From 0627b12672fadcfa79da2b3fd3d53b0d2cb29e20 Mon Sep 17 00:00:00 2001 From: "vluk@2fi-solutions.com.hk" Date: Thu, 1 Jan 2026 23:34:35 +0800 Subject: [PATCH] no message --- .../config/security/SecurityConfig.java | 2 ++ .../lioner/web/TwoFactorController.java | 25 ++++++++++++++++++- .../modules/user/req/NewLionerUserReq.java | 13 +++++++++- .../modules/user/req/UpdateUserReq.java | 11 ++++++++ .../modules/user/service/UserService.java | 1 + .../modules/user/service/pojo/UserRecord.java | 7 ++++++ 6 files changed, 57 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/ffii/lioner/config/security/SecurityConfig.java b/src/main/java/com/ffii/lioner/config/security/SecurityConfig.java index 8164ede..a0a85be 100644 --- a/src/main/java/com/ffii/lioner/config/security/SecurityConfig.java +++ b/src/main/java/com/ffii/lioner/config/security/SecurityConfig.java @@ -35,6 +35,7 @@ public class SecurityConfig { public static final String REFRESH_TOKEN_URL = "/refresh-token"; public static final String VERIFY_LOGIN = "/api/2fa/verify-login"; public static final String VERIFY_LOGIN2 = "/2fa/verify-login"; + public static final String STATUS_2FA = "/api/2fa/status"; private static final String[] URL_WHITELIST = { INDEX_URL, @@ -42,6 +43,7 @@ public class SecurityConfig { REFRESH_TOKEN_URL, VERIFY_LOGIN, VERIFY_LOGIN2, + STATUS_2FA, }; @Lazy diff --git a/src/main/java/com/ffii/lioner/modules/lioner/web/TwoFactorController.java b/src/main/java/com/ffii/lioner/modules/lioner/web/TwoFactorController.java index 2d47aa9..900ba48 100644 --- a/src/main/java/com/ffii/lioner/modules/lioner/web/TwoFactorController.java +++ b/src/main/java/com/ffii/lioner/modules/lioner/web/TwoFactorController.java @@ -3,13 +3,14 @@ package com.ffii.lioner.modules.lioner.web; import dev.samstevens.totp.code.CodeVerifier; import dev.samstevens.totp.qr.QrData; import dev.samstevens.totp.secret.SecretGenerator; - +import jakarta.annotation.security.PermitAll; import lombok.RequiredArgsConstructor; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.security.core.Authentication; import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -99,6 +100,28 @@ public class TwoFactorController { abilities.add(auth.get("authority").toString()) ); + System.out.println("Validating code: " + code + " for user: " + username); + System.out.println("Secret: " + user.getTwoFactorSecret()); + boolean valid = codeVerifier.isValidCode(user.getTwoFactorSecret(), code); + System.out.println("Validation result: " + valid); + return ResponseEntity.ok(new JwtResponse(accessToken, refreshToken, null, user, abilities)); } + + @GetMapping("/status") + public ResponseEntity> get2FAStatus(Authentication authentication) { + User user = userService.getCurrentUser(authentication); + return ResponseEntity.ok(Map.of("enabled", user.isTwoFactorEnabled())); + } + + @PostMapping("/disable") + public ResponseEntity> disable2FA(Authentication authentication) { + User user = userService.getCurrentUser(authentication); + + user.setTwoFactorSecret(null); + user.setTwoFactorEnabled(false); + userService.save(user); + + return ResponseEntity.ok(Map.of("message", "2FA disabled successfully")); + } } \ No newline at end of file diff --git a/src/main/java/com/ffii/lioner/modules/user/req/NewLionerUserReq.java b/src/main/java/com/ffii/lioner/modules/user/req/NewLionerUserReq.java index 15e08e9..bdaf08e 100644 --- a/src/main/java/com/ffii/lioner/modules/user/req/NewLionerUserReq.java +++ b/src/main/java/com/ffii/lioner/modules/user/req/NewLionerUserReq.java @@ -17,6 +17,9 @@ public class NewLionerUserReq { @NotNull private Boolean locked; + @NotNull + private Boolean twoFactorEnabled; + @Size(max = 30) @NotBlank @Pattern(regexp = "^[A-Za-z0-9]+$") @@ -71,7 +74,15 @@ public class NewLionerUserReq { this.locked = locked; } - public LocalDate getExpiryDate() { + public Boolean getTwoFactorEnabled() { + return twoFactorEnabled; + } + + public void setTwoFactorEnabled(Boolean twoFactorEnabled) { + this.twoFactorEnabled = twoFactorEnabled; + } + + public LocalDate getExpiryDate() { return expiryDate; } diff --git a/src/main/java/com/ffii/lioner/modules/user/req/UpdateUserReq.java b/src/main/java/com/ffii/lioner/modules/user/req/UpdateUserReq.java index 2ccd5b0..3c5857d 100644 --- a/src/main/java/com/ffii/lioner/modules/user/req/UpdateUserReq.java +++ b/src/main/java/com/ffii/lioner/modules/user/req/UpdateUserReq.java @@ -14,6 +14,9 @@ public class UpdateUserReq { @NotNull private Boolean locked; + @NotNull + private Boolean twoFactorEnabled; + @Size(max = 90) @NotBlank private String name; @@ -157,4 +160,12 @@ public class UpdateUserReq { this.department = department; } + public Boolean getTwoFactorEnabled() { + return twoFactorEnabled; + } + + public void setTwoFactorEnabled(Boolean twoFactorEnabled) { + this.twoFactorEnabled = twoFactorEnabled; + } + } diff --git a/src/main/java/com/ffii/lioner/modules/user/service/UserService.java b/src/main/java/com/ffii/lioner/modules/user/service/UserService.java index 022a917..faf2ef6 100644 --- a/src/main/java/com/ffii/lioner/modules/user/service/UserService.java +++ b/src/main/java/com/ffii/lioner/modules/user/service/UserService.java @@ -200,6 +200,7 @@ public class UserService extends AbstractBaseEntityService