mirror of
https://github.com/quexten/goldwarden.git
synced 2024-12-25 04:14:02 +03:00
Make passwordless auth only act on notification click
This commit is contained in:
parent
01fe7b7ff4
commit
6f10836300
@ -12,6 +12,7 @@ import (
|
|||||||
"github.com/gorilla/websocket"
|
"github.com/gorilla/websocket"
|
||||||
"github.com/quexten/goldwarden/agent/bitwarden/models"
|
"github.com/quexten/goldwarden/agent/bitwarden/models"
|
||||||
"github.com/quexten/goldwarden/agent/config"
|
"github.com/quexten/goldwarden/agent/config"
|
||||||
|
"github.com/quexten/goldwarden/agent/notify"
|
||||||
"github.com/quexten/goldwarden/agent/systemauth/biometrics"
|
"github.com/quexten/goldwarden/agent/systemauth/biometrics"
|
||||||
"github.com/quexten/goldwarden/agent/systemauth/pinentry"
|
"github.com/quexten/goldwarden/agent/systemauth/pinentry"
|
||||||
"github.com/quexten/goldwarden/agent/vault"
|
"github.com/quexten/goldwarden/agent/vault"
|
||||||
@ -200,20 +201,23 @@ func connectToWebsocket(ctx context.Context, vault *vault.Vault, cfg *config.Con
|
|||||||
}
|
}
|
||||||
websocketLog.Info("AuthRequest details " + authRequest.RequestIpAddress + " " + authRequest.RequestDeviceType)
|
websocketLog.Info("AuthRequest details " + authRequest.RequestIpAddress + " " + authRequest.RequestDeviceType)
|
||||||
|
|
||||||
|
notify.Notify("Passwordless Login Request", authRequest.RequestIpAddress+" - "+authRequest.RequestDeviceType, "", 0, func() {
|
||||||
var message = "Do you want to allow " + authRequest.RequestIpAddress + " (" + authRequest.RequestDeviceType + ") to login to your account?"
|
var message = "Do you want to allow " + authRequest.RequestIpAddress + " (" + authRequest.RequestDeviceType + ") to login to your account?"
|
||||||
if approved, err := pinentry.GetApproval("Paswordless Login Request", message); err != nil || !approved {
|
if approved, err := pinentry.GetApproval("Paswordless Login Request", message); err != nil || !approved {
|
||||||
websocketLog.Info("AuthRequest denied")
|
websocketLog.Info("AuthRequest denied")
|
||||||
break
|
return
|
||||||
}
|
}
|
||||||
if !biometrics.CheckBiometrics(biometrics.AccessVault) {
|
if !biometrics.CheckBiometrics(biometrics.AccessVault) {
|
||||||
websocketLog.Info("AuthRequest denied - biometrics required")
|
websocketLog.Info("AuthRequest denied - biometrics required")
|
||||||
break
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
_, err = CreateAuthResponse(context.WithValue(ctx, AuthToken{}, token.AccessToken), authRequest, vault.Keyring, cfg)
|
_, err = CreateAuthResponse(context.WithValue(ctx, AuthToken{}, token.AccessToken), authRequest, vault.Keyring, cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
websocketLog.Error("Error creating auth response %s", err)
|
websocketLog.Error("Error creating auth response %s", err)
|
||||||
}
|
}
|
||||||
|
})
|
||||||
|
|
||||||
break
|
break
|
||||||
case AuthRequestResponse:
|
case AuthRequestResponse:
|
||||||
websocketLog.Info("AuthRequestResponse received")
|
websocketLog.Info("AuthRequestResponse received")
|
||||||
|
Loading…
Reference in New Issue
Block a user