2020-01-29 20:37:25 +01:00
|
|
|
<template>
|
2023-06-16 01:12:32 +02:00
|
|
|
<FormSection :first="first">
|
|
|
|
<template #label>{{ i18n.ts["2fa"] }}</template>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
<div v-if="$i" class="_gaps_s">
|
|
|
|
<MkFolder>
|
|
|
|
<template #icon
|
|
|
|
><i class="ph-shield-check ph-bold ph-lg"></i
|
|
|
|
></template>
|
|
|
|
<template #label>{{ i18n.ts.totp }}</template>
|
|
|
|
<template #caption>{{ i18n.ts.totpDescription }}</template>
|
|
|
|
<div v-if="$i.twoFactorEnabled" class="_gaps_s">
|
|
|
|
<div v-text="i18n.ts._2fa.alreadyRegistered" />
|
|
|
|
<template v-if="$i.securityKeysList.length > 0">
|
|
|
|
<MkButton @click="renewTOTP">{{
|
|
|
|
i18n.ts._2fa.renewTOTP
|
|
|
|
}}</MkButton>
|
|
|
|
<MkInfo>{{ i18n.ts._2fa.whyTOTPOnlyRenew }}</MkInfo>
|
|
|
|
</template>
|
|
|
|
<MkButton v-else @click="unregisterTOTP">{{
|
2023-04-08 02:01:42 +02:00
|
|
|
i18n.ts.unregister
|
|
|
|
}}</MkButton>
|
|
|
|
</div>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
<MkButton
|
|
|
|
v-else-if="!twoFactorData && !$i.twoFactorEnabled"
|
|
|
|
@click="registerTOTP"
|
|
|
|
>{{ i18n.ts._2fa.registerTOTP }}</MkButton
|
|
|
|
>
|
|
|
|
</MkFolder>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
<MkFolder>
|
|
|
|
<template #icon><i class="ph-key ph-bold ph-lg"></i></template>
|
|
|
|
<template #label>{{ i18n.ts.securityKeyAndPasskey }}</template>
|
|
|
|
<div class="_gaps_s">
|
|
|
|
<MkInfo>
|
|
|
|
{{ i18n.ts._2fa.securityKeyInfo }}<br />
|
|
|
|
<br />
|
|
|
|
{{ i18n.ts._2fa.chromePasskeyNotSupported }}
|
|
|
|
</MkInfo>
|
|
|
|
|
|
|
|
<MkInfo v-if="!supportsCredentials" warn>
|
|
|
|
{{ i18n.ts._2fa.securityKeyNotSupported }}
|
|
|
|
</MkInfo>
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
<MkInfo
|
|
|
|
v-else-if="supportsCredentials && !$i.twoFactorEnabled"
|
|
|
|
warn
|
2023-04-08 02:01:42 +02:00
|
|
|
>
|
2023-06-16 01:12:32 +02:00
|
|
|
{{ i18n.ts._2fa.registerTOTPBeforeKey }}
|
|
|
|
</MkInfo>
|
|
|
|
|
|
|
|
<template v-else>
|
|
|
|
<MkButton primary @click="addSecurityKey">{{
|
|
|
|
i18n.ts._2fa.registerSecurityKey
|
|
|
|
}}</MkButton>
|
|
|
|
<MkFolder
|
|
|
|
v-for="key in $i.securityKeysList"
|
|
|
|
:key="key.id"
|
2023-04-08 02:01:42 +02:00
|
|
|
>
|
2023-06-16 01:12:32 +02:00
|
|
|
<template #label>{{ key.name }}</template>
|
|
|
|
<template #suffix
|
|
|
|
><I18n :src="i18n.ts.lastUsedAt"
|
|
|
|
><template #t
|
|
|
|
><MkTime
|
|
|
|
:time="
|
|
|
|
key.lastUsed
|
|
|
|
" /></template></I18n
|
|
|
|
></template>
|
|
|
|
<div class="_buttons">
|
|
|
|
<MkButton @click="renameKey(key)"
|
|
|
|
><i
|
|
|
|
class="ph-pencil-line ph-bold ph-lg"
|
|
|
|
></i>
|
|
|
|
{{ i18n.ts.rename }}</MkButton
|
|
|
|
>
|
|
|
|
<MkButton danger @click="unregisterKey(key)"
|
|
|
|
><i class="ph-trash ph-bold ph-lg"></i>
|
|
|
|
{{ i18n.ts.unregister }}</MkButton
|
|
|
|
>
|
|
|
|
</div>
|
|
|
|
</MkFolder>
|
|
|
|
</template>
|
|
|
|
</div>
|
|
|
|
</MkFolder>
|
|
|
|
|
|
|
|
<MkSwitch
|
|
|
|
:disabled="
|
|
|
|
!$i.twoFactorEnabled || $i.securityKeysList.length === 0
|
|
|
|
"
|
|
|
|
:modelValue="usePasswordLessLogin"
|
|
|
|
@update:modelValue="(v) => updatePasswordLessLogin(v)"
|
|
|
|
>
|
|
|
|
<template #label>{{ i18n.ts.passwordLessLogin }}</template>
|
|
|
|
<template #caption>{{
|
|
|
|
i18n.ts.passwordLessLoginDescription
|
|
|
|
}}</template>
|
|
|
|
</MkSwitch>
|
2023-04-08 02:01:42 +02:00
|
|
|
</div>
|
2023-06-16 01:12:32 +02:00
|
|
|
</FormSection>
|
2020-01-29 20:37:25 +01:00
|
|
|
</template>
|
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
<script lang="ts" setup>
|
2023-06-16 01:12:32 +02:00
|
|
|
import { ref, defineAsyncComponent } from "vue";
|
2023-04-08 02:01:42 +02:00
|
|
|
import { hostname } from "@/config";
|
|
|
|
import { byteify, hexify, stringify } from "@/scripts/2fa";
|
|
|
|
import MkButton from "@/components/MkButton.vue";
|
|
|
|
import MkInfo from "@/components/MkInfo.vue";
|
2023-06-16 01:12:32 +02:00
|
|
|
import MkSwitch from "@/components/MkSwitch.vue";
|
|
|
|
import FormSection from "@/components/form/section.vue";
|
|
|
|
import MkFolder from "@/components/MkFolder.vue";
|
2023-04-08 02:01:42 +02:00
|
|
|
import * as os from "@/os";
|
|
|
|
import { $i } from "@/account";
|
|
|
|
import { i18n } from "@/i18n";
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
// メモ: 各エンドポイントはmeUpdatedを発行するため、refreshAccountは不要
|
|
|
|
|
|
|
|
withDefaults(
|
|
|
|
defineProps<{
|
|
|
|
first?: boolean;
|
|
|
|
}>(),
|
|
|
|
{
|
|
|
|
first: false,
|
|
|
|
}
|
|
|
|
);
|
|
|
|
|
2022-05-05 15:41:10 +02:00
|
|
|
const twoFactorData = ref<any>(null);
|
|
|
|
const supportsCredentials = ref(!!navigator.credentials);
|
2023-06-16 01:12:32 +02:00
|
|
|
const usePasswordLessLogin = $computed(() => $i!.usePasswordLessLogin);
|
2020-11-25 13:31:34 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
async function registerTOTP() {
|
|
|
|
const password = await os.inputText({
|
|
|
|
title: i18n.ts._2fa.registerTOTP,
|
|
|
|
text: i18n.ts.currentPassword,
|
2023-04-08 02:01:42 +02:00
|
|
|
type: "password",
|
2023-06-16 01:12:32 +02:00
|
|
|
autocomplete: "current-password",
|
|
|
|
});
|
|
|
|
if (password.canceled) return;
|
|
|
|
|
|
|
|
const twoFactorData = await os.apiWithDialog("i/2fa/register", {
|
|
|
|
password: password.result,
|
|
|
|
});
|
|
|
|
|
|
|
|
const qrdialog = await new Promise<boolean>((res) => {
|
|
|
|
os.popup(
|
|
|
|
defineAsyncComponent(() => import("./2fa.qrdialog.vue")),
|
|
|
|
{
|
|
|
|
twoFactorData,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
ok: () => res(true),
|
|
|
|
cancel: () => res(false),
|
|
|
|
},
|
|
|
|
"closed"
|
|
|
|
);
|
|
|
|
});
|
|
|
|
if (!qrdialog) return;
|
|
|
|
|
|
|
|
const token = await os.inputNumber({
|
|
|
|
title: i18n.ts._2fa.step3Title,
|
|
|
|
text: i18n.ts._2fa.step3,
|
|
|
|
autocomplete: "one-time-code",
|
|
|
|
});
|
|
|
|
if (token.canceled) return;
|
|
|
|
|
|
|
|
await os.apiWithDialog("i/2fa/done", {
|
|
|
|
token: token.result.toString(),
|
|
|
|
});
|
|
|
|
|
|
|
|
await os.alert({
|
|
|
|
type: "success",
|
|
|
|
text: i18n.ts._2fa.step4,
|
2022-05-05 15:41:10 +02:00
|
|
|
});
|
|
|
|
}
|
2020-11-25 13:31:34 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
function unregisterTOTP() {
|
2022-05-05 15:41:10 +02:00
|
|
|
os.inputText({
|
|
|
|
title: i18n.ts.password,
|
2023-04-08 02:01:42 +02:00
|
|
|
type: "password",
|
2023-06-16 01:12:32 +02:00
|
|
|
autocomplete: "current-password",
|
2022-05-05 15:41:10 +02:00
|
|
|
}).then(({ canceled, result: password }) => {
|
|
|
|
if (canceled) return;
|
2023-06-16 01:12:32 +02:00
|
|
|
os.apiWithDialog("i/2fa/unregister", {
|
2023-04-08 02:01:42 +02:00
|
|
|
password: password,
|
2023-06-16 01:12:32 +02:00
|
|
|
}).catch((error) => {
|
2023-04-08 02:01:42 +02:00
|
|
|
os.alert({
|
|
|
|
type: "error",
|
2023-06-16 01:12:32 +02:00
|
|
|
text: error,
|
2023-04-08 02:01:42 +02:00
|
|
|
});
|
2022-05-05 15:41:10 +02:00
|
|
|
});
|
2023-06-16 01:12:32 +02:00
|
|
|
});
|
2022-05-05 15:41:10 +02:00
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
function renewTOTP() {
|
|
|
|
os.confirm({
|
|
|
|
type: "question",
|
|
|
|
title: i18n.ts._2fa.renewTOTP,
|
|
|
|
text: i18n.ts._2fa.renewTOTPConfirm,
|
|
|
|
okText: i18n.ts._2fa.renewTOTPOk,
|
|
|
|
cancelText: i18n.ts._2fa.renewTOTPCancel,
|
|
|
|
}).then(({ canceled }) => {
|
|
|
|
if (canceled) return;
|
|
|
|
registerTOTP();
|
2022-06-10 07:36:55 +02:00
|
|
|
});
|
2022-05-05 15:41:10 +02:00
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
async function unregisterKey(key) {
|
|
|
|
const confirm = await os.confirm({
|
|
|
|
type: "question",
|
|
|
|
title: i18n.ts._2fa.removeKey,
|
|
|
|
text: i18n.t("_2fa.removeKeyConfirm", { name: key.name }),
|
|
|
|
});
|
|
|
|
if (confirm.canceled) return;
|
|
|
|
|
|
|
|
const password = await os.inputText({
|
2022-05-05 15:41:10 +02:00
|
|
|
title: i18n.ts.password,
|
2023-04-08 02:01:42 +02:00
|
|
|
type: "password",
|
2023-06-16 01:12:32 +02:00
|
|
|
autocomplete: "current-password",
|
2022-05-05 15:41:10 +02:00
|
|
|
});
|
2023-06-16 01:12:32 +02:00
|
|
|
if (password.canceled) return;
|
|
|
|
|
|
|
|
await os.apiWithDialog("i/2fa/remove-key", {
|
|
|
|
password: password.result,
|
|
|
|
credentialId: key.id,
|
|
|
|
});
|
|
|
|
os.success();
|
2022-05-05 15:41:10 +02:00
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
async function renameKey(key) {
|
|
|
|
const name = await os.inputText({
|
|
|
|
title: i18n.ts.rename,
|
|
|
|
default: key.name,
|
|
|
|
type: "text",
|
|
|
|
minLength: 1,
|
|
|
|
maxLength: 30,
|
|
|
|
});
|
|
|
|
if (name.canceled) return;
|
|
|
|
|
|
|
|
await os.apiWithDialog("i/2fa/update-key", {
|
|
|
|
name: name.result,
|
|
|
|
credentialId: key.id,
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
async function addSecurityKey() {
|
|
|
|
const password = await os.inputText({
|
2022-05-05 15:41:10 +02:00
|
|
|
title: i18n.ts.password,
|
2023-04-08 02:01:42 +02:00
|
|
|
type: "password",
|
2023-06-16 01:12:32 +02:00
|
|
|
autocomplete: "current-password",
|
|
|
|
});
|
|
|
|
if (password.canceled) return;
|
|
|
|
|
|
|
|
const challenge: any = await os.apiWithDialog("i/2fa/register-key", {
|
|
|
|
password: password.result,
|
|
|
|
});
|
|
|
|
|
|
|
|
const name = await os.inputText({
|
|
|
|
title: i18n.ts._2fa.registerSecurityKey,
|
|
|
|
text: i18n.ts._2fa.securityKeyName,
|
|
|
|
type: "text",
|
|
|
|
minLength: 1,
|
|
|
|
maxLength: 30,
|
|
|
|
});
|
|
|
|
if (name.canceled) return;
|
|
|
|
|
|
|
|
const webAuthnCreation = navigator.credentials.create({
|
|
|
|
publicKey: {
|
|
|
|
challenge: byteify(challenge.challenge, "base64"),
|
|
|
|
rp: {
|
|
|
|
id: hostname,
|
|
|
|
name: "Misskey",
|
|
|
|
},
|
|
|
|
user: {
|
|
|
|
id: byteify($i!.id, "ascii"),
|
|
|
|
name: $i!.username,
|
|
|
|
displayName: $i!.name,
|
|
|
|
},
|
|
|
|
pubKeyCredParams: [{ alg: -7, type: "public-key" }],
|
|
|
|
timeout: 60000,
|
|
|
|
attestation: "direct",
|
|
|
|
},
|
|
|
|
}) as Promise<
|
|
|
|
| (PublicKeyCredential & { response: AuthenticatorAttestationResponse })
|
|
|
|
| null
|
|
|
|
>;
|
|
|
|
|
|
|
|
const credential = await os.promiseDialog(
|
|
|
|
webAuthnCreation,
|
|
|
|
null,
|
|
|
|
() => {}, // ユーザーのキャンセルはrejectなのでエラーダイアログを出さない
|
|
|
|
i18n.ts._2fa.tapSecurityKey
|
|
|
|
);
|
|
|
|
if (!credential) return;
|
|
|
|
|
|
|
|
await os.apiWithDialog("i/2fa/key-done", {
|
|
|
|
password: password.result,
|
|
|
|
name: name.result,
|
|
|
|
challengeId: challenge.challengeId,
|
|
|
|
// we convert each 16 bits to a string to serialise
|
|
|
|
clientDataJSON: stringify(credential.response.clientDataJSON),
|
|
|
|
attestationObject: hexify(credential.response.attestationObject),
|
2022-05-05 15:41:10 +02:00
|
|
|
});
|
|
|
|
}
|
2020-11-25 13:31:34 +01:00
|
|
|
|
2023-06-16 01:12:32 +02:00
|
|
|
async function updatePasswordLessLogin(value: boolean) {
|
|
|
|
await os.apiWithDialog("i/2fa/password-less", {
|
|
|
|
value,
|
2022-05-05 15:41:10 +02:00
|
|
|
});
|
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
</script>
|