analytics/lib/plausible_web/two_factor/session.ex

defmodule PlausibleWeb.TwoFactor.Session do
  @moduledoc """
  Functions for managing session data related to Two-Factor
  Authentication.
  """

  import Plug.Conn

  alias Plausible.Auth

  @remember_2fa_cookie "remember_2fa"
  @remember_2fa_days 30
  @remember_2fa_seconds @remember_2fa_days * 24 * 60 * 60

  @session_2fa_cookie "session_2fa"
  @session_2fa_seconds 5 * 60

  @spec set_2fa_user(Plug.Conn.t(), Auth.User.t()) :: Plug.Conn.t()
  def set_2fa_user(conn, %Auth.User{} = user) do
    put_resp_cookie(conn, @session_2fa_cookie, %{current_2fa_user_id: user.id},
      domain: domain(),
      secure: secure_cookie?(),
      encrypt: true,
      max_age: @session_2fa_seconds,
      same_site: "Lax"
    )
  end

  @spec get_2fa_user(Plug.Conn.t()) :: {:ok, Auth.User.t()} | {:error, :not_found}
  def get_2fa_user(conn) do
    conn = fetch_cookies(conn, encrypted: [@session_2fa_cookie])
    session_2fa = conn.cookies[@session_2fa_cookie]

    with id when is_integer(id) <- session_2fa[:current_2fa_user_id],
         %Auth.User{} = user <- Plausible.Users.with_subscription(id) do
      {:ok, user}
    else
      _ -> {:error, :not_found}
    end
  end

  @spec clear_2fa_user(Plug.Conn.t()) :: Plug.Conn.t()
  def clear_2fa_user(conn) do
    delete_resp_cookie(conn, @session_2fa_cookie,
      domain: domain(),
      secure: secure_cookie?(),
      encrypt: true,
      max_age: @session_2fa_seconds,
      same_site: "Lax"
    )
  end

  @spec remember_2fa_days() :: non_neg_integer()
  def remember_2fa_days(), do: @remember_2fa_days

  @spec remember_2fa?(Plug.Conn.t(), Auth.User.t()) :: boolean()
  def remember_2fa?(conn, user) do
    conn = fetch_cookies(conn, encrypted: [@remember_2fa_cookie])

    not is_nil(user.totp_token) and conn.cookies[@remember_2fa_cookie] == user.totp_token
  end

  @spec maybe_set_remember_2fa(Plug.Conn.t(), Auth.User.t(), String.t() | nil) :: Plug.Conn.t()
  def maybe_set_remember_2fa(conn, user, "true") do
    put_resp_cookie(conn, @remember_2fa_cookie, user.totp_token,
      domain: domain(),
      secure: secure_cookie?(),
      encrypt: true,
      max_age: @remember_2fa_seconds,
      same_site: "Lax"
    )
  end

  def maybe_set_remember_2fa(conn, _, _) do
    clear_remember_2fa(conn)
  end

  @spec clear_remember_2fa(Plug.Conn.t()) :: Plug.Conn.t()
  def clear_remember_2fa(conn) do
    delete_resp_cookie(conn, @remember_2fa_cookie,
      domain: domain(),
      secure: secure_cookie?(),
      encrypt: true,
      max_age: @remember_2fa_seconds,
      same_site: "Lax"
    )
  end

  defp domain(), do: PlausibleWeb.Endpoint.host()

  defp secure_cookie?() do
    :plausible
    |> Application.fetch_env!(PlausibleWeb.Endpoint)
    |> Keyword.fetch!(:secure_cookie)
  end
end
Implement UI for 2FA setup and verification (#3541) * Add 2FA actions to `AuthController` * Hook up new `AuthController` actions to router * Add `qr_code` to project dependencies * Implement generic `qr_code` component rendering SVG QR code from text * Implement enabled and disabled 2FA setting state in user settings view * Implement view for initiating 2FA setup * Implement view for verifying 2FA setup * Implement view for rendering generated 2FA recovery codes * Implement view for verifying 2FA code * Implement view for verifying 2FA recovery code * Improve `input_with_clipboard` component * Improve view for initiating 2FA setup * Improve verify 2FA setup view * Implement `verify_2fa_input` component * Improve view for verifying 2FA setup * Improve view rendering generated 2FA recovery codes * Use `verify_2fa_input` component in verify 2FA view * Do not render PA contact on self-hosted instances * Improve flash message phrasing on generated recovery codes * Add byline with a warning to disable 2FA modal * Extract modal to component and move 2FA components to dedicated module * First pass on loading state for "generate new codes" * Adjust modal button logic * Fix button in verify_2fa_input component * Use button component in activate view * Implement wait states for recovery code related actions properly * Apply rate limiting to 2FA verification * Log failed 2FA code input attempts * Add ability to trust device and skip 2FA for 30 days * Improve styling in dark mode * Fix waiting state under Chrome and Safari * Delete trust cookie when disabling 2FA * Put 2FA behind a feature flag * Extract 2FA cookie deletion * ff fixup * Improve session management during 2FA login * Extract part of 2FA controller logic to a separate module and clean up a bit * Clear 2FA user session when rate limit hit * Add id to form in verify 2FA setup view * Add controller tests for 2FA actions and login action * Update CHANGELOG.md * Use `full_build?()` instead of `@is_selfhost` removed after rebase * Update `Auth.TOTP` moduledoc * Add TOTP token management and make `TOTP.enable` more test-friendly * Use TOTP token for device trust feature * Use zero-deps `eqrcode` instead of deps-heavy `qr_code` * Improve flash messages copy Co-authored-by: hq1 <hq@mtod.org> * Make one more copy improvement Co-authored-by: hq1 <hq@mtod.org> * Fix copy in remaining spots * Change redirect after login to accept URLs from #3560 (h/t @aerosol) * Add tests checking handling login_dest on login and 2FA verification * Fix regression in email activation form submit button behavior * Rename `PlausibleWeb.TwoFactor` -> `PlausibleWeb.TwoFactor.Session` * Move `qr_code` component under `Components.TwoFactor` * Set domain and secure options for new cookies --------- Co-authored-by: hq1 <hq@mtod.org> 2023-12-06 14:01:19 +03:00			`defmodule PlausibleWeb.TwoFactor.Session do`
			`@moduledoc """`
			`Functions for managing session data related to Two-Factor`
			`Authentication.`
			`"""`

			`import Plug.Conn`

			`alias Plausible.Auth`

			`@remember_2fa_cookie "remember_2fa"`
			`@remember_2fa_days 30`
			`@remember_2fa_seconds @remember_2fa_days * 24 * 60 * 60`

			`@session_2fa_cookie "session_2fa"`
			`@session_2fa_seconds 5 * 60`

			`@spec set_2fa_user(Plug.Conn.t(), Auth.User.t()) :: Plug.Conn.t()`
			`def set_2fa_user(conn, %Auth.User{} = user) do`
			`put_resp_cookie(conn, @session_2fa_cookie, %{current_2fa_user_id: user.id},`
			`domain: domain(),`
			`secure: secure_cookie?(),`
			`encrypt: true,`
			`max_age: @session_2fa_seconds,`
			`same_site: "Lax"`
			`)`
			`end`

			`@spec get_2fa_user(Plug.Conn.t()) :: {:ok, Auth.User.t()} \| {:error, :not_found}`
			`def get_2fa_user(conn) do`
			`conn = fetch_cookies(conn, encrypted: [@session_2fa_cookie])`
			`session_2fa = conn.cookies[@session_2fa_cookie]`

			`with id when is_integer(id) <- session_2fa[:current_2fa_user_id],`
			`%Auth.User{} = user <- Plausible.Users.with_subscription(id) do`
			`{:ok, user}`
			`else`
			`_ -> {:error, :not_found}`
			`end`
			`end`

			`@spec clear_2fa_user(Plug.Conn.t()) :: Plug.Conn.t()`
			`def clear_2fa_user(conn) do`
			`delete_resp_cookie(conn, @session_2fa_cookie,`
			`domain: domain(),`
			`secure: secure_cookie?(),`
			`encrypt: true,`
			`max_age: @session_2fa_seconds,`
			`same_site: "Lax"`
			`)`
			`end`

			`@spec remember_2fa_days() :: non_neg_integer()`
			`def remember_2fa_days(), do: @remember_2fa_days`

			`@spec remember_2fa?(Plug.Conn.t(), Auth.User.t()) :: boolean()`
			`def remember_2fa?(conn, user) do`
			`conn = fetch_cookies(conn, encrypted: [@remember_2fa_cookie])`

			`not is_nil(user.totp_token) and conn.cookies[@remember_2fa_cookie] == user.totp_token`
			`end`

			`@spec maybe_set_remember_2fa(Plug.Conn.t(), Auth.User.t(), String.t() \| nil) :: Plug.Conn.t()`
			`def maybe_set_remember_2fa(conn, user, "true") do`
			`put_resp_cookie(conn, @remember_2fa_cookie, user.totp_token,`
			`domain: domain(),`
			`secure: secure_cookie?(),`
			`encrypt: true,`
			`max_age: @remember_2fa_seconds,`
			`same_site: "Lax"`
			`)`
			`end`

			`def maybe_set_remember_2fa(conn, _, _) do`
			`clear_remember_2fa(conn)`
			`end`

			`@spec clear_remember_2fa(Plug.Conn.t()) :: Plug.Conn.t()`
			`def clear_remember_2fa(conn) do`
			`delete_resp_cookie(conn, @remember_2fa_cookie,`
			`domain: domain(),`
			`secure: secure_cookie?(),`
			`encrypt: true,`
			`max_age: @remember_2fa_seconds,`
			`same_site: "Lax"`
			`)`
			`end`

			`defp domain(), do: PlausibleWeb.Endpoint.host()`

			`defp secure_cookie?() do`
			`:plausible`
			`\|> Application.fetch_env!(PlausibleWeb.Endpoint)`
			`\|> Keyword.fetch!(:secure_cookie)`
			`end`
			`end`