external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

Attempt at a fix for #3344

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2021-12-13 16:29:18 -08:00
parent 22014f82b3
commit 40f052e027
1 changed files with 9 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

15
meshuser.js
View file

@ -4641,16 +4641,19 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
break;
}
case 'twoFactorCookie': {
// Do not allow this command when logged in using a login token
if (req.session.loginToken != null) break;
try {
// Do not allow this command when logged in using a login token
if (req.session.loginToken != null) break;
// Generate a two-factor cookie
if (((domain.twofactorcookiedurationdays == null) || (domain.twofactorcookiedurationdays > 0))) {
// Do not allows this command is 2FA cookie duration is set to zero
if (domain.twofactorcookiedurationdays === 0) break;
// Generate a two-factor cookie
var maxCookieAge = domain.twofactorcookiedurationdays;
if (typeof maxCookieAge != 'number') { maxCookieAge = 30; }
if ((typeof maxCookieAge != 'number') || (maxCookieAge < 1)) { maxCookieAge = 30; }
const twoFactorCookie = parent.parent.encodeCookie({ userid: user._id, expire: maxCookieAge * 24 * 60 /*, ip: req.clientIp*/ }, parent.parent.loginCookieEncryptionKey);
try { ws.send(JSON.stringify({ action: 'twoFactorCookie', cookie: twoFactorCookie })); } catch (ex) { }
}
} catch (ex) { console.log(ex); }
break;
}
case 'amtsetupbin': {