forgejo/web_src/js/features/user-auth-u2f.js
silverwind a159c3175f
Add new JS linter rules (#17699)
* Add new JS linter rules

Adds a few useful rules from eslint-plugin-github. Notable changes:

- Forbid dataset usage, its camel-casing behaviour makes it hard to
  grep for attributes.
- Forbid .then() and .catch(), we should generally prefer await for new
  code. For rare cases where they are useful, a eslint-disable-line
  directive can be set.
- Add docs js to linting

* also enable github/array-foreach

* small tweak

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-22 16:19:01 +08:00

127 lines
3 KiB
JavaScript

/* eslint-disable github/no-then */
const {appSubUrl, csrfToken} = window.config;
export function initUserAuthU2fAuth() {
if ($('#wait-for-key').length === 0) {
return;
}
u2fApi.ensureSupport().then(() => {
$.getJSON(`${appSubUrl}/user/u2f/challenge`).done((req) => {
u2fApi.sign(req.appId, req.challenge, req.registeredKeys, 30)
.then(u2fSigned)
.catch((err) => {
if (err === undefined) {
u2fError(1);
return;
}
u2fError(err.metaData.code);
});
});
}).catch(() => {
// Fallback in case browser do not support U2F
window.location.href = `${appSubUrl}/user/two_factor`;
});
}
function u2fSigned(resp) {
$.ajax({
url: `${appSubUrl}/user/u2f/sign`,
type: 'POST',
headers: {'X-Csrf-Token': csrfToken},
data: JSON.stringify(resp),
contentType: 'application/json; charset=utf-8',
}).done((res) => {
window.location.replace(res);
}).fail(() => {
u2fError(1);
});
}
function u2fRegistered(resp) {
if (checkError(resp)) {
return;
}
$.ajax({
url: `${appSubUrl}/user/settings/security/u2f/register`,
type: 'POST',
headers: {'X-Csrf-Token': csrfToken},
data: JSON.stringify(resp),
contentType: 'application/json; charset=utf-8',
success() {
window.location.reload();
},
fail() {
u2fError(1);
}
});
}
function checkError(resp) {
if (!('errorCode' in resp)) {
return false;
}
if (resp.errorCode === 0) {
return false;
}
u2fError(resp.errorCode);
return true;
}
function u2fError(errorType) {
const u2fErrors = {
browser: $('#unsupported-browser'),
1: $('#u2f-error-1'),
2: $('#u2f-error-2'),
3: $('#u2f-error-3'),
4: $('#u2f-error-4'),
5: $('.u2f_error_5')
};
u2fErrors[errorType].removeClass('hide');
for (const type of Object.keys(u2fErrors)) {
if (type !== `${errorType}`) {
u2fErrors[type].addClass('hide');
}
}
$('#u2f-error').modal('show');
}
export function initUserAuthU2fRegister() {
$('#register-device').modal({allowMultiple: false});
$('#u2f-error').modal({allowMultiple: false});
$('#register-security-key').on('click', (e) => {
e.preventDefault();
u2fApi.ensureSupport()
.then(u2fRegisterRequest)
.catch(() => {
u2fError('browser');
});
});
}
function u2fRegisterRequest() {
$.post(`${appSubUrl}/user/settings/security/u2f/request_register`, {
_csrf: csrfToken,
name: $('#nickname').val()
}).done((req) => {
$('#nickname').closest('div.field').removeClass('error');
$('#register-device').modal('show');
if (req.registeredKeys === null) {
req.registeredKeys = [];
}
u2fApi.register(req.appId, req.registerRequests, req.registeredKeys, 30)
.then(u2fRegistered)
.catch((reason) => {
if (reason === undefined) {
u2fError(1);
return;
}
u2fError(reason.metaData.code);
});
}).fail((xhr) => {
if (xhr.status === 409) {
$('#nickname').closest('div.field').addClass('error');
}
});
}