2023-01-29 12:16:32 +00:00
|
|
|
local FORMNAME = "otp-onboard"
|
2023-01-28 19:30:44 +00:00
|
|
|
|
2023-01-29 11:13:50 +00:00
|
|
|
minetest.register_chatcommand("otp_disable", {
|
2023-01-29 12:16:32 +00:00
|
|
|
description = "Disable the otp verification",
|
|
|
|
privs = { otp_enabled = true, interact = true },
|
2023-01-29 11:13:50 +00:00
|
|
|
func = function(name)
|
|
|
|
-- clear priv
|
|
|
|
local privs = minetest.get_player_privs(name)
|
2023-01-29 12:16:32 +00:00
|
|
|
privs.otp_enabled = nil
|
2023-01-29 11:13:50 +00:00
|
|
|
minetest.set_player_privs(name, privs)
|
|
|
|
return true, "OTP login disabled"
|
|
|
|
end
|
|
|
|
})
|
2023-01-28 19:30:44 +00:00
|
|
|
|
|
|
|
minetest.register_chatcommand("otp_enable", {
|
2023-01-29 12:16:32 +00:00
|
|
|
description = "Enable the otp verification",
|
2023-01-28 19:30:44 +00:00
|
|
|
func = function(name)
|
2023-01-29 11:13:50 +00:00
|
|
|
-- issuer name
|
2023-01-28 19:30:44 +00:00
|
|
|
local issuer = "Minetest"
|
|
|
|
if minetest.settings:get("server_name") ~= "" then
|
|
|
|
issuer = minetest.settings:get("server_name")
|
|
|
|
elseif minetest.settings:get("server_address") ~= "" then
|
|
|
|
issuer = minetest.settings:get("server_address")
|
|
|
|
end
|
|
|
|
|
2023-01-29 11:13:50 +00:00
|
|
|
local secret_b32 = otp.get_player_secret_b32(name)
|
|
|
|
|
|
|
|
-- url for the qr code
|
2023-01-29 12:26:24 +00:00
|
|
|
local url = "otpauth://totp/" .. issuer .. ":" .. name .. "?algorithm=SHA1" ..
|
|
|
|
"&digits=6" ..
|
|
|
|
"&issuer=" .. issuer ..
|
|
|
|
"&period=30" ..
|
|
|
|
"&secret=" .. secret_b32 ..
|
|
|
|
"&image=https://raw.githubusercontent.com/minetest/minetest/master/misc/minetest-xorg-icon-128.png"
|
2023-01-28 19:30:44 +00:00
|
|
|
|
|
|
|
local ok, code = otp.qrcode(url)
|
2023-01-29 11:13:50 +00:00
|
|
|
if not ok then
|
|
|
|
return false, "qr code generation failed"
|
|
|
|
end
|
2023-01-28 19:30:44 +00:00
|
|
|
|
|
|
|
local png = otp.create_qr_png(code)
|
2023-01-29 12:16:32 +00:00
|
|
|
local formspec = "size[9,10]" ..
|
|
|
|
"image[1.5,0.6;7,7;^[png:" .. minetest.encode_base64(png) .. "]" ..
|
|
|
|
"label[1,7;Use the above QR code in your OTP-App to obtain a verification code]" ..
|
|
|
|
"field[1,9;4,1;code;Code;]" ..
|
|
|
|
"button_exit[5,8.7;3,1;submit;Verify]"
|
2023-01-28 19:30:44 +00:00
|
|
|
|
|
|
|
minetest.show_formspec(name, FORMNAME, formspec)
|
|
|
|
end
|
|
|
|
})
|
|
|
|
|
|
|
|
minetest.register_on_player_receive_fields(function(player, formname, fields)
|
|
|
|
if formname ~= FORMNAME then
|
|
|
|
return
|
|
|
|
end
|
|
|
|
|
|
|
|
if fields.code then
|
2023-01-29 11:13:50 +00:00
|
|
|
local playername = player:get_player_name()
|
|
|
|
local secret_b32 = otp.get_player_secret_b32(playername)
|
|
|
|
local expected_code = otp.generate_totp(secret_b32)
|
2023-01-28 19:30:44 +00:00
|
|
|
if expected_code == fields.code then
|
2023-01-29 11:13:50 +00:00
|
|
|
-- set priv
|
|
|
|
local privs = minetest.get_player_privs(playername)
|
|
|
|
privs.otp_enabled = true
|
|
|
|
minetest.set_player_privs(playername, privs)
|
|
|
|
|
|
|
|
minetest.chat_send_player(playername, "Code validation succeeded, OTP login enabled")
|
2023-01-28 19:30:44 +00:00
|
|
|
else
|
2023-01-29 11:13:50 +00:00
|
|
|
minetest.chat_send_player(playername, "Code validation failed!")
|
2023-01-28 19:30:44 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
end)
|