masq
/
glowing-bear
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Support TOTP

This commit is contained in:
Jeremy Mahieu 2019-12-18 22:08:16 +01:00
parent 3d042b125b
commit 68e2df24fd
4 changed files with 40 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
index.html
View File

@ -114,7 +114,7 @@
<label class="control-label" for="password">WeeChat relay password</label>
<input type="password" class="form-control favorite-font" id="password" ng-model="password" placeholder="Password">
<div class="alert alert-danger" ng-show="passwordError" ng-cloak>
Error: wrong password
Error: wrong password or one-time password
</div>
<div class="checkbox">
@ -123,18 +123,26 @@
Save password in your browser
</label>
</div>
<div class="checkbox" ng-show="settings.savepassword">
<label class="control-label" for="autoconnect">
<input type="checkbox" id="autoconnect" ng-model="settings.autoconnect">
Automatically connect
</label>
</div>
<div class="checkbox">
<label class="control-label" for="ssl">
<input type="checkbox" id="ssl" ng-model="settings.ssl">
Encryption. <strong>Strongly recommended!</strong> Need help? Check below.
</label>
</div>
<div class="checkbox" ng-show="settings.savepassword">
<label class="control-label" for="autoconnect">
<input type="checkbox" id="autoconnect" ng-model="settings.autoconnect" ng-disabled="settings.useTotp">
Automatically connect
</label>
</div>
<div class="checkbox">
<label class="control-label" for="useTotp">
<input type="checkbox" id="useTotp" ng-model="settings.useTotp" ng-change="changeUseTOTP()">
Use Time-based One-Time Password
</label>
</div>
<label class="control-label" for="totp" ng-Show="settings.useTotp">One time password</label>
<input type="text" class="form-control favorite-font" id="totp" ng-model="totp" ng-Show="settings.useTotp" ng-model="totp" autocomplete="off">
</div>
<button class="btn btn-lg btn-primary" ng-disabled="hostInvalid" ng-click="connect()" ng-cloak>{{ connectbutton }} <i ng-class="connectbuttonicon" class="glyphicon"></i></button>
</form>
@ -151,6 +159,7 @@
</div>
<div id="collapseTwo" class="panel-collapse collapse">
<div class="panel-body">
<h3>Use TLS encryption</h3>
<p><span class="label label-danger">WeeChat version 0.4.2 or higher is required—we recommend at least 1.0.</p>
<p>To start using Glowing Bear, follow the instructions below to set up an encrypted relay. All communication goes directly between your browser and your WeeChat relay! This means that your server must be accessible. We never see any of your data or your password, and you don't need to trust a "cloud". All settings, including your password, are saved locally in your own browser between sessions.</p>
<div class="alert alert-warning" ng-show="show_tls_warning"><strong>You're using Glowing Bear over an unencrypted connection (http://). This is not recommended!</strong> We recommend using our secure hosted version at <a href="https://www.glowing-bear.org/">https://www.glowing-bear.org/</a>, or <a href="https://latest.glowing-bear.org/">https://latest.glowing-bear.org</a> for the latest and greatest development version. You can still follow the instructions below to set up an encrypted relay, though.</div>
@ -168,6 +177,11 @@ chown -R <strong>username</strong>:<strong>username</strong> ~<strong>username</
/relay add ssl.weechat {{ settings.port || 9001 }}
</pre>
<p>Your certificate needs to be renewed every couple of months. Either follow the instructions for automatic renewal at <a href="https://certbot.eff.org/">https://certbot.eff.org</a>, or run <code>certbot renew</code> manually when renewal is due. <strong>Important:</strong> You'll need to follow the instructions for copying the certificate to the right place again, and re-run <code>/relay sslcertkey</code> in WeeChat.</p>
<h3>Use TOTP (Time-based One-Time Password)</h3>
<p><a href="https://blog.weechat.org/post/2019/01/14/Support-of-TOTP">Configure</a> WeeChat for TOTP. The secret key has to be a base 32 string.</p>
<pre>/secure set relay_totp_secret xxxxx
/set relay.network.totp_secret "${sec.data.relay_totp_secret}"</pre>
<p>Open an authenticator app and create an entry with the same secret. In Glowing Bear check the checkbox for "use Time-based One-Time Password" and fill in the one time password as you see it in the authenticator app.</p>
</div>
</div>
</div>

9
js/connection.js
View File

@ -20,7 +20,7 @@ weechat.factory('connection',
var locked = false;
// Takes care of the connection and websocket hooks
var connect = function (host, port, path, passwd, ssl, noCompression, successCallback, failCallback) {
var connect = function (host, port, path, passwd, ssl, useTotp, totp, noCompression, successCallback, failCallback) {
$rootScope.passwordError = false;
connectionData = [host, port, path, passwd, ssl, noCompression];
var proto = ssl ? 'wss' : 'ws';
@ -45,7 +45,9 @@ weechat.factory('connection',
ngWebsockets.send(
weeChat.Protocol.formatInit({
password: passwd,
compression: noCompression ? 'off' : 'zlib'
compression: noCompression ? 'off' : 'zlib',
useTotp: useTotp,
totp: totp
})
);
@ -328,7 +330,8 @@ weechat.factory('connection',
var attemptReconnect = function (bufferId, timeout) {
$log.info('Attempting to reconnect...');
var d = connectionData;
connect(d[0], d[1], d[2], d[3], d[4], function() {
// won't work if totp is mandetory
connect(d[0], d[1], d[2], d[3], d[4], false, "", function() {
$rootScope.reconnecting = false;
// on success, update active buffer
models.setActiveBuffer(bufferId);

11
js/glowingbear.js
View File

@ -45,6 +45,7 @@ weechat.controller('WeechatCtrl', ['$rootScope', '$scope', '$store', '$timeout',
'port': 9001,
'path': 'weechat',
'ssl': (window.location.protocol === "https:"),
'useTotp': false,
'savepassword': false,
'autoconnect': false,
'nonicklist': utils.isMobileUi(),
@ -687,6 +688,13 @@ weechat.controller('WeechatCtrl', ['$rootScope', '$scope', '$store', '$timeout',
}
};
$scope.changeUseTOTP = function() {
if (settings.useTotp) {
settings.autoconnect = false;
}
}
$scope.connect = function() {
notifications.requestNotificationPermission();
$rootScope.sslError = false;
@ -695,7 +703,8 @@ weechat.controller('WeechatCtrl', ['$rootScope', '$scope', '$store', '$timeout',
$rootScope.bufferBottom = true;
$scope.connectbutton = 'Connecting';
$scope.connectbuttonicon = 'glyphicon-refresh glyphicon-spin';
connection.connect(settings.host, settings.port, settings.path, $scope.password, settings.ssl);
connection.connect(settings.host, settings.port, settings.path, $scope.password, settings.ssl, settings.useTotp, $scope.totp);
$scope.totp = "";//clear for next time
};
$scope.disconnect = function() {

3
js/weechat.js
View File

@ -648,6 +648,9 @@
if (params.password !== null) {
keys.push('password=' + params.password);
}
if (params.useTotp) {
keys.push('totp=' + params.totp);
}
parts.push(keys.join(','));
return WeeChatProtocol._formatCmd(null, 'init', parts);