fluxerapp/fluxer
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
fd59bc219c247bce6b6be5d8f13a2a492e50f63a
fluxer/fluxer_app/src/viewmodels/auth/AuthFlow.tsx
Hampus Kraft d5abd1a7e4 refactor progress
2026-02-17 12:22:36 +00:00

280 lines
7.5 KiB
TypeScript
Raw Blame History

/*
* Copyright (C) 2026 Fluxer Contributors
*
* This file is part of Fluxer.
*
* Fluxer is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Fluxer is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with Fluxer. If not, see <https://www.gnu.org/licenses/>.
*/
import * as AuthenticationActionCreators from '@app/actions/AuthenticationActionCreators';
import type {AuthenticationResponseJSON, PublicKeyCredentialRequestOptionsJSON} from '@simplewebauthn/browser';
export interface LoginSuccessPayload {
token: string;
userId: string;
redirect_to?: string;
}
export interface MfaChallenge {
ticket: string;
sms: boolean;
totp: boolean;
webauthn: boolean;
}
export interface IpAuthorizationChallenge {
ticket: string;
email: string;
resendAvailableIn: number;
}
export type LoginResult =
| {type: 'success'; payload: LoginSuccessPayload}
| {type: 'mfa'; challenge: MfaChallenge}
| {type: 'ip_authorization'; challenge: IpAuthorizationChallenge};
export async function loginWithPassword({
email,
password,
inviteCode,
}: {
email: string;
password: string;
inviteCode?: string;
}): Promise<LoginResult> {
const response = await AuthenticationActionCreators.login({
email,
password,
inviteCode,
});
if (AuthenticationActionCreators.isIpAuthorizationRequiredResponse(response)) {
return {
type: 'ip_authorization',
challenge: {
ticket: response.ticket,
email: response.email,
resendAvailableIn: response.resend_available_in ?? 30,
},
};
}
if (response.mfa) {
return {
type: 'mfa',
challenge: {
ticket: response.ticket,
sms: response.sms,
totp: response.totp,
webauthn: response.webauthn,
},
};
}
const successResponse = response as {token: string; user_id: string};
return {
type: 'success',
payload: {
token: successResponse.token,
userId: successResponse.user_id,
},
};
}
export async function completeLoginSession(payload: LoginSuccessPayload): Promise<void> {
await AuthenticationActionCreators.completeLogin(payload);
}
export async function startSession(token: string): Promise<void> {
AuthenticationActionCreators.startSession(token, {startGateway: true});
}
export type MfaCodeMethod = 'sms' | 'totp';
export async function loginWithMfaCode({
code,
ticket,
inviteCode,
method,
}: {
code: string;
ticket: string;
inviteCode?: string;
method: MfaCodeMethod;
}): Promise<LoginSuccessPayload> {
const response =
method === 'sms'
? await AuthenticationActionCreators.loginMfaSms(code, ticket, inviteCode)
: await AuthenticationActionCreators.loginMfaTotp(code, ticket, inviteCode);
return {token: response.token, userId: response.user_id};
}
export async function sendMfaSms(ticket: string): Promise<void> {
await AuthenticationActionCreators.loginMfaSmsSend(ticket);
}
export async function getWebAuthnMfaOptions(ticket: string): Promise<PublicKeyCredentialRequestOptionsJSON> {
return AuthenticationActionCreators.getWebAuthnMfaOptions(ticket);
}
export async function authenticateMfaWithWebAuthn({
response,
challenge,
ticket,
inviteCode,
}: {
response: AuthenticationResponseJSON;
challenge: string;
ticket: string;
inviteCode?: string;
}): Promise<LoginSuccessPayload> {
const result = await AuthenticationActionCreators.loginMfaWebAuthn(response, challenge, ticket, inviteCode);
return {token: result.token, userId: result.user_id};
}
export async function getWebAuthnAuthenticationOptions(): Promise<PublicKeyCredentialRequestOptionsJSON> {
return AuthenticationActionCreators.getWebAuthnAuthenticationOptions();
}
export async function authenticateWithWebAuthn({
response,
challenge,
inviteCode,
}: {
response: AuthenticationResponseJSON;
challenge: string;
inviteCode?: string;
}): Promise<LoginSuccessPayload> {
const result = await AuthenticationActionCreators.authenticateWithWebAuthn(response, challenge, inviteCode);
return {token: result.token, userId: result.user_id};
}
export async function startSsoLogin({redirectTo}: {redirectTo?: string}): Promise<{authorizationUrl: string}> {
const result = await AuthenticationActionCreators.startSso(redirectTo);
return {authorizationUrl: result.authorization_url};
}
export async function completeSsoLogin({code, state}: {code: string; state: string}): Promise<LoginSuccessPayload> {
const result = await AuthenticationActionCreators.completeSso({code, state});
return {
token: result.token,
userId: result.user_id,
redirect_to: result.redirect_to,
};
}
interface RegisterSuccessResult {
type: 'success';
payload: LoginSuccessPayload;
}
export type RegisterResult = RegisterSuccessResult;
export async function registerAccount({
email,
globalName,
username,
password,
dateOfBirth,
consent,
inviteCode,
giftCode,
}: {
email: string;
globalName?: string;
username?: string;
password: string;
dateOfBirth: string;
consent: boolean;
inviteCode?: string;
giftCode?: string;
}): Promise<RegisterResult> {
const response = await AuthenticationActionCreators.register({
email,
global_name: globalName,
username,
password,
date_of_birth: dateOfBirth,
consent,
invite_code: inviteCode ?? giftCode,
});
return {
type: 'success',
payload: {token: response.token, userId: response.user_id},
};
}
export async function requestPasswordReset(email: string): Promise<void> {
return AuthenticationActionCreators.forgotPassword(email);
}
export type PasswordResetResult =
| {type: 'success'; payload: LoginSuccessPayload}
| {type: 'mfa'; challenge: MfaChallenge};
export async function resetPassword(token: string, password: string): Promise<PasswordResetResult> {
const response = await AuthenticationActionCreators.resetPassword(token, password);
if ('token' in response) {
return {
type: 'success',
payload: {token: response.token, userId: response.user_id},
};
}
return {
type: 'mfa',
challenge: {
ticket: response.ticket,
sms: response.sms,
totp: response.totp,
webauthn: response.webauthn,
},
};
}
export async function verifyEmail(token: string): Promise<AuthenticationActionCreators.VerificationResult> {
return AuthenticationActionCreators.verifyEmail(token);
}
export async function resendVerificationEmail(): Promise<AuthenticationActionCreators.VerificationResult> {
return AuthenticationActionCreators.resendVerificationEmail();
}
export async function authorizeIp(token: string): Promise<AuthenticationActionCreators.VerificationResult> {
return AuthenticationActionCreators.authorizeIp(token);
}
export const VerificationResult = AuthenticationActionCreators.VerificationResult;
export async function resendIpAuthorization(ticket: string): Promise<void> {
return AuthenticationActionCreators.resendIpAuthorization(ticket);
}
export async function pollIpAuthorization(
ticket: string,
): Promise<AuthenticationActionCreators.IpAuthorizationPollResult> {
return AuthenticationActionCreators.pollIpAuthorization(ticket);
}
export async function initiateDesktopHandoff() {
return AuthenticationActionCreators.initiateDesktopHandoff();
}
export async function completeDesktopHandoff(params: {code: string; token: string; userId: string}) {
return AuthenticationActionCreators.completeDesktopHandoff(params);
}
Reference in New Issue View Git Blame Copy Permalink