OpenI
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
9490 Commits
197 Branches
392 MB
2640 Download
Tree: 3c2adebee8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3c2adebee8'
${ noResults }
aiforge/routers/user/setting/security_u2f.go

security_u2f.go 3.0 kB
Raw Normal View History

Add support for FIDO U2F (#3971) * Add support for U2F Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add vendor library Add missing translations Signed-off-by: Jonas Franz <info@jonasfranz.software> * Minor improvements Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library Add U2F error handling Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F login page to OAuth Signed-off-by: Jonas Franz <info@jonasfranz.software> * Move U2F user settings to a separate file Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add unit tests for u2f model Renamed u2f table name Signed-off-by: Jonas Franz <info@jonasfranz.software> * Fix problems caused by refactoring Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F documentation Signed-off-by: Jonas Franz <info@jonasfranz.software> * Remove not needed console.log-s Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add default values to app.ini.sample Add FIDO U2F to comparison Signed-off-by: Jonas Franz <info@jonasfranz.software>
7 years ago
Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
5 years ago
Add support for FIDO U2F (#3971) * Add support for U2F Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add vendor library Add missing translations Signed-off-by: Jonas Franz <info@jonasfranz.software> * Minor improvements Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library Add U2F error handling Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F login page to OAuth Signed-off-by: Jonas Franz <info@jonasfranz.software> * Move U2F user settings to a separate file Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add unit tests for u2f model Renamed u2f table name Signed-off-by: Jonas Franz <info@jonasfranz.software> * Fix problems caused by refactoring Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F documentation Signed-off-by: Jonas Franz <info@jonasfranz.software> * Remove not needed console.log-s Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add default values to app.ini.sample Add FIDO U2F to comparison Signed-off-by: Jonas Franz <info@jonasfranz.software>
7 years ago
Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
5 years ago
Add support for FIDO U2F (#3971) * Add support for U2F Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add vendor library Add missing translations Signed-off-by: Jonas Franz <info@jonasfranz.software> * Minor improvements Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library Add U2F error handling Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F login page to OAuth Signed-off-by: Jonas Franz <info@jonasfranz.software> * Move U2F user settings to a separate file Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add unit tests for u2f model Renamed u2f table name Signed-off-by: Jonas Franz <info@jonasfranz.software> * Fix problems caused by refactoring Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F documentation Signed-off-by: Jonas Franz <info@jonasfranz.software> * Remove not needed console.log-s Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add default values to app.ini.sample Add FIDO U2F to comparison Signed-off-by: Jonas Franz <info@jonasfranz.software>
7 years ago
Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
5 years ago
Add golangci (#6418)
6 years ago
Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
5 years ago
Add support for FIDO U2F (#3971) * Add support for U2F Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add vendor library Add missing translations Signed-off-by: Jonas Franz <info@jonasfranz.software> * Minor improvements Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library Add U2F error handling Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F login page to OAuth Signed-off-by: Jonas Franz <info@jonasfranz.software> * Move U2F user settings to a separate file Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add unit tests for u2f model Renamed u2f table name Signed-off-by: Jonas Franz <info@jonasfranz.software> * Fix problems caused by refactoring Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add U2F documentation Signed-off-by: Jonas Franz <info@jonasfranz.software> * Remove not needed console.log-s Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add default values to app.ini.sample Add FIDO U2F to comparison Signed-off-by: Jonas Franz <info@jonasfranz.software>
7 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106 
  1. // Copyright 2018 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package setting

  6. 

  7. import (

  8. 	"errors"

  9. 

  10. 	"code.gitea.io/gitea/models"

  11. 	"code.gitea.io/gitea/modules/auth"

  12. 	"code.gitea.io/gitea/modules/context"

  13. 	"code.gitea.io/gitea/modules/log"

  14. 	"code.gitea.io/gitea/modules/setting"

  15. 

  16. 	"github.com/tstranex/u2f"

  17. )

  18. 

  19. // U2FRegister initializes the u2f registration procedure

  20. func U2FRegister(ctx *context.Context, form auth.U2FRegistrationForm) {

  21. 	if form.Name == "" {

  22. 		ctx.Error(409)

  23. 		return

  24. 	}

  25. 	challenge, err := u2f.NewChallenge(setting.U2F.AppID, setting.U2F.TrustedFacets)

  26. 	if err != nil {

  27. 		ctx.ServerError("NewChallenge", err)

  28. 		return

  29. 	}

  30. 	if err := ctx.Session.Set("u2fChallenge", challenge); err != nil {

  31. 		ctx.ServerError("Unable to set session key for u2fChallenge", err)

  32. 		return

  33. 	}

  34. 	regs, err := models.GetU2FRegistrationsByUID(ctx.User.ID)

  35. 	if err != nil {

  36. 		ctx.ServerError("GetU2FRegistrationsByUID", err)

  37. 		return

  38. 	}

  39. 	for _, reg := range regs {

  40. 		if reg.Name == form.Name {

  41. 			ctx.Error(409, "Name already taken")

  42. 			return

  43. 		}

  44. 	}

  45. 	if err := ctx.Session.Set("u2fName", form.Name); err != nil {

  46. 		ctx.ServerError("Unable to set session key for u2fName", err)

  47. 		return

  48. 	}

  49. 	// Here we're just going to try to release the session early

  50. 	if err := ctx.Session.Release(); err != nil {

  51. 		// we'll tolerate errors here as they *should* get saved elsewhere

  52. 		log.Error("Unable to save changes to the session: %v", err)

  53. 	}

  54. 	ctx.JSON(200, u2f.NewWebRegisterRequest(challenge, regs.ToRegistrations()))

  55. }

  56. 

  57. // U2FRegisterPost receives the response of the security key

  58. func U2FRegisterPost(ctx *context.Context, response u2f.RegisterResponse) {

  59. 	challSess := ctx.Session.Get("u2fChallenge")

  60. 	u2fName := ctx.Session.Get("u2fName")

  61. 	if challSess == nil || u2fName == nil {

  62. 		ctx.ServerError("U2FRegisterPost", errors.New("not in U2F session"))

  63. 		return

  64. 	}

  65. 	challenge := challSess.(*u2f.Challenge)

  66. 	name := u2fName.(string)

  67. 	config := &u2f.Config{

  68. 		// Chrome 66+ doesn't return the device's attestation

  69. 		// certificate by default.

  70. 		SkipAttestationVerify: true,

  71. 	}

  72. 	reg, err := u2f.Register(response, *challenge, config)

  73. 	if err != nil {

  74. 		ctx.ServerError("u2f.Register", err)

  75. 		return

  76. 	}

  77. 	if _, err = models.CreateRegistration(ctx.User, name, reg); err != nil {

  78. 		ctx.ServerError("u2f.Register", err)

  79. 		return

  80. 	}

  81. 	ctx.Status(200)

  82. }

  83. 

  84. // U2FDelete deletes an security key by id

  85. func U2FDelete(ctx *context.Context, form auth.U2FDeleteForm) {

  86. 	reg, err := models.GetU2FRegistrationByID(form.ID)

  87. 	if err != nil {

  88. 		if models.IsErrU2FRegistrationNotExist(err) {

  89. 			ctx.Status(200)

  90. 			return

  91. 		}

  92. 		ctx.ServerError("GetU2FRegistrationByID", err)

  93. 		return

  94. 	}

  95. 	if reg.UserID != ctx.User.ID {

  96. 		ctx.Status(401)

  97. 		return

  98. 	}

  99. 	if err := models.DeleteRegistration(reg); err != nil {

  100. 		ctx.ServerError("DeleteRegistration", err)

  101. 		return

  102. 	}

  103. 	ctx.JSON(200, map[string]interface{}{

  104. 		"redirect": setting.AppSubURL + "/user/settings/security",

  105. 	})

  106. }

No Description