Skip to content

Commit

Permalink
can unbind touch id/face id
Browse files Browse the repository at this point in the history
  • Loading branch information
lanxiu.lwl committed Mar 27, 2023
1 parent 6a849e0 commit 5f75c7a
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 10 deletions.
8 changes: 2 additions & 6 deletions app/core/service/UserService.ts
Original file line number Diff line number Diff line change
Expand Up @@ -178,12 +178,8 @@ export class UserService extends AbstractService {

async removeWebauthnCredential(userId: string, browserType?: string) {
const credential = await this.userRepository.findCredentialByUserIdAndBrowserType(userId, browserType || null);
if (!credential) {
throw new NotFoundError(`Not found webauthn credential with "userId=${userId}&&browserType=${browserType}"`);
if (credential) {
await this.userRepository.removeCredential(credential.wancId);
}
if (credential.userId !== userId) {
throw new ForbiddenError(`Not authorized to remove webauthn credential "${credential.wancId}"`);
}
await this.userRepository.removeToken(credential.wancId);
}
}
29 changes: 26 additions & 3 deletions app/port/login.html
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
#login {
margin-top: 16px;
}
#login > input {
#username, #password {
display: block;
padding: 6.5px 11px;
margin-bottom: 24px;
Expand All @@ -51,9 +51,27 @@
border-radius: 4px;
background: #f5f6f7;
}
#login > input:focus {
#username:focus, #password:focus {
border-color: #618eff;
}
#unbindWan {
display: none;
margin-bottom: 24px;
padding-left: 4px;
font-size: 14px;
text-align: left;
color: #555;
-webkit-touch-callout: none;
-webkit-user-select: none;
-khtml-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
}
#unbindWanCheckbox {
vertical-align: middle;
margin-bottom: 3px;
}
#submit {
width: 100%;
border-radius: 4px;
Expand Down Expand Up @@ -146,6 +164,10 @@ <h2 class="title">Sign in to CNPM</h2>
<input type="text" id="username" minlength="1" maxlength="100" placeholder="Username" autocomplete="username webauthn" />
{% if enableWebauthn === true %}
<input style="display: none" type="password" id="password" minlength="8" maxlength="100" placeholder="Password" autocomplete="current-password" oncontextmenu="return false" onpaste="return false" oncopy="return false" oncut="return false" />
<div id="unbindWan">
<input type="checkbox" id="unbindWanCheckbox" />
<label for="unbindWanCheckbox">Unbind Touch ID/Face ID</label>
</div>
{% else %}
<input type="password" id="password" minlength="8" maxlength="100" placeholder="Password" autocomplete="current-password" oncontextmenu="return false" onpaste="return false" oncopy="return false" oncut="return false" />
{% endif %}
Expand Down Expand Up @@ -199,7 +221,7 @@ <h2 class="title">Sign in to CNPM</h2>
password: password ? encryptRSA(publicKey, password) : '',
};
if (!isSupportWebauthn || !preapreData.wanCredentialRegiOption) {
handleSubmit({ accData });
handleSubmit({ accData, needUnbindWan: $('#unbindWanCheckbox').is(':checked') });
return;
}
handleRegistration(preapreData.wanCredentialRegiOption, {
Expand Down Expand Up @@ -229,6 +251,7 @@ <h2 class="title">Sign in to CNPM</h2>
},
fail(err) {
showPasswordAndFocus();
$('#unbindWan').show();
},
});
})
Expand Down
6 changes: 5 additions & 1 deletion app/port/webauth/WebauthController.ts
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ export class WebauthController extends MiddlewareController {
return { ok: false, message: 'Session not found, please try again on your command line' };
}

const { accData, wanCredentialRegiData, wanCredentialAuthData } = loginImplementRequest;
const { accData, wanCredentialRegiData, wanCredentialAuthData, needUnbindWan } = loginImplementRequest;
const { username, password = '' } = accData;
const enableWebAuthn = this.config.cnpmcore.enableWebAuthn;
const isSupportWebAuthn = ctx.protocol === 'https' || ctx.hostname === 'localhost';
Expand Down Expand Up @@ -191,6 +191,10 @@ export class WebauthController extends MiddlewareController {
// login success
token = result.token!.token!;
user = result.user;
// need unbind webauthn credential
if (needUnbindWan) {
await this.userService.removeWebauthnCredential(user.userId, browserType);
}
} else {
// others: LoginResultCode.UserNotFound
// create user request
Expand Down

0 comments on commit 5f75c7a

Please sign in to comment.