extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-01-22 22:30:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix #72 - 2FA secret passed as plain text rejected by form validation

Browse Source
This commit is contained in:
Bubka 2022-05-13 13:49:14 +02:00
parent ff140fb5fa
commit 2d38980890
4 changed files with 23 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
package-lock.json generated
View File

@ -4,7 +4,6 @@
"requires": true,
"packages": {
"": {
"name": "2FAuth",
"dependencies": {
"@fortawesome/fontawesome-svg-core": "^1.2.36",
"@fortawesome/free-brands-svg-icons": "^5.15.4",
@ -16,6 +15,7 @@
"bulma-checkradio": "^2.1.2",
"bulma-switch": "^2.0.0",
"object-equals": "^0.3.0",
"thirty-two": "github:osztenkurden/thirty-two#master",
"v-clipboard": "^2.2.3",
"vue": "^2.6.14",
"vue-axios": "^3.4.0",
@ -8981,6 +8981,13 @@
"node": ">= 8"
}
},
"node_modules/thirty-two": {
"version": "1.0.3",
"resolved": "git+ssh://git@github.com/osztenkurden/thirty-two.git#84e1dd6180a2d881565b5068630536a4414ecda9",
"engines": {
"node": ">=0.2.6"
}
},
"node_modules/thunky": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/thunky/-/thunky-1.1.0.tgz",
@ -16695,6 +16702,10 @@
}
}
},
"thirty-two": {
"version": "git+ssh://git@github.com/osztenkurden/thirty-two.git#84e1dd6180a2d881565b5068630536a4414ecda9",
"from": "thirty-two@github:osztenkurden/thirty-two#master"
},
"thunky": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/thunky/-/thunky-1.1.0.tgz",

1
package.json
View File

@ -32,6 +32,7 @@
"bulma-checkradio": "^2.1.2",
"bulma-switch": "^2.0.0",
"object-equals": "^0.3.0",
"thirty-two": "github:osztenkurden/thirty-two#master",
"v-clipboard": "^2.2.3",
"vue": "^2.6.14",
"vue-axios": "^3.4.0",

6
resources/js/views/twofaccounts/Create.vue
View File

@ -87,7 +87,7 @@
<div class="field has-addons">
<p class="control">
<span class="select">
<select v-model="form.secretIsBase32Encoded">
<select @change="form.secret=''" v-model="form.secretIsBase32Encoded">
<option v-for="format in secretFormats" :value="format.value">{{ format.text }}</option>
</select>
</span>
@ -176,6 +176,7 @@
import Modal from '../../components/Modal'
import Form from './../../components/Form'
import OtpDisplayer from '../../components/OtpDisplayer'
import Base32 from "thirty-two"
export default {
data() {
@ -275,6 +276,9 @@
// set current temp icon as account icon
this.form.icon = this.tempIcon
// Secret to base32 if necessary
this.form.secret = this.form.secretIsBase32Encoded ? this.form.secret : Base32.encode(this.form.secret).toString();
await this.form.post('/api/v1/twofaccounts')
if( this.form.errors.any() === false ) {

6
resources/js/views/twofaccounts/Edit.vue
View File

@ -33,7 +33,7 @@
<div class="field has-addons">
<p class="control">
<span class="select">
<select v-model="form.secretIsBase32Encoded">
<select @change="form.secret=''" v-model="form.secretIsBase32Encoded">
<option v-for="format in secretFormats" :value="format.value">{{ format.text }}</option>
</select>
</span>
@ -110,6 +110,7 @@
import Modal from '../../components/Modal'
import Form from './../../components/Form'
import OtpDisplayer from '../../components/OtpDisplayer'
import Base32 from "thirty-two"
export default {
data() {
@ -201,6 +202,9 @@
this.deleteIcon()
}
// Secret to base32 if necessary
this.form.secret = this.form.secretIsBase32Encoded ? this.form.secret : Base32.encode(this.form.secret).toString();
await this.form.put('/api/v1/twofaccounts/' + this.$route.params.twofaccountId)
if( this.form.errors.any() === false ) {