Notes/apps/server/src/services/totp.ts

import { Totp, generateSecret } from 'time2fa';
import options from './options.js';
import totpEncryptionService from './encryption/totp_encryption.js';

function isTotpEnabled(): boolean {
    return options.getOptionOrNull('mfaEnabled') === "true" &&
        options.getOptionOrNull('mfaMethod') === "totp" &&
        totpEncryptionService.isTotpSecretSet();
}

function createSecret(): { success: boolean; message?: string } {
    try {
        const secret = generateSecret();

        totpEncryptionService.setTotpSecret(secret);

        return {
            success: true,
            message: secret
        };
    } catch (e) {
        console.error('Failed to create TOTP secret:', e);
        return {
            success: false,
            message: e instanceof Error ? e.message : 'Unknown error occurred'
        };
    }
}

function getTotpSecret(): string | null {
    return totpEncryptionService.getTotpSecret();
}

function checkForTotpSecret(): boolean {
    return totpEncryptionService.isTotpSecretSet();
}

function validateTOTP(submittedPasscode: string): boolean {
    const secret = getTotpSecret();
    if (!secret) return false;

    try {
        return Totp.validate({
            passcode: submittedPasscode,
            secret: secret.trim()
        });
    } catch (e) {
        console.error('Failed to validate TOTP:', e);
        return false;
    }
}

function resetTotp(): void {
    totpEncryptionService.resetTotpSecret();
    options.setOption('mfaEnabled', 'false');
    options.setOption('mfaMethod', '');
}

export default {
    isTotpEnabled,
    createSecret,
    getTotpSecret,
    checkForTotpSecret,
    validateTOTP,
    resetTotp
};
feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`import { Totp, generateSecret } from 'time2fa';`
			`import options from './options.js';`
			`import totpEncryptionService from './encryption/totp_encryption.js';`
Ported from branch OIDC 2024-09-07 10:21:41 -07:00
feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`function isTotpEnabled(): boolean {`
fix: 🐛 fix mfa get option error 2025-04-02 23:13:59 +02:00			`return options.getOptionOrNull('mfaEnabled') === "true" &&`
			`options.getOptionOrNull('mfaMethod') === "totp" &&`
fix: 🐛 fix login error 2025-03-28 04:01:18 +01:00			`totpEncryptionService.isTotpSecretSet();`
feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`}`

			`function createSecret(): { success: boolean; message?: string } {`
			`try {`
			`const secret = generateSecret();`

			`totpEncryptionService.setTotpSecret(secret);`
Ported from branch OIDC 2024-09-07 10:21:41 -07:00
feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`return {`
			`success: true,`
			`message: secret`
			`};`
			`} catch (e) {`
			`console.error('Failed to create TOTP secret:', e);`
			`return {`
			`success: false,`
			`message: e instanceof Error ? e.message : 'Unknown error occurred'`
			`};`
TOTP working 2024-09-07 11:41:54 -07:00			`}`
			`}`

feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`function getTotpSecret(): string \| null {`
			`return totpEncryptionService.getTotpSecret();`
Ported from branch OIDC 2024-09-07 10:21:41 -07:00			`}`

feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`function checkForTotpSecret(): boolean {`
			`return totpEncryptionService.isTotpSecretSet();`
Ported from branch OIDC 2024-09-07 10:21:41 -07:00			`}`

feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`function validateTOTP(submittedPasscode: string): boolean {`
			`const secret = getTotpSecret();`
			`if (!secret) return false;`
Ported from branch OIDC 2024-09-07 10:21:41 -07:00
			`try {`
feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`return Totp.validate({`
feat: 🎸 Fix TOTP not load correctly 2025-03-26 00:42:19 +01:00			`passcode: submittedPasscode,`
feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`secret: secret.trim()`
Ported from branch OIDC 2024-09-07 10:21:41 -07:00			`});`
			`} catch (e) {`
feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`console.error('Failed to validate TOTP:', e);`
Ported from branch OIDC 2024-09-07 10:21:41 -07:00			`return false;`
			`}`
			`}`

feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`function resetTotp(): void {`
			`totpEncryptionService.resetTotpSecret();`
			`options.setOption('mfaEnabled', 'false');`
			`options.setOption('mfaMethod', '');`
			`}`

Ported from branch OIDC 2024-09-07 10:21:41 -07:00			`export default {`
TOTP working 2024-09-07 11:41:54 -07:00			`isTotpEnabled,`
feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`createSecret,`
feat: 🎸 Fix app start error with MFA configs 2025-03-25 23:14:25 +01:00			`getTotpSecret,`
feat: 🎸 move totp services to encryption logic 2025-03-28 02:15:25 +01:00			`checkForTotpSecret,`
			`validateTOTP,`
			`resetTotp`
			`};`