Skip to content

Commit

Permalink
[FIX] Showing alerts during setup wizard (#18862)
Browse files Browse the repository at this point in the history
* Remember users' 2FA right after registration

* Change register server to false by default
  • Loading branch information
sampaiodiego authored Sep 11, 2020
1 parent 536eaad commit bd550af
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 7 deletions.
28 changes: 22 additions & 6 deletions app/2fa/server/code/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ export function getUserForCheck(userId: string): IUser {
fields: {
emails: 1,
language: 1,
createdAt: 1,
'services.totp': 1,
'services.email2fa': 1,
'services.emailCode': 1,
Expand All @@ -61,6 +62,19 @@ export function getFingerprintFromConnection(connection: IMethodConnection): str
return crypto.createHash('md5').update(data).digest('hex');
}

function getRememberDate(from: Date = new Date()): Date | undefined {
const rememberFor = parseInt(settings.get('Accounts_TwoFactorAuthentication_RememberFor') as string, 10);

if (rememberFor <= 0) {
return;
}

const expires = new Date(from);
expires.setSeconds(expires.getSeconds() + rememberFor);

return expires;
}

export function isAuthorizedForToken(connection: IMethodConnection, user: IUser, options: ITwoFactorOptions): boolean {
const currentToken = Accounts._getLoginToken(connection.id);
const tokenObject = user.services?.resume?.loginTokens?.find((i) => i.hashedToken === currentToken);
Expand All @@ -77,6 +91,12 @@ export function isAuthorizedForToken(connection: IMethodConnection, user: IUser,
return false;
}

// remember user right after their registration
const rememberAfterRegistration = user.createdAt && getRememberDate(user.createdAt);
if (rememberAfterRegistration && rememberAfterRegistration >= new Date()) {
return true;
}

if (!tokenObject.twoFactorAuthorizedUntil || !tokenObject.twoFactorAuthorizedHash) {
return false;
}
Expand All @@ -95,15 +115,11 @@ export function isAuthorizedForToken(connection: IMethodConnection, user: IUser,
export function rememberAuthorization(connection: IMethodConnection, user: IUser): void {
const currentToken = Accounts._getLoginToken(connection.id);

const rememberFor = parseInt(settings.get('Accounts_TwoFactorAuthentication_RememberFor') as string, 10);

if (rememberFor <= 0) {
const expires = getRememberDate();
if (!expires) {
return;
}

const expires = new Date();
expires.setSeconds(expires.getSeconds() + rememberFor);

Users.setTwoFactorAuthorizationHashAndUntilForUserIdAndToken(user._id, currentToken, getFingerprintFromConnection(connection), expires);
}

Expand Down
2 changes: 1 addition & 1 deletion app/lib/server/startup/settings.js
Original file line number Diff line number Diff line change
Expand Up @@ -2679,7 +2679,7 @@ settings.addGroup('Setup_Wizard', function() {
this.add('Allow_Marketing_Emails', true, {
type: 'boolean',
});
this.add('Register_Server', true, {
this.add('Register_Server', false, {
type: 'boolean',
});
this.add('Organization_Email', '', {
Expand Down

0 comments on commit bd550af

Please sign in to comment.