diff --git a/src/api/routes/users/@me/mfa/totp/disable.ts b/src/api/routes/users/@me/mfa/totp/disable.ts
index 362152d7..6a0960d8 100644
--- a/src/api/routes/users/@me/mfa/totp/disable.ts
+++ b/src/api/routes/users/@me/mfa/totp/disable.ts
@@ -17,12 +17,7 @@
*/
import { route } from "@spacebar/api";
-import {
- BackupCode,
- TotpDisableSchema,
- User,
- generateToken,
-} from "@spacebar/util";
+import { BackupCode, TotpDisableSchema, User, generateToken } from "@spacebar/util";
import { Request, Response, Router } from "express";
import { HTTPError } from "lambert-server";
import { verifyToken } from "node-2fa";
@@ -53,11 +48,7 @@ router.post(
const backup = await BackupCode.findOne({ where: { code: body.code } });
if (!backup) {
const ret = verifyToken(user.totp_secret || "", body.code);
- if (!ret || ret.delta != 0)
- throw new HTTPError(
- req.t("auth:login.INVALID_TOTP_CODE"),
- 60008,
- );
+ if (!ret || ret.delta != 0) throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
}
await User.update(
@@ -65,20 +56,20 @@ router.post(
{
mfa_enabled: false,
totp_secret: "",
- },
+ }
);
await BackupCode.update(
{ user: { id: req.user_id } },
{
expired: true,
- },
+ }
);
return res.json({
token: await generateToken(user.id),
});
- },
+ }
);
export default router;
diff --git a/src/api/routes/users/@me/mfa/totp/enable.ts b/src/api/routes/users/@me/mfa/totp/enable.ts
index 19836e4d..6d66fb95 100644
--- a/src/api/routes/users/@me/mfa/totp/enable.ts
+++ b/src/api/routes/users/@me/mfa/totp/enable.ts
@@ -17,12 +17,7 @@
*/
import { route } from "@spacebar/api";
-import {
- TotpEnableSchema,
- User,
- generateMfaBackupCodes,
- generateToken,
-} from "@spacebar/util";
+import { TotpEnableSchema, User, generateMfaBackupCodes, generateToken } from "@spacebar/util";
import bcrypt from "bcrypt";
import { Request, Response, Router } from "express";
import { HTTPError } from "lambert-server";
@@ -61,21 +56,16 @@ router.post(
}
}
- if (!body.secret)
- throw new HTTPError(req.t("auth:login.INVALID_TOTP_SECRET"), 60005);
+ if (!body.secret) throw new HTTPError(req.t("auth:login.INVALID_TOTP_SECRET"), 60005);
- if (!body.code)
- throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
+ if (!body.code) throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
if (verifyToken(body.secret, body.code)?.delta != 0)
throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
const backup_codes = generateMfaBackupCodes(req.user_id);
await Promise.all(backup_codes.map((x) => x.save()));
- await User.update(
- { id: req.user_id },
- { mfa_enabled: true, totp_secret: body.secret },
- );
+ await User.update({ id: req.user_id }, { mfa_enabled: true, totp_secret: body.secret });
res.send({
token: await generateToken(user.id),
@@ -84,7 +74,7 @@ router.post(
expired: undefined,
})),
});
- },
+ }
);
export default router;
|
