mirror of
https://github.com/iv-org/invidious.git
synced 2024-12-23 08:40:03 +05:30
Rebase fixes
This commit is contained in:
parent
71f3053c7b
commit
eb70eb3747
@ -1 +0,0 @@
|
|||||||
psql invidious kemal -c "ALTER TABLE users ADD COLUMN totp_secret VARCHAR(128)"
|
|
@ -0,0 +1,11 @@
|
|||||||
|
module Invidious::Database::Migrations
|
||||||
|
class AddTotpSecretToUsersTable < Migration
|
||||||
|
version 11
|
||||||
|
|
||||||
|
def up(conn : DB::Connection)
|
||||||
|
conn.exec <<-SQL
|
||||||
|
ALTER TABLE users ADD COLUMN totp_secret VARCHAR(128)
|
||||||
|
SQL
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
@ -24,7 +24,7 @@ module Invidious::Routes::Account
|
|||||||
user = user.as(User)
|
user = user.as(User)
|
||||||
sid = sid.as(String)
|
sid = sid.as(String)
|
||||||
|
|
||||||
if user.totp_secret && env.response.cookies["2faVerified"]?.try &.value != "1" || nil
|
if user.totp_secret && env.request.cookies["2faVerified"]?.try &.value != "1" || nil
|
||||||
return call_totp_validator(env, user, sid, locale)
|
return call_totp_validator(env, user, sid, locale)
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -461,15 +461,14 @@ module Invidious::Routes::Account
|
|||||||
end
|
end
|
||||||
|
|
||||||
# There are two routes we can go here.
|
# There are two routes we can go here.
|
||||||
# 1. Where the user is already logged in and is
|
# 1. Where the user is already logged in and is confirming a dangerous task.
|
||||||
# confirming an dangerous task.
|
|
||||||
# 2. The user is logging in.
|
# 2. The user is logging in.
|
||||||
#
|
#
|
||||||
# This can be detected by the hidden email and password parameter
|
# The latter can be detected by the hidden email and password parameter
|
||||||
|
|
||||||
# https://stackoverflow.com/a/574698
|
# If we have the email and password variables set then that means we are currently logging in
|
||||||
if email && password
|
if email && password
|
||||||
# Verify the password again for extra security
|
# Verify the password
|
||||||
if Crypto::Bcrypt::Password.new(user.password.not_nil!).verify(password.byte_slice(0, 55))
|
if Crypto::Bcrypt::Password.new(user.password.not_nil!).verify(password.byte_slice(0, 55))
|
||||||
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||||
PG_DB.exec("INSERT INTO session_ids VALUES ($1, $2, $3)", sid, email, Time.utc)
|
PG_DB.exec("INSERT INTO session_ids VALUES ($1, $2, $3)", sid, email, Time.utc)
|
||||||
|
Loading…
Reference in New Issue
Block a user