fediauth/onboard.lua

70 lines
2.4 KiB
Lua
Raw Normal View History

2023-01-29 12:16:32 +00:00
local FORMNAME = "otp-onboard"
2023-01-28 19:30:44 +00:00
2023-01-29 11:13:50 +00:00
minetest.register_chatcommand("otp_disable", {
2023-01-29 12:16:32 +00:00
description = "Disable the otp verification",
privs = { otp_enabled = true, interact = true },
2023-01-29 11:13:50 +00:00
func = function(name)
-- clear priv
local privs = minetest.get_player_privs(name)
2023-01-29 12:16:32 +00:00
privs.otp_enabled = nil
2023-01-29 11:13:50 +00:00
minetest.set_player_privs(name, privs)
return true, "OTP login disabled"
end
})
2023-01-28 19:30:44 +00:00
minetest.register_chatcommand("otp_enable", {
2023-01-29 12:16:32 +00:00
description = "Enable the otp verification",
2023-01-28 19:30:44 +00:00
func = function(name)
2023-01-29 11:13:50 +00:00
-- issuer name
2023-01-28 19:30:44 +00:00
local issuer = "Minetest"
if minetest.settings:get("server_name") ~= "" then
issuer = minetest.settings:get("server_name")
elseif minetest.settings:get("server_address") ~= "" then
issuer = minetest.settings:get("server_address")
end
2023-01-29 11:13:50 +00:00
local secret_b32 = otp.get_player_secret_b32(name)
-- url for the qr code
2023-01-28 19:30:44 +00:00
local url = "otpauth://totp/" .. issuer .. ":" .. name .. "?algorithm=SHA1&" ..
"digits=6&issuer=" .. issuer .. "&period=30&" ..
"secret=" .. secret_b32
local ok, code = otp.qrcode(url)
2023-01-29 11:13:50 +00:00
if not ok then
return false, "qr code generation failed"
end
2023-01-28 19:30:44 +00:00
local png = otp.create_qr_png(code)
2023-01-29 12:16:32 +00:00
local formspec = "size[9,10]" ..
"image[1.5,0.6;7,7;^[png:" .. minetest.encode_base64(png) .. "]" ..
"label[1,7;Use the above QR code in your OTP-App to obtain a verification code]" ..
"field[1,9;4,1;code;Code;]" ..
"button_exit[5,8.7;3,1;submit;Verify]"
2023-01-28 19:30:44 +00:00
minetest.show_formspec(name, FORMNAME, formspec)
end
})
minetest.register_on_player_receive_fields(function(player, formname, fields)
if formname ~= FORMNAME then
return
end
if fields.code then
2023-01-29 11:13:50 +00:00
local playername = player:get_player_name()
local secret_b32 = otp.get_player_secret_b32(playername)
local expected_code = otp.generate_totp(secret_b32)
2023-01-28 19:30:44 +00:00
if expected_code == fields.code then
2023-01-29 11:13:50 +00:00
-- set priv
local privs = minetest.get_player_privs(playername)
privs.otp_enabled = true
minetest.set_player_privs(playername, privs)
minetest.chat_send_player(playername, "Code validation succeeded, OTP login enabled")
2023-01-28 19:30:44 +00:00
else
2023-01-29 11:13:50 +00:00
minetest.chat_send_player(playername, "Code validation failed!")
2023-01-28 19:30:44 +00:00
end
end
end)