Refact, verification login with secret (rustdesk#6943)

fufesou · web-flow · commit a42df9a27b92 · 2024-01-22T11:14:28.000+08:00
Signed-off-by: fufesou &lt;shuanglongchen@yeah.net&gt;
diff --git a/flutter/lib/common/hbbs/hbbs.dart b/flutter/lib/common/hbbs/hbbs.dart
@@ -121,6 +121,7 @@ class LoginRequest {
   String? type;
   String? verificationCode;
   String? tfaCode;
+  String? secret;
 
   LoginRequest(
       {this.username,
@@ -130,7 +131,8 @@ class LoginRequest {
       this.autoLogin,
       this.type,
       this.verificationCode,
-      this.tfaCode});
+      this.tfaCode,
+      this.secret});
 
   Map<String, dynamic> toJson() {
     final Map<String, dynamic> data = <String, dynamic>{};
@@ -144,6 +146,7 @@ class LoginRequest {
       data['verificationCode'] = verificationCode;
     }
     if (tfaCode != null) data['tfaCode'] = tfaCode;
+    if (secret != null) data['secret'] = secret;
 
     Map<String, dynamic> deviceInfo = {};
     try {
@@ -160,14 +163,17 @@ class LoginResponse {
   String? access_token;
   String? type;
   String? tfa_type;
+  String? secret;
   UserPayload? user;
 
-  LoginResponse({this.access_token, this.type, this.tfa_type, this.user});
+  LoginResponse(
+      {this.access_token, this.type, this.tfa_type, this.secret, this.user});
 
   LoginResponse.fromJson(Map<String, dynamic> json) {
     access_token = json['access_token'];
     type = json['type'];
     tfa_type = json['tfa_type'];
+    secret = json['secret'];
     user = json['user'] != null ? UserPayload.fromJson(json['user']) : null;
   }
 }
diff --git a/flutter/lib/common/widgets/login.dart b/flutter/lib/common/widgets/login.dart
@@ -390,8 +390,7 @@ class LoginWidgetUserPass extends StatelessWidget {
 
 const kAuthReqTypeOidc = 'oidc/';
 
-/// common login dialog for desktop
-/// call this directly
+// call this directly
 Future<bool?> loginDialog() async {
   var username =
       TextEditingController(text: UserModel.getLocalUserInfo()?['name'] ?? '');
@@ -457,11 +456,12 @@ Future<bool?> loginDialog() async {
           if (isEmailVerification != null) {
             if (isMobile) {
               if (close != null) close(false);
-              verificationCodeDialog(resp.user, isEmailVerification);
+              verificationCodeDialog(
+                  resp.user, resp.secret, isEmailVerification);
             } else {
               setState(() => isInProgress = false);
-              final res =
-                  await verificationCodeDialog(resp.user, isEmailVerification);
+              final res = await verificationCodeDialog(
+                  resp.user, resp.secret, isEmailVerification);
               if (res == true) {
                 if (close != null) close(false);
                 return;
@@ -611,7 +611,7 @@ Future<bool?> loginDialog() async {
 }
 
 Future<bool?> verificationCodeDialog(
-    UserPayload? user, bool isEmailVerification) async {
+    UserPayload? user, String? secret, bool isEmailVerification) async {
   var autoLogin = true;
   var isInProgress = false;
   String? errorText;
@@ -626,6 +626,7 @@ Future<bool?> verificationCodeDialog(
         final resp = await gFFI.userModel.login(LoginRequest(
             verificationCode: code.text,
             tfaCode: isEmailVerification ? null : code.text,
+            secret: secret,
             username: user?.name,
             id: await bind.mainGetMyId(),
             uuid: await bind.mainGetUuid(),
diff --git a/src/hbbs_http/account.rs b/src/hbbs_http/account.rs
@@ -97,6 +97,8 @@ pub struct AuthBody {
     pub r#type: String,
     #[serde(default)]
     pub tfa_type: String,
+    #[serde(default)]
+    pub secret: String,
     pub user: UserPayload,
 }
 
diff --git a/src/ui/index.tis b/src/ui/index.tis
@@ -1242,9 +1242,10 @@ function login() {
 }
 
 function on_2fa_check(last_msg) {
-    var isEmailCheck = !last_msg.tfa_type || last_msg.tfa_type == 'email_check';
+    const isEmailCheck = !last_msg.tfa_type || last_msg.tfa_type == 'email_check';
+    const secret = last_msg.secret;
+    const emailHint = last_msg.user.email;
 
-    var emailHint = last_msg.user.email;
     msgbox("custom-2fa-verification-code", translate('Verification code'), <div .form .set-password> 
             { isEmailCheck && <div><span>{translate('Email')}:</span><span>{emailHint}</span></div> }
             <div><span>{translate(isEmailCheck ? 'Verification code' : '2FA code')}:</span><input|text name="verification_code" .outline-focus /></div> 
@@ -1260,7 +1261,16 @@ function on_2fa_check(last_msg) {
             }
             abLoading = true;
             var url = handler.get_api_server();
-            const loginData = {username: last_msg.user.name, id: my_id, uuid: handler.get_uuid(), type: 'email_code', verificationCode: code, tfaCode: isEmailCheck ? '' : code, deviceInfo: getDeviceInfo()};
+            const loginData = {
+                username: last_msg.user.name,
+                id: my_id,
+                uuid: handler.get_uuid(),
+                type: 'email_code',
+                verificationCode: code,
+                tfaCode: isEmailCheck ? '' : code,
+                secret: secret,
+                deviceInfo: getDeviceInfo()
+            };
             httpRequest(url + "/api/login", #post, loginData, 
                 function(data) {
                     if (data.error) {

Original file line number	Diff line number	Diff line change
`@@ -97,6 +97,8 @@ pub struct AuthBody {`
`97`	`97`	`pub r#type: String,`
`98`	`98`	`#[serde(default)]`
`99`	`99`	`pub tfa_type: String,`
	`100`	`+ #[serde(default)]`
	`101`	`+ pub secret: String,`
`100`	`102`	`pub user: UserPayload,`
`101`	`103`	`}`
`102`	`104`