Support MFA recovery tokens

2020-05-30 17:21:47 -05:00
parent a1a70e0548
commit 8680242349
25 changed files with 393 additions and 10 deletions
--- a/app/routing/routers/api/v1/auth.routes.js
+++ b/app/routing/routers/api/v1/auth.routes.js
@@ -41,6 +41,11 @@ const auth_routes = {
            ['middleware::api:Permission', { check: 'v1:auth:groups:get' }],
            'controller::api:v1:Auth.get_group',
        ],
+        '/mfa/recovery': [
+            'middleware::auth:APIRoute',
+            ['middleware::api:Permission', { check: 'v1:auth:mfa:recovery:get' }],
+            'controller::api:v1:Auth.get_mfa_recovery',
+        ],
    },

    post: {
@@ -70,6 +75,11 @@ const auth_routes = {
            'controller::api:v1:Auth.attempt_mfa'
        ],

+        '/mfa/recovery/attempt': [
+            'middleware::auth:UserOnly',
+            'controller::api:v1:Auth.attempt_mfa_recovery'
+        ],
+
        '/mfa/enable': [
            'middleware::auth:UserOnly',
            ['middleware::auth:RequireTrust', { scope: 'mfa.enable', deplete: true }],
@@ -99,6 +109,11 @@ const auth_routes = {
            'middleware::auth:GuestOnly',
            'controller::api:v1:Auth.registration',
        ],
+        '/mfa/recovery': [
+            'middleware::auth:APIRoute',
+            ['middleware::api:Permission', { check: 'v1:auth:mfa:recovery:create' }],
+            'controller::api:v1:Auth.generate_mfa_recovery',
+        ],
    },

    patch: {