp) { const newCode = { id: (0, _nanoid.nanoid)(), time: Date.now() }; ctx.session[key] = newCode; ctx.body = { code: newCode, status: 1 }; return; } const qr = await QRCode.findByPk(code.id); if (!qr) { ctx.body = { status: 2 }; return; } const time = Date.now() - 30 * 1000; if (qr.createdAt.getTime() < time) { ctx.body = { status: 3 }; return; } const uid = qr.user_id; await qr.destroy(); ctx.session.user = await User.findByPk(uid, { attributes: ['id', 'email', 'enable', 'is_admin'] }); ctx.body = { status: 0 }; } async function login(ctx) { const { User, QRCode } = ctx.orm(); const { code, token } = ctx.request.body; const user = await User.findByPk(ctx._userId, { attributes: ['totp_key'] }); ctx.assert(user, 400, 'User not found'); if (ctx.config.isTOTP) { const isOk = _util.totp.check(token, user.totp_key); ctx.assert(isOk, 400, 'TOTP code invalid'); } await QRCode.create({ id: code, user_id: ctx._userId }); ctx.body = { status: 0 }; }