Ehrenamt/ff-admin
2
0
Fork 0
Code Issues 13 Pull requests Projects Releases 30 Packages Wiki Activity Actions

fix: allow admin user creation on setup with pw or totp

Browse source
This commit is contained in:
Julian Krauser 2025-07-24 07:53:31 +02:00
parent c4cc68fb78
commit d057512514
1 changed files with 83 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

91
src/views/setup/Verify.vue
View file

@ -15,15 +15,61 @@
<RouterLink to="/setup" class="text-primary">Zum Einrichtungsstart</RouterLink> <RouterLink to="/setup" class="text-primary">Zum Einrichtungsstart</RouterLink>
</div> </div>
<form v-else class="flex flex-col gap-2" @submit.prevent="setup"> <form v-else class="flex flex-col gap-2" @submit.prevent="setup">
<img :src="image" alt="totp" class="w-56 h-56 self-center" /> <div class="w-full flex flex-row gap-2 justify-center">
<p
class="w-1/2 p-0.5 pl-0 rounded-lg py-2.5 text-sm text-center font-medium leading-5 outline-hidden cursor-pointer"
:class="
tab == 'totp' ? 'bg-red-200 shadow-sm border-b-2 border-primary rounded-b-none' : ' hover:bg-red-200'
"
@click="tab = 'totp'"
>
TOTP
</p>
<p
class="w-1/2 p-0.5 rounded-lg py-2.5 text-sm text-center font-medium leading-5 outline-hidden cursor-pointer"
:class="
tab == 'password' ? 'bg-red-200 shadow-sm border-b-2 border-primary rounded-b-none' : 'hover:bg-red-200'
"
@click="tab = 'password'"
>
Passwort
</p>
</div>
<p class="text-center">Dein Nutzername: {{ username }}</p>
<div v-if="tab == 'totp'" class="flex flex-col gap-2">
<img :src="image" alt="totp" class="w-56 h-56 self-center" />
<TextCopy :copyText="otp" /> <TextCopy :copyText="otp" />
<div class="-space-y-px"> <div class="-space-y-px">
<div> <div>
<input id="totp" name="totp" type="text" required placeholder="TOTP" /> <input id="totp" name="totp" type="text" required placeholder="TOTP" />
</div>
</div> </div>
</div> </div>
<div v-else>
<input
id="password"
name="password"
type="password"
required
placeholder="Passwort"
class="rounded-b-none!"
autocomplete="new-password"
:class="notMatching ? 'border-red-600!' : ''"
/>
<input
id="password_rep"
name="password_rep"
type="password"
required
placeholder="Passwort wiederholen"
class="rounded-t-none!"
autocomplete="new-password"
:class="notMatching ? 'border-red-600!' : ''"
/>
<p v-if="notMatching">Passwörter stimmen nicht überein</p>
</div>
<div class="flex flex-row gap-2"> <div class="flex flex-row gap-2">
<button type="submit" primary :disabled="setupStatus == 'loading' || setupStatus == 'success'"> <button type="submit" primary :disabled="setupStatus == 'loading' || setupStatus == 'success'">
@ -51,6 +97,7 @@ import { RouterLink } from "vue-router";
import FormBottomBar from "@/components/FormBottomBar.vue"; import FormBottomBar from "@/components/FormBottomBar.vue";
import TextCopy from "@/components/TextCopy.vue"; import TextCopy from "@/components/TextCopy.vue";
import AppLogo from "@/components/AppLogo.vue"; import AppLogo from "@/components/AppLogo.vue";
import { hashString } from "@/helpers/crypto";
</script> </script>
<script lang="ts"> <script lang="ts">
@ -61,11 +108,14 @@ export default defineComponent({
}, },
data() { data() {
return { return {
tab: "totp",
verification: "loading" as "success" | "loading" | "failed", verification: "loading" as "success" | "loading" | "failed",
image: undefined as undefined | string, image: undefined as undefined | string,
otp: undefined as undefined | string, otp: undefined as undefined | string,
username: "" as string,
setupStatus: undefined as undefined | "loading" | "success" | "failed", setupStatus: undefined as undefined | "loading" | "success" | "failed",
setupError: "" as string, setupError: "" as string,
notMatching: false as boolean,
}; };
}, },
mounted() { mounted() {
@ -79,6 +129,7 @@ export default defineComponent({
this.verification = "success"; this.verification = "success";
this.image = result.data.dataUrl; this.image = result.data.dataUrl;
this.otp = result.data.otp; this.otp = result.data.otp;
this.username = result.data.username;
}, 1000); }, 1000);
}) })
.catch((err) => { .catch((err) => {
@ -88,15 +139,21 @@ export default defineComponent({
}); });
}, },
methods: { methods: {
setup(e: any) { async setup(e: any) {
let formData = e.target.elements; let secret = "";
if (this.tab == "totp") secret = this.totp(e);
else secret = await this.password(e);
if (secret == "") return;
this.setupStatus = "loading"; this.setupStatus = "loading";
this.setupError = ""; this.setupError = "";
this.$http this.$http
.post(`/setup/finish`, { .post(`/setup/finish`, {
token: this.token, token: this.token,
mail: this.mail, mail: this.mail,
totp: formData.totp.value, secret: secret,
routine: this.tab,
}) })
.then((result) => { .then((result) => {
this.setupStatus = "success"; this.setupStatus = "success";
@ -111,6 +168,24 @@ export default defineComponent({
this.setupError = err.response.data; this.setupError = err.response.data;
}); });
}, },
totp(e: any) {
let formData = e.target.elements;
return formData.totp.value;
},
async password(e: any) {
let formData = e.target.elements;
let new_pw = await hashString(formData.password.value);
let new_rep = await hashString(formData.password_rep.value);
if (new_pw != new_rep) {
this.notMatching = true;
return "";
}
this.notMatching = false;
return await hashString(formData.password.value);
},
}, },
}); });
</script> </script>