ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-06-15 00:44:27 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Added MFA to model and internal user

Browse Source
This commit is contained in:
Julian Gassner 2025-01-15 14:33:11 +00:00
parent 69f7920675
commit 35938db24b
2 changed files with 75 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
backend/internal/user.js
View File

@ -7,6 +7,8 @@ const authModel = require('../models/auth');
const gravatar = require('gravatar'); const gravatar = require('gravatar');
const internalToken = require('./token'); const internalToken = require('./token');
const internalAuditLog = require('./audit-log'); const internalAuditLog = require('./audit-log');
const authenticator = require('authenticator');
const qrcode = require('qrcode');
function omissions () { function omissions () {
return ['is_deleted']; return ['is_deleted'];
@ -507,6 +509,36 @@ const internalUser = {
.then((user) => { .then((user) => {
return internalToken.getTokenFromUser(user); return internalToken.getTokenFromUser(user);
}); });
},
createMFAKey: (access, data) => {
return access.can('users:activate_mfa', data.id)
.then(() => {
return internalUser.get(access, {id: data.id});
})
.then((user) => {
let secret = authenticator.generateKey();
return userModel
.query()
.patchAndFetchById(user.id, { mfa_key: secret })
.then(() => {
let uri = authenticator.generateTotpUri(secret, user.email, 'NginxProxyManager');
return qrcode.toDataURL(uri);
})
.then((qrCode) => {
return { user, qrCode };
});
})
.then(({ user, qrCode }) => {
return internalAuditLog.add(access, {
action: 'updated',
object_type: 'user',
object_id: user.id,
meta: data
})
.then(() => ({ user, qrCode }));
});
} }
}; };

43
backend/migrations/20250115041439_mfa_integeration.js Normal file
View File

@ -0,0 +1,43 @@
const migrate_name = 'identifier_for_migrate';
const logger = require('../logger').migrate;
/**
* Migrate
*
* @see http://knexjs.org/#Schema
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.up = function (knex/*, Promise*/) {
logger.info('[' + migrate_name + '] Migrating Up...');
return knex.schema.alterTable('user', (table) => {
table.string('mfa_secret');
})
.then(() => {
logger.info('[' + migrate_name + '] User Table altered');
logger.info('[' + migrate_name + '] Migrating Up Complete');
});
};
/**
* Undo Migrate
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.down = function (knex/*, Promise*/) {
logger.info('[' + migrate_name + '] Migrating Down...');
return knex.schema.alterTable('user', (table) => {
table.dropColumn('mfa_key');
})
.then(() => {
logger.info('[' + migrate_name + '] User Table altered');
logger.info('[' + migrate_name + '] Migrating Down Complete');
});
};