From 365b5753419238bb96bc3f9b744d380ff20cbafc Mon Sep 17 00:00:00 2001 From: tobi <31960611+tsmethurst@users.noreply.github.com> Date: Mon, 7 Apr 2025 16:14:41 +0200 Subject: [feature] add TOTP two-factor authentication (2FA) (#3960) * [feature] add TOTP two-factor authentication (2FA) * use byteutil.S2B to avoid allocations when comparing + generating password hashes * don't bother with string conversion for consts * use io.ReadFull * use MustGenerateSecret for backup codes * rename util functions --- internal/api/auth.go | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'internal/api/auth.go') diff --git a/internal/api/auth.go b/internal/api/auth.go index 8d7808a3a..ec36d95d1 100644 --- a/internal/api/auth.go +++ b/internal/api/auth.go @@ -20,12 +20,12 @@ package api import ( "github.com/gin-gonic/gin" "github.com/superseriousbusiness/gotosocial/internal/api/auth" - "github.com/superseriousbusiness/gotosocial/internal/db" "github.com/superseriousbusiness/gotosocial/internal/gtsmodel" "github.com/superseriousbusiness/gotosocial/internal/middleware" "github.com/superseriousbusiness/gotosocial/internal/oidc" "github.com/superseriousbusiness/gotosocial/internal/processing" "github.com/superseriousbusiness/gotosocial/internal/router" + "github.com/superseriousbusiness/gotosocial/internal/state" ) type Auth struct { @@ -55,13 +55,19 @@ func (a *Auth) Route(r *router.Router, m ...gin.HandlerFunc) { oauthGroup.Use(ccMiddleware, sessionMiddleware) a.auth.RouteAuth(authGroup.Handle) - a.auth.RouteOauth(oauthGroup.Handle) + a.auth.RouteOAuth(oauthGroup.Handle) } -func NewAuth(db db.DB, p *processing.Processor, idp oidc.IDP, routerSession *gtsmodel.RouterSession, sessionName string) *Auth { +func NewAuth( + state *state.State, + p *processing.Processor, + idp oidc.IDP, + routerSession *gtsmodel.RouterSession, + sessionName string, +) *Auth { return &Auth{ routerSession: routerSession, sessionName: sessionName, - auth: auth.New(db, p, idp), + auth: auth.New(state, p, idp), } } -- cgit v1.2.3