totp: Directly show secret to add

2023-01-12 17:35:45 +01:00 · 2023-01-12 17:35:45 +01:00 · ef76844922
commit ef76844922
parent 202599aaeb
3 changed files with 15 additions and 6 deletions
--- a/internal/dis/component/auth/panel/password.go
+++ b/internal/dis/component/auth/panel/password.go
@ -22,7 +22,8 @@ var (
 	errPasswordsNotIdentical = errors.New("passwords are not identical")
 	errCredentialsIncorrect  = errors.New("credentials are not correct")
 	errPasswordSetFailure    = errors.New("error saving new password")
-	errTOTPSetFailure        = errors.New("unable to disable totp")
+	errTOTPSetFailure        = errors.New("unable to enable totp")
+	errTOTPUnsetFailure      = errors.New("unable to disable totp")
 	errPasswordSet           = errors.New("password was updated")
 )

--- a/internal/dis/component/auth/panel/templates/totp_enroll.html
+++ b/internal/dis/component/auth/panel/templates/totp_enroll.html
@ -7,8 +7,13 @@
        <img src="{{ .TOTPImage }}" alt="TOTP Enrollment Image">
    </a>
    <ul>
-        <li>scan the token above using a <a href="https://en.wikipedia.org/wiki/Time-based_one-time_password">TOTP</a> app on your phone</li>
-        <li>enter your current password and the now generated token to confirm</li>
+        <li>
+            Scan or click the token above to add it to a <a href="https://en.wikipedia.org/wiki/Time-based_one-time_password">TOTP</a> app
+        </li>
+        <li>
+            Alternatively enter the secret <code>{{ .TOTPSecret }}</code> into your app directly
+        </li>
+        <li>Next, enter your current password and the now generated token to confirm</li>
    </ul>
 </div>
 {{ end }}
--- a/internal/dis/component/auth/panel/totp.go
+++ b/internal/dis/component/auth/panel/totp.go
@ -73,8 +73,10 @@ var totpEnrollTemplate = static.AssetsUser.MustParseShared("totp_enroll.html", t

 type totpEnrollContext struct {
 	userFormContext
-	TOTPImage template.URL
-	TOTPURL   template.URL
+
+	TOTPSecret string
+	TOTPImage  template.URL
+	TOTPURL    template.URL
 }

 func (panel *UserPanel) routeTOTPEnroll(ctx context.Context) http.Handler {
@ -114,6 +116,7 @@ func (panel *UserPanel) routeTOTPEnroll(ctx context.Context) http.Handler {
 				if err == nil {
 					img, _ := auth.TOTPLink(secret, 500, 500)

+					ctx.TOTPSecret = secret.Secret()
 					ctx.TOTPImage = template.URL(img)
 					ctx.TOTPURL = template.URL(secret.URL())
 				}
@ -190,7 +193,7 @@ func (panel *UserPanel) routeTOTPDisable(ctx context.Context) http.Handler {
 			{
 				err := user.DisableTOTP(r.Context())
 				if err != nil {
-					return struct{}{}, errTOTPSetFailure
+					return struct{}{}, errTOTPUnsetFailure
 				}
 			}