diff options
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/config/types/subconfigurations/security/TwoFactor.ts | 2 | ||||
-rw-r--r-- | src/util/entities/User.ts | 9 | ||||
-rw-r--r-- | src/util/util/WebAuthn.ts | 9 |
3 files changed, 20 insertions, 0 deletions
diff --git a/src/util/config/types/subconfigurations/security/TwoFactor.ts b/src/util/config/types/subconfigurations/security/TwoFactor.ts index 75757124..dfa493a7 100644 --- a/src/util/config/types/subconfigurations/security/TwoFactor.ts +++ b/src/util/config/types/subconfigurations/security/TwoFactor.ts @@ -18,4 +18,6 @@ export class TwoFactorConfiguration { generateBackupCodes: boolean = true; + webauthnAttestation: "none" | "indirect" | "direct" = "none"; + webauthnTimeout: number = 60000; } diff --git a/src/util/entities/User.ts b/src/util/entities/User.ts index c6582b00..25586793 100644 --- a/src/util/entities/User.ts +++ b/src/util/entities/User.ts @@ -85,6 +85,12 @@ export interface UserPrivate extends Pick<User, PrivateUserKeys> { locale: string; } +export enum AuthenticatorType { + WEBAUTHN = 1, + TOTP = 2, + SMS = 3, +} + @Entity("users") export class User extends BaseClass { @Column() @@ -231,6 +237,9 @@ export class User extends BaseClass { @OneToMany(() => SecurityKey, (key: SecurityKey) => key.user) security_keys: SecurityKey[]; + @Column({ type: "simple-array", select: false }) + authenticator_types: AuthenticatorType[] = []; + // TODO: I don't like this method? validate() { if (this.discriminator) { diff --git a/src/util/util/WebAuthn.ts b/src/util/util/WebAuthn.ts index b0027b13..599efe33 100644 --- a/src/util/util/WebAuthn.ts +++ b/src/util/util/WebAuthn.ts @@ -33,6 +33,15 @@ export const WebAuthn: { init: function () { this.fido2 = new Fido2Lib({ challengeSize: 128, + rpName: Config.get().general.instanceName, + rpId: + Config.get().general.frontPage ?? + Config.get().general.instanceName.toLowerCase(), + attestation: Config.get().security.twoFactor.webauthnAttestation, + // rpIcon: + timeout: Config.get().security.twoFactor.webauthnTimeout, + authenticatorRequireResidentKey: false, + authenticatorUserVerification: "preferred", }); }, }; |