b233d47459
- add TOTP token expiration time default and update the GetTokenExpirationTime function in settings package - update loginResponse struct and loginHandler - add TOTPEnabled field to userInfo struct - add verifyTOTPHandler to verify TOTP codes - add withTOTP middleware - update getUserID and userGetHandler to remove TOTP fields like password - add userEnableTOTPHandler to initiate TOTP setup - add userGetTOTPHandler and userDisableTOTPHandler for management - add userCheckTOTPHandler to check TOTP setup
90 lines
2.7 KiB
Go
90 lines
2.7 KiB
Go
package settings
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"log"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/filebrowser/filebrowser/v2/rules"
|
|
)
|
|
|
|
const DefaultUsersHomeBasePath = "/users"
|
|
|
|
// AuthMethod describes an authentication method.
|
|
type AuthMethod string
|
|
|
|
// Settings contain the main settings of the application.
|
|
type Settings struct {
|
|
Key []byte `json:"key"`
|
|
Signup bool `json:"signup"`
|
|
CreateUserDir bool `json:"createUserDir"`
|
|
UserHomeBasePath string `json:"userHomeBasePath"`
|
|
Defaults UserDefaults `json:"defaults"`
|
|
AuthMethod AuthMethod `json:"authMethod"`
|
|
Branding Branding `json:"branding"`
|
|
Tus Tus `json:"tus"`
|
|
Commands map[string][]string `json:"commands"`
|
|
Shell []string `json:"shell"`
|
|
Rules []rules.Rule `json:"rules"`
|
|
}
|
|
|
|
// GetRules implements rules.Provider.
|
|
func (s *Settings) GetRules() []rules.Rule {
|
|
return s.Rules
|
|
}
|
|
|
|
// Server specific settings.
|
|
type Server struct {
|
|
Root string `json:"root"`
|
|
BaseURL string `json:"baseURL"`
|
|
Socket string `json:"socket"`
|
|
TLSKey string `json:"tlsKey"`
|
|
TLSCert string `json:"tlsCert"`
|
|
Port string `json:"port"`
|
|
Address string `json:"address"`
|
|
Log string `json:"log"`
|
|
EnableThumbnails bool `json:"enableThumbnails"`
|
|
ResizePreview bool `json:"resizePreview"`
|
|
EnableExec bool `json:"enableExec"`
|
|
TypeDetectionByHeader bool `json:"typeDetectionByHeader"`
|
|
AuthHook string `json:"authHook"`
|
|
TokenExpirationTime string `json:"tokenExpirationTime"`
|
|
TOTPTokenExpirationTime string `json:"totpTokenExpirationTime"`
|
|
TOTPEncryptionKey []byte `json:"totpEncryptionKey"`
|
|
}
|
|
|
|
// Clean cleans any variables that might need cleaning.
|
|
func (s *Server) Clean() {
|
|
s.BaseURL = strings.TrimSuffix(s.BaseURL, "/")
|
|
}
|
|
|
|
func (s *Server) GetTokenExpirationTime(tokenFB, totpFB time.Duration) (time.Duration, time.Duration) {
|
|
getTokenDuration := func(v string, fb time.Duration) time.Duration {
|
|
if v == "" {
|
|
return fb
|
|
}
|
|
|
|
dur, err := time.ParseDuration(v)
|
|
if err != nil {
|
|
log.Printf("[WARN] Failed to parse ExpirationTime(value: %s): %v", v, err)
|
|
return fb
|
|
}
|
|
return dur
|
|
}
|
|
|
|
return getTokenDuration(s.TokenExpirationTime, tokenFB), getTokenDuration(s.TOTPTokenExpirationTime, totpFB)
|
|
}
|
|
|
|
// GenerateKey generates a key of 512 bits.
|
|
func GenerateKey() ([]byte, error) {
|
|
b := make([]byte, 64) //nolint:gomnd
|
|
_, err := rand.Read(b)
|
|
// Note that err == nil only if we read len(b) bytes.
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return b, nil
|
|
}
|