mirror of
https://github.com/sismics/docs.git
synced 2024-11-22 14:07:55 +01:00
#84: POST /user/disable_totp
This commit is contained in:
parent
fb0bb62eaf
commit
b33b7115ef
@ -488,7 +488,8 @@ public class UserResource extends BaseResource {
|
|||||||
response.add("username", user.getUsername())
|
response.add("username", user.getUsername())
|
||||||
.add("email", user.getEmail())
|
.add("email", user.getEmail())
|
||||||
.add("storage_quota", user.getStorageQuota())
|
.add("storage_quota", user.getStorageQuota())
|
||||||
.add("storage_current", user.getStorageCurrent());
|
.add("storage_current", user.getStorageCurrent())
|
||||||
|
.add("totp_enabled", user.getTotpKey() != null);
|
||||||
|
|
||||||
// Base functions
|
// Base functions
|
||||||
JsonArrayBuilder baseFunctions = Json.createArrayBuilder();
|
JsonArrayBuilder baseFunctions = Json.createArrayBuilder();
|
||||||
@ -657,6 +658,11 @@ public class UserResource extends BaseResource {
|
|||||||
return Response.ok().entity(response.build()).build();
|
return Response.ok().entity(response.build()).build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Enable time-based one-time password.
|
||||||
|
*
|
||||||
|
* @return Response
|
||||||
|
*/
|
||||||
@POST
|
@POST
|
||||||
@Path("enable_totp")
|
@Path("enable_totp")
|
||||||
public Response enableTotp() {
|
public Response enableTotp() {
|
||||||
@ -679,6 +685,39 @@ public class UserResource extends BaseResource {
|
|||||||
return Response.ok().entity(response.build()).build();
|
return Response.ok().entity(response.build()).build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Disable time-based one-time password.
|
||||||
|
*
|
||||||
|
* @param password Password
|
||||||
|
* @return Response
|
||||||
|
*/
|
||||||
|
@POST
|
||||||
|
@Path("disable_totp")
|
||||||
|
public Response disableTotp(@FormParam("password") String password) {
|
||||||
|
if (!authenticate()) {
|
||||||
|
throw new ForbiddenClientException();
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate the input data
|
||||||
|
password = ValidationUtil.validateLength(password, "password", 1, 100, false);
|
||||||
|
|
||||||
|
// Check the password and get the user
|
||||||
|
UserDao userDao = new UserDao();
|
||||||
|
User user = userDao.authenticate(principal.getName(), password);
|
||||||
|
if (user == null) {
|
||||||
|
throw new ForbiddenClientException();
|
||||||
|
}
|
||||||
|
|
||||||
|
// Remove the TOTP key
|
||||||
|
user.setTotpKey(null);
|
||||||
|
userDao.update(user, principal.getId());
|
||||||
|
|
||||||
|
// Always return OK
|
||||||
|
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||||
|
.add("status", "ok");
|
||||||
|
return Response.ok().entity(response.build()).build();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the authentication token value.
|
* Returns the authentication token value.
|
||||||
*
|
*
|
||||||
|
@ -295,8 +295,14 @@ public class TestUserResource extends BaseJerseyTest {
|
|||||||
clientUtil.createUser("totp1");
|
clientUtil.createUser("totp1");
|
||||||
String totp1Token = clientUtil.login("totp1");
|
String totp1Token = clientUtil.login("totp1");
|
||||||
|
|
||||||
|
// Check TOTP enablement
|
||||||
|
JsonObject json = target().path("/user").request()
|
||||||
|
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
||||||
|
.get(JsonObject.class);
|
||||||
|
Assert.assertFalse(json.getBoolean("totp_enabled"));
|
||||||
|
|
||||||
// Enable TOTP for totp1
|
// Enable TOTP for totp1
|
||||||
JsonObject json = target().path("/user/enable_totp").request()
|
json = target().path("/user/enable_totp").request()
|
||||||
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
||||||
.post(Entity.form(new Form()), JsonObject.class);
|
.post(Entity.form(new Form()), JsonObject.class);
|
||||||
String secret = json.getString("secret");
|
String secret = json.getString("secret");
|
||||||
@ -323,5 +329,30 @@ public class TestUserResource extends BaseJerseyTest {
|
|||||||
.param("password", "12345678")
|
.param("password", "12345678")
|
||||||
.param("code", Integer.toString(validationCode))
|
.param("code", Integer.toString(validationCode))
|
||||||
.param("remember", "false")), JsonObject.class);
|
.param("remember", "false")), JsonObject.class);
|
||||||
|
|
||||||
|
// Check TOTP enablement
|
||||||
|
json = target().path("/user").request()
|
||||||
|
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
||||||
|
.get(JsonObject.class);
|
||||||
|
Assert.assertTrue(json.getBoolean("totp_enabled"));
|
||||||
|
|
||||||
|
// Disable TOTP for totp1
|
||||||
|
json = target().path("/user/disable_totp").request()
|
||||||
|
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
||||||
|
.post(Entity.form(new Form()
|
||||||
|
.param("password", "12345678")), JsonObject.class);
|
||||||
|
|
||||||
|
// Login with totp1 without a validation code
|
||||||
|
json = target().path("/user/login").request()
|
||||||
|
.post(Entity.form(new Form()
|
||||||
|
.param("username", "totp1")
|
||||||
|
.param("password", "12345678")
|
||||||
|
.param("remember", "false")), JsonObject.class);
|
||||||
|
|
||||||
|
// Check TOTP enablement
|
||||||
|
json = target().path("/user").request()
|
||||||
|
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
||||||
|
.get(JsonObject.class);
|
||||||
|
Assert.assertFalse(json.getBoolean("totp_enabled"));
|
||||||
}
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue
Block a user