diff options
author | e-macgregor <122734173+e-macgregor@users.noreply.github.com> | 2023-10-29 17:20:36 -0600 |
---|---|---|
committer | e-macgregor <122734173+e-macgregor@users.noreply.github.com> | 2023-10-29 17:20:36 -0600 |
commit | 3296318dccfcc83cc99d6da58affe5ee8a46fedb (patch) | |
tree | eae083565f578feefa3bea354c5d77eac2c25f84 /src/main/java/org/traccar/api/resource/SessionResource.java | |
parent | 468a9c22bea1421a5df5513766dd7709f1e05b04 (diff) | |
download | trackermap-server-3296318dccfcc83cc99d6da58affe5ee8a46fedb.tar.gz trackermap-server-3296318dccfcc83cc99d6da58affe5ee8a46fedb.tar.bz2 trackermap-server-3296318dccfcc83cc99d6da58affe5ee8a46fedb.zip |
totp
Diffstat (limited to 'src/main/java/org/traccar/api/resource/SessionResource.java')
-rw-r--r-- | src/main/java/org/traccar/api/resource/SessionResource.java | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java index 3e738c15a..90f0ceade 100644 --- a/src/main/java/org/traccar/api/resource/SessionResource.java +++ b/src/main/java/org/traccar/api/resource/SessionResource.java @@ -16,6 +16,7 @@ package org.traccar.api.resource; import org.traccar.api.BaseResource; +import org.traccar.api.security.CodeRequiredException; import org.traccar.api.security.LoginService; import org.traccar.api.signature.TokenManager; import org.traccar.database.OpenIdProvider; @@ -108,7 +109,7 @@ public class SessionResource extends BaseResource { } } if (email != null && password != null) { - User user = loginService.login(email, password); + User user = loginService.login(email, password, null); if (user != null) { request.getSession().setAttribute(USER_ID_KEY, user.getId()); LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request)); @@ -142,8 +143,19 @@ public class SessionResource extends BaseResource { @PermitAll @POST public User add( - @FormParam("email") String email, @FormParam("password") String password) throws StorageException { - User user = loginService.login(email, password); + @FormParam("email") String email, + @FormParam("password") String password, + @FormParam("code") Integer code) throws StorageException { + User user; + try { + user = loginService.login(email, password, code); + } catch (CodeRequiredException e) { + Response response = Response + .status(Response.Status.UNAUTHORIZED) + .header("WWW-Authenticate", "TOTP") + .build(); + throw new WebApplicationException(response); + } if (user != null) { request.getSession().setAttribute(USER_ID_KEY, user.getId()); LogAction.login(user.getId(), WebHelper.retrieveRemoteAddress(request)); @@ -171,7 +183,7 @@ public class SessionResource extends BaseResource { @PermitAll @Path("openid/auth") @GET - public Response openIdAuth() throws IOException { + public Response openIdAuth() { return Response.seeOther(openIdProvider.createAuthUri()).build(); } |