Gitiles
Code Review Sign In
gerrit.avm99963.com / hores-external / be50d49a1de3579494650ceb3cad0f04719b087f / . / src / js / secondfactor.js
blob: f53714646bd8d5ff9aab524df63f3e84dfa0c8ed [file] [log] [blame]
Copybara botbe50d492023-11-30 00:16:42 +0100[diff] [blame^]1function verify() {
2 if (!document.getElementById("code").checkValidity()) {
3 document.querySelector(".mdl-js-snackbar").MaterialSnackbar.showSnackbar({
4 message: "El código de verificación debe tener 6 cifras."
5 });
6
7 return;
8 }
9
10 var body = {
11 code: document.getElementById("code").value
12 };
13
14 var content = document.getElementById("content");
15 content.innerHTML = '<div class="mdl-spinner mdl-js-spinner is-active"></div>';
16 content.style.textAlign = "center";
17 componentHandler.upgradeElements(content);
18
19 fetch("ajax/verifysecuritycode.php", {
20 method: "POST",
21 headers: {
22 "Content-Type": "application/json"
23 },
24 body: JSON.stringify(body)
25 }).then(response => {
26 if (response.status !== 200) {
27 throw new Error("HTTP status is not 200.");
28 }
29
30 return response.json();
31 }).then(response => {
32 switch (response.status) {
33 case "ok":
34 document.location = "index.php";
35 break;
36
37 case "wrongCode":
38 document.location = "index.php?msg=secondfactorwrongcode";
39 break;
40
41 default:
42 console.error("An unknown status code was returned.");
43 }
44 }).catch(err => console.error("An unexpected error occurred.", err));
45}
46
47function verifyKeypress(e) {
48 if (event.keyCode == 13) {
49 verify();
50 }
51}
52
53function startWebauthn() {
54 fetch("ajax/startwebauthnauthentication.php", {
55 method: "POST"
56 }).then(response => {
57 if (response.status !== 200) {
58 response.text(); // @TODO: Remove this. It is only used so the response is available in Chrome Dev Tools
59 throw new Error("HTTP status is not 200.");
60 }
61
62 return response.json();
63 }).then(response => {
64 recursiveBase64StrToArrayBuffer(response);
65 return response;
66 }).then(getCredentialArgs => {
67 return navigator.credentials.get(getCredentialArgs);
68 }).then(cred => {
69 return {
70 id: cred.rawId ? arrayBufferToBase64(cred.rawId) : null,
71 clientDataJSON: cred.response.clientDataJSON ? arrayBufferToBase64(cred.response.clientDataJSON) : null,
72 authenticatorData: cred.response.authenticatorData ? arrayBufferToBase64(cred.response.authenticatorData) : null,
73 signature : cred.response.signature ? arrayBufferToBase64(cred.response.signature) : null
74 };
75 }).then(JSON.stringify).then(AuthenticatorAttestationResponse => {
76 return window.fetch("ajax/completewebauthnauthentication.php", {
77 method: "POST",
78 body: AuthenticatorAttestationResponse,
79 });
80 }).then(response => {
81 if (response.status !== 200) {
82 response.text(); // @TODO: remove this. It is only used so the response is available in Chrome Dev Tools
83 throw new Error("HTTP status is not 200 (2).");
84 }
85
86 return response.json();
87 }).then(json => {
88 if (json.status == "ok") {
89 document.location = "index.php";
90 }
91 }).catch(err => console.error("An unexpected error occurred.", err));
92}
93
94window.addEventListener("load", function() {
95 if (document.getElementById("totp")) {
96 document.getElementById("verify").addEventListener("click", verify);
97 document.getElementById("code").addEventListener("keypress", verifyKeypress);
98 document.getElementById("code").focus();
99 document.querySelector("a[href=\"#totp\"]").addEventListener("click", _ => {
100 document.getElementById("code").focus();
101 });
102 }
103
104 if (document.getElementById("startwebauthn")) {
105 document.getElementById("startwebauthn").addEventListener("click", startWebauthn);
106 }
107});