blob: f53714646bd8d5ff9aab524df63f3e84dfa0c8ed [file] [log] [blame]
function verify() {
if (!document.getElementById("code").checkValidity()) {
document.querySelector(".mdl-js-snackbar").MaterialSnackbar.showSnackbar({
message: "El código de verificación debe tener 6 cifras."
});
return;
}
var body = {
code: document.getElementById("code").value
};
var content = document.getElementById("content");
content.innerHTML = '<div class="mdl-spinner mdl-js-spinner is-active"></div>';
content.style.textAlign = "center";
componentHandler.upgradeElements(content);
fetch("ajax/verifysecuritycode.php", {
method: "POST",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify(body)
}).then(response => {
if (response.status !== 200) {
throw new Error("HTTP status is not 200.");
}
return response.json();
}).then(response => {
switch (response.status) {
case "ok":
document.location = "index.php";
break;
case "wrongCode":
document.location = "index.php?msg=secondfactorwrongcode";
break;
default:
console.error("An unknown status code was returned.");
}
}).catch(err => console.error("An unexpected error occurred.", err));
}
function verifyKeypress(e) {
if (event.keyCode == 13) {
verify();
}
}
function startWebauthn() {
fetch("ajax/startwebauthnauthentication.php", {
method: "POST"
}).then(response => {
if (response.status !== 200) {
response.text(); // @TODO: Remove this. It is only used so the response is available in Chrome Dev Tools
throw new Error("HTTP status is not 200.");
}
return response.json();
}).then(response => {
recursiveBase64StrToArrayBuffer(response);
return response;
}).then(getCredentialArgs => {
return navigator.credentials.get(getCredentialArgs);
}).then(cred => {
return {
id: cred.rawId ? arrayBufferToBase64(cred.rawId) : null,
clientDataJSON: cred.response.clientDataJSON ? arrayBufferToBase64(cred.response.clientDataJSON) : null,
authenticatorData: cred.response.authenticatorData ? arrayBufferToBase64(cred.response.authenticatorData) : null,
signature : cred.response.signature ? arrayBufferToBase64(cred.response.signature) : null
};
}).then(JSON.stringify).then(AuthenticatorAttestationResponse => {
return window.fetch("ajax/completewebauthnauthentication.php", {
method: "POST",
body: AuthenticatorAttestationResponse,
});
}).then(response => {
if (response.status !== 200) {
response.text(); // @TODO: remove this. It is only used so the response is available in Chrome Dev Tools
throw new Error("HTTP status is not 200 (2).");
}
return response.json();
}).then(json => {
if (json.status == "ok") {
document.location = "index.php";
}
}).catch(err => console.error("An unexpected error occurred.", err));
}
window.addEventListener("load", function() {
if (document.getElementById("totp")) {
document.getElementById("verify").addEventListener("click", verify);
document.getElementById("code").addEventListener("keypress", verifyKeypress);
document.getElementById("code").focus();
document.querySelector("a[href=\"#totp\"]").addEventListener("click", _ => {
document.getElementById("code").focus();
});
}
if (document.getElementById("startwebauthn")) {
document.getElementById("startwebauthn").addEventListener("click", startWebauthn);
}
});