diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2025-04-07 16:14:41 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2025-04-07 16:14:41 +0200 |
| commit | 365b5753419238bb96bc3f9b744d380ff20cbafc (patch) | |
| tree | 6b8e8b605c4cddeb6e3bc0f574ffbc856657e56c /internal/api/client/user/user.go | |
| parent | [bugfix] Don't assume `"manuallyApprovesFollowers": true` if not set (#3978) (diff) | |
| download | gotosocial-365b5753419238bb96bc3f9b744d380ff20cbafc.tar.xz | |
[feature] add TOTP two-factor authentication (2FA) (#3960)
* [feature] add TOTP two-factor authentication (2FA)
* use byteutil.S2B to avoid allocations when comparing + generating password hashes
* don't bother with string conversion for consts
* use io.ReadFull
* use MustGenerateSecret for backup codes
* rename util functions
Diffstat (limited to 'internal/api/client/user/user.go')
| -rw-r--r-- | internal/api/client/user/user.go | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/internal/api/client/user/user.go b/internal/api/client/user/user.go index 6ad176a2e..7a95c5e33 100644 --- a/internal/api/client/user/user.go +++ b/internal/api/client/user/user.go @@ -25,12 +25,14 @@ import ( ) const ( - // BasePath is the base URI path for this module, minus the 'api' prefix - BasePath = "/v1/user" - // PasswordChangePath is the path for POSTing a password change request. - PasswordChangePath = BasePath + "/password_change" - // EmailChangePath is the path for POSTing an email address change request. - EmailChangePath = BasePath + "/email_change" + BasePath = "/v1/user" + PasswordChangePath = BasePath + "/password_change" + EmailChangePath = BasePath + "/email_change" + TwoFactorPath = BasePath + "/2fa" + TwoFactorQRCodePngPath = TwoFactorPath + "/qr.png" + TwoFactorQRCodeURIPath = TwoFactorPath + "/qruri" + TwoFactorEnablePath = TwoFactorPath + "/enable" + TwoFactorDisablePath = TwoFactorPath + "/disable" ) type Module struct { @@ -47,4 +49,8 @@ func (m *Module) Route(attachHandler func(method string, path string, f ...gin.H attachHandler(http.MethodGet, BasePath, m.UserGETHandler) attachHandler(http.MethodPost, PasswordChangePath, m.PasswordChangePOSTHandler) attachHandler(http.MethodPost, EmailChangePath, m.EmailChangePOSTHandler) + attachHandler(http.MethodGet, TwoFactorQRCodePngPath, m.TwoFactorQRCodePngGETHandler) + attachHandler(http.MethodGet, TwoFactorQRCodeURIPath, m.TwoFactorQRCodeURIGETHandler) + attachHandler(http.MethodPost, TwoFactorEnablePath, m.TwoFactorEnablePOSTHandler) + attachHandler(http.MethodPost, TwoFactorDisablePath, m.TwoFactorDisablePOSTHandler) } |