scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-10-31 18:57:51 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Completing sub mfa support.

Browse Source
This commit is contained in:
stephb9959
2021-12-01 22:12:28 -08:00
parent ec82bdec24
commit 2217a428c1
8 changed files with 245 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
src/RESTAPI/RESTAPI_submfa_handler.cpp Normal file
View File

@@ -0,0 +1,106 @@
//
// Created by stephane bourque on 2021-12-01.
//
#include "RESTAPI_submfa_handler.h"
#include "StorageService.h"
#include "SMSSender.h"
namespace OpenWifi {
void RESTAPI_submfa_handler::DoGet() {
SecurityObjects::UserInfo User;
if (StorageService()->GetUserById(UserInfo_.userinfo.Id,User)) {
Poco::JSON::Object Answer;
SecurityObjects::SubMfaConfig MFC;
MFC.id = User.Id;
if(User.userTypeProprietaryInfo.mfa.enabled) {
if(User.userTypeProprietaryInfo.mfa.method == "sms") {
MFC.sms = User.userTypeProprietaryInfo.mobiles[0].number;
} else if(User.userTypeProprietaryInfo.mfa.method == "email") {
MFC.email = User.email;
}
} else {
MFC.type = "disabled";
}
MFC.to_json(Answer);
return ReturnObject(Answer);
}
NotFound();
}
void RESTAPI_submfa_handler::DoPut() {
auto Body = ParseStream();
SecurityObjects::SubMfaConfig MFC;
if(!MFC.from_json(Body)) {
return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
}
if(MFC.type=="disabled") {
SecurityObjects::UserInfo User;
StorageService()->GetUserById(UserInfo_.userinfo.Id,User);
User.userTypeProprietaryInfo.mfa.enabled = false;
StorageService()->UpdateUserInfo(UserInfo_.userinfo.email,UserInfo_.userinfo.Id,User);
Poco::JSON::Object Answer;
MFC.to_json(Answer);
return ReturnObject(Answer);
} else if (MFC.type=="email") {
SecurityObjects::UserInfo User;
StorageService()->GetUserById(UserInfo_.userinfo.Id,User);
User.userTypeProprietaryInfo.mfa.enabled = true;
User.userTypeProprietaryInfo.mfa.method = "email";
StorageService()->UpdateUserInfo(UserInfo_.userinfo.email,UserInfo_.userinfo.Id,User);
Poco::JSON::Object Answer;
MFC.to_json(Answer);
return ReturnObject(Answer);
} else if (MFC.type=="sms") {
if(GetBoolParameter("startValidation",false)) {
if(MFC.sms.empty()) {
return BadRequest("Missing phone number");
}
if(SMSSender()->StartValidation(MFC.sms, UserInfo_.userinfo.email)) {
return OK();
} else {
return InternalError("SMS could not be sent. Verify the number or try again later.");
}
} else if(GetBoolParameter("completeValidation",false)) {
auto ChallengeCode = GetParameter("challengeCode","");
if(ChallengeCode.empty()) {
return BadRequest("Missing 'challengeCode'");
}
if(MFC.sms.empty()) {
return BadRequest("Missing phone number");
}
if(SMSSender()->CompleteValidation(MFC.sms, ChallengeCode, UserInfo_.userinfo.email)) {
SecurityObjects::UserInfo User;
StorageService()->GetUserById(UserInfo_.userinfo.Id,User);
User.userTypeProprietaryInfo.mfa.method = "sms";
SecurityObjects::MobilePhoneNumber PhoneNumber;
PhoneNumber.number = MFC.sms;
PhoneNumber.primary = true;
PhoneNumber.verified = true;
User.userTypeProprietaryInfo.mfa.enabled = true;
User.userTypeProprietaryInfo.mobiles.clear();
User.userTypeProprietaryInfo.mobiles.push_back(PhoneNumber);
StorageService()->UpdateUserInfo(UserInfo_.userinfo.email,UserInfo_.userinfo.Id,User);
Poco::JSON::Object Answer;
MFC.to_json(Answer);
return ReturnObject(Answer);
} else {
return InternalError("SMS could not be sent. Verify the number or try again later.");
}
}
}
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
}