Move GET /user/:id/requiresTOTP logic into User to make future expansion easier
This commit is contained in:
parent
39f0b7d665
commit
a5acd2c9ff
|
@ -21,10 +21,7 @@ import net.frozenorb.apiv3.serialization.gson.ExcludeFromReplies;
|
|||
import net.frozenorb.apiv3.serialization.jackson.UuidJsonDeserializer;
|
||||
import net.frozenorb.apiv3.serialization.jackson.UuidJsonSerializer;
|
||||
import net.frozenorb.apiv3.unsorted.BlockingCallback;
|
||||
import net.frozenorb.apiv3.util.MojangUtils;
|
||||
import net.frozenorb.apiv3.util.PermissionUtils;
|
||||
import net.frozenorb.apiv3.util.SyncUtils;
|
||||
import net.frozenorb.apiv3.util.UuidUtils;
|
||||
import net.frozenorb.apiv3.util.*;
|
||||
import org.bson.Document;
|
||||
|
||||
import java.time.Instant;
|
||||
|
@ -216,6 +213,36 @@ public final class User {
|
|||
return password != null && hashed.equals(password);
|
||||
}
|
||||
|
||||
public void requiresTotpAuthorization(String ip, SingleResultCallback<RequiresTotpResult> callback) {
|
||||
if (totpSecret == null) {
|
||||
callback.onResult(RequiresTotpResult.NOT_REQUIRED_NOT_SET, null);
|
||||
return;
|
||||
}
|
||||
|
||||
if (ip == null || !IpUtils.isValidIp(ip)) {
|
||||
callback.onResult(RequiresTotpResult.REQUIRED_NO_EXEMPTIONS, null);
|
||||
return;
|
||||
}
|
||||
|
||||
TotpUtils.isPreAuthorized(this, ip, (ipPreAuth, error) -> {
|
||||
if (error != null) {
|
||||
callback.onResult(null, error);
|
||||
} else if (ipPreAuth) {
|
||||
callback.onResult(RequiresTotpResult.NOT_REQUIRED_IP_PRE_AUTHORIZED, null);
|
||||
} else {
|
||||
callback.onResult(RequiresTotpResult.REQUIRED_NO_EXEMPTIONS, null);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public enum RequiresTotpResult {
|
||||
|
||||
NOT_REQUIRED_NOT_SET,
|
||||
NOT_REQUIRED_IP_PRE_AUTHORIZED,
|
||||
REQUIRED_NO_EXEMPTIONS
|
||||
|
||||
}
|
||||
|
||||
public Rank getHighestRankAnywhere() {
|
||||
return getHighestRankScoped(null, Grant.findByUserSync(this));
|
||||
}
|
||||
|
|
|
@ -13,21 +13,10 @@ import net.frozenorb.apiv3.util.TotpUtils;
|
|||
public final class GETUserRequiresTOTP implements Handler<RoutingContext> {
|
||||
|
||||
public void handle(RoutingContext ctx) {
|
||||
User user = User.findByIdSync(ctx.request().getParam("id"));
|
||||
|
||||
if (user == null) {
|
||||
User.findById(ctx.request().getParam("id"), (user, error) -> {
|
||||
if (error != null) {
|
||||
ErrorUtils.respondNotFound(ctx, "User", ctx.request().getParam("id"));
|
||||
return;
|
||||
}
|
||||
|
||||
if (user.getTotpSecret() == null) {
|
||||
APIv3.respondJson(ctx, ImmutableMap.of(
|
||||
"required", false,
|
||||
"message", "User does not have TOTP setup."
|
||||
));
|
||||
return;
|
||||
}
|
||||
|
||||
} else {
|
||||
String userIp = ctx.request().getParam("userIp");
|
||||
|
||||
if (!IpUtils.isValidIp(userIp)) {
|
||||
|
@ -35,20 +24,18 @@ public final class GETUserRequiresTOTP implements Handler<RoutingContext> {
|
|||
return;
|
||||
}
|
||||
|
||||
BlockingCallback<Boolean> preAuthorizedCallback = new BlockingCallback<>();
|
||||
TotpUtils.isPreAuthorized(user, userIp, preAuthorizedCallback);
|
||||
|
||||
if (preAuthorizedCallback.get()) {
|
||||
APIv3.respondJson(ctx, ImmutableMap.of(
|
||||
"required", false,
|
||||
"message", "User's ip has already been validated"
|
||||
));
|
||||
user.requiresTotpAuthorization(userIp, (requiresTotpResult, error2) -> {
|
||||
if (error2 != null) {
|
||||
ErrorUtils.respondInternalError(ctx, error2);
|
||||
} else {
|
||||
APIv3.respondJson(ctx, ImmutableMap.of(
|
||||
"required", true,
|
||||
"message", "User has no TOTP exemptions."
|
||||
"required", (requiresTotpResult == User.RequiresTotpResult.REQUIRED_NO_EXEMPTIONS),
|
||||
"message", requiresTotpResult.name()
|
||||
));
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue