feat: add basic 2fa support to admin panel

SoCSTech · Feb 3, 2025 · a0fd2b2 · a0fd2b2
1 parent 2e97bcf
commit a0fd2b2
Show file tree

Hide file tree

Showing 9 changed files with 1,018 additions and 1,032 deletions.
diff --git a/admin/package-lock.json b/admin/package-lock.json
diff --git a/admin/package.json b/admin/package.json
@@ -22,9 +22,9 @@
   },
   "dependencies": {
     "@astrojs/check": "^0.9.4",
-    "@astrojs/node": "^8.3.4",
-    "@astrojs/react": "^3.6.2",
-    "@astrojs/tailwind": "^5.1.1",
+    "@astrojs/node": "^9.0.2",
+    "@astrojs/react": "^4.2.0",
+    "@astrojs/tailwind": "^6.0.0",
     "@hookform/resolvers": "^3.6.0",
     "@radix-ui/react-avatar": "^1.0.4",
     "@radix-ui/react-checkbox": "^1.0.4",
@@ -40,7 +40,7 @@
     "@tanstack/react-table": "^8.17.3",
     "@types/react": "^18.3.3",
     "@types/react-dom": "^18.3.0",
-    "astro": "^4.15.11",
+    "astro": "^5.2.3",
     "astro-icon": "^1.1.0",
     "axios": "^1.7.2",
     "class-variance-authority": "^0.7.0",

diff --git a/admin/src/components/auth/loginForm.tsx b/admin/src/components/auth/loginForm.tsx
@@ -11,7 +11,7 @@ export default function LoginForm() {
   const handleLogin = (event: React.FormEvent<HTMLFormElement>): void => {
     // Prevent page reload
     event.preventDefault();
-    const { username, password } = document.forms[0];
+    const { username, password, totp } = document.forms[0];
     const queryParameters = new URLSearchParams(window.location.search);
     const redirect = queryParameters.get("redirect");
 
@@ -21,6 +21,7 @@ export default function LoginForm() {
         {
           username: username.value,
           password: password.value,
+          totp: totp.value
         },
         {
           timeout: 15000, // 15 seconds timeout
@@ -61,6 +62,12 @@ export default function LoginForm() {
           autoComplete="current-password"
           name="password"
         />
+        <Input
+          type="text"
+          placeholder="2FA Code"
+          autoComplete="username"
+          name="totp"
+        />
         <div className="flex w-full flex-col">
           <Button type="submit" variant={"primaryOutline"}>
             Login

diff --git a/admin/src/components/users/userPage.tsx b/admin/src/components/users/userPage.tsx
@@ -412,6 +412,9 @@ export function UserPage(props: Props) {
             <h2 className="font-medium text 3xl">
               {user.role} - Joined{" "}
               {new Date(user.creationDate).toLocaleDateString()}
+              <p className="text-green-600">
+                {user.totpEnabled ? "2FA Enabled" : ""}
+              </p>
             </h2>
           </div>
         </div>

diff --git a/admin/src/components/users/userSettings.tsx b/admin/src/components/users/userSettings.tsx
@@ -265,6 +265,7 @@ export default function UserSettings() {
             <h2 className="font-medium text 3xl">
               {user.role} - Joined{" "}
               {new Date(user.creationDate).toLocaleDateString()}
+              <p className="text-green-600">{user.totpEnabled ? "2FA Enabled" : ""}</p>
             </h2>
           </div>
         </div>

diff --git a/admin/src/constants.ts b/admin/src/constants.ts
@@ -1,4 +1,4 @@
-export const API_URL = import.meta.env.PUBLIC_API_URL || "https://asgard.socstech.support";
+export const API_URL = import.meta.env.PUBLIC_API_URL || "http://localhost:3000";
 export const Y2_URL = import.meta.env.PUBLIC_Y2_URL || "https://yggdrasil.socstech.support";
 export const PUBLIC_ROUTES = [ "/login", "/forgot-password", "/change-password" ]
 

diff --git a/admin/src/interfaces/user.ts b/admin/src/interfaces/user.ts
@@ -9,6 +9,8 @@ export interface IUser {
     creationDate: Date;
     profilePictureUrl?: string;
     isDeleted: boolean;
+    totpEnabled: boolean;
+    totpSecret: string;
 }
 
 export const UserRoles = [

diff --git a/api/src/controllers/auth.ts b/api/src/controllers/auth.ts
@@ -223,6 +223,10 @@ const disableTotp = async (req: Request, res: Response, next: NextFunction) => {
         return
     }
 
+    const updatedUser = await db.update(userSchema)
+        .set({ totpSecret: "", totpEnabled: false })
+        .where(eq(userSchema.id, user[0].id));
+
     res.status(201).json({ "message": "2FA has been disabled for your account.", "username": user[0].username, "userId": user[0].id })
 }
 

diff --git a/api/src/utils/users.ts b/api/src/utils/users.ts
@@ -1,5 +1,5 @@
 import { db } from "@/db";
-import {users as userSchema } from '@/db/schema';
+import { users as userSchema } from '@/db/schema';
 import { eq, and } from 'drizzle-orm';
 const crypto = require("crypto");
 
@@ -14,7 +14,8 @@ export const simplifiedUser = {
     email: userSchema.email,
     creationDate: userSchema.creationDate,
     profilePictureUrl: userSchema.profilePictureUrl,
-    isDeleted: userSchema.isDeleted
+    isDeleted: userSchema.isDeleted,
+    totpEnabled: userSchema.totpEnabled
 };
 
 // // Schema of New User
@@ -39,6 +40,6 @@ export const isUserATechnician = async (userId: string): Promise<boolean> => {
                 eq(userSchema.isDeleted, false))
         );
 
-    if (admin[0].role === "TECHNICIAN") { return true}
+    if (admin[0].role === "TECHNICIAN") { return true }
     else { return false }
 };