diff --git a/ghost/core/core/server/api/endpoints/session.js b/ghost/core/core/server/api/endpoints/session.js index 2e2635b0eb..01602e63ed 100644 --- a/ghost/core/core/server/api/endpoints/session.js +++ b/ghost/core/core/server/api/endpoints/session.js @@ -64,6 +64,11 @@ const controller = { return Promise.resolve(function logoutSessionMw(req, res, next) { auth.session.logout(req, res, next); }); + }, + verify(frame) { + return Promise.resolve(function sendAuthCodeMw(req, res, next) { + auth.session.sendAuthCode(req, res, next); + }); } }; diff --git a/ghost/core/core/server/services/auth/session/middleware.js b/ghost/core/core/server/services/auth/session/middleware.js index 5d58040ea9..7c1250eb2a 100644 --- a/ghost/core/core/server/services/auth/session/middleware.js +++ b/ghost/core/core/server/services/auth/session/middleware.js @@ -31,10 +31,20 @@ function SessionMiddleware({sessionService}) { } } + async function sendAuthCode(req, res, next) { + try { + await sessionService.sendAuthCodeToUser(req, res); + res.sendStatus(201); + } catch (err) { + next(err); + } + } + return { createSession: createSession, logout: logout, - authenticate: authenticate + authenticate: authenticate, + sendAuthCode: sendAuthCode }; } diff --git a/ghost/core/core/server/web/api/endpoints/admin/routes.js b/ghost/core/core/server/web/api/endpoints/admin/routes.js index 3ea39dbb7f..dfe35051c8 100644 --- a/ghost/core/core/server/web/api/endpoints/admin/routes.js +++ b/ghost/core/core/server/web/api/endpoints/admin/routes.js @@ -243,6 +243,8 @@ module.exports = function apiRoutes() { http(api.session.add) ); router.del('/session', mw.authAdminApi, http(api.session.delete)); + // resending verification code for 2FA + router.post('/session/verify', mw.authAdminApi, http(api.session.verify)); // ## Identity router.get('/identities', mw.authAdminApi, http(api.identities.read)); diff --git a/ghost/session-service/lib/session-service.js b/ghost/session-service/lib/session-service.js index e581e5c422..0c5d7d8c21 100644 --- a/ghost/session-service/lib/session-service.js +++ b/ghost/session-service/lib/session-service.js @@ -28,6 +28,9 @@ const { * @prop {(req: Req, res: Res) => Promise} removeUserForSession * @prop {(req: Req, res: Res, user: User) => Promise} createSessionForUser * @prop {(req: Req, res: Res) => Promise} verifySession + * @prop {(req: Req, res: Res) => Promise} sendAuthCodeToUser + * @prop {(req: Req, res: Res) => string} generateAuthCodeForUser + * @prop {(req: Req, res: Res) => Promise} verifyAuthCodeForUser */ /** @@ -86,6 +89,42 @@ module.exports = function createSessionService({getSession, findUserById, getOri session.ip = req.ip; } + /** + * generateAuthCodeForUser + * + * @param {Req} req + * @param {Res} res + * @returns {string} + */ + async function generateAuthCodeForUser(req, res) { + return '123456'; + + } + + /** + * verifyAuthCodeForUser + * + * @param {Req} req + * @param {Res} res + * @returns {Promise} + */ + async function verifyAuthCodeForUser(req, res) { + + + } + + /** + * sendAuthCodeToUser + * + * @param {Req} req + * @param {Res} res + * @returns {Promise} + */ + async function sendAuthCodeToUser(req, res) { + generateAuthCodeForUser(); + // send auth code to user + } + /** * verifySession * @@ -145,6 +184,8 @@ module.exports = function createSessionService({getSession, findUserById, getOri getUserForSession, createSessionForUser, removeUserForSession, - verifySession + verifySession, + sendAuthCodeToUser, + verifyAuthCodeForUser }; };