import type { HttpContext } from '@adonisjs/core/http'; import User from '#models/User'; // import Hash from '@ioc:Adonis/Core/Hash'; // import InvalidCredentialException from 'App/Exceptions/InvalidCredentialException'; import AuthValidator from '#app/Validators/AuthValidator'; import TwoFactorAuthProvider from '#app/services/TwoFactorAuthProvider'; // import { Authenticator } from '@adonisjs/auth'; // import { LoginState } from 'Contracts/enums'; // import { StatusCodes } from 'http-status-codes'; // interface MyHttpsContext extends HttpContext { // auth: Authenticator // } export default class AuthController { // login function{ request, auth, response }:HttpContext public async login({ request, response, auth, session }: HttpContext) { // console.log({ // registerBody: request.body(), // }); await request.validate(AuthValidator); // const plainPassword = await request.input('password'); // const email = await request.input('email'); // grab uid and password values off request body const { email, password } = request.only(['email', 'password']); try { // // attempt to verify credential and login user // await auth.use('web').attempt(email, plainPassword); // const user = await auth.use('web').verifyCredentials(email, password); const user = await User.verifyCredentials(email, password) if (user.isTwoFactorEnabled) { // session.put("login.id", user.id); // return view.render("pages/two-factor-challenge"); session.flash('user_id', user.id); return response.redirect().back(); // let state = LoginState.STATE_VALIDATED; // return response.status(StatusCodes.OK).json({ // state: state, // new_user_id: user.id, // }); } await auth.use('web').login(user); } catch (error) { // if login fails, return vague form message and redirect back session.flash('message', 'Your username, email, or password is incorrect'); return response.redirect().back(); } // otherwise, redirect todashboard response.redirect('/apps/dashboard'); } public async twoFactorChallenge({ request, session, auth, response }: HttpContext) { const { code, recoveryCode, login_id } = request.only(['code', 'recoveryCode', 'login_id']); // const user = await User.query().where('id', session.get('login.id')).firstOrFail(); const user = await User.query().where('id', login_id).firstOrFail(); if (code) { const isValid = await TwoFactorAuthProvider.validate(user, code); if (isValid) { // login user and redirect to dashboard await auth.use('web').login(user); response.redirect('/apps/dashboard'); } else { session.flash('message', 'Your tow factor code is incorrect'); return response.redirect().back(); } } else if (recoveryCode) { const codes = user?.twoFactorRecoveryCodes ?? []; if (codes.includes(recoveryCode)) { user.twoFactorRecoveryCodes = codes.filter((c) => c !== recoveryCode); await user.save(); await auth.use('web').login(user); response.redirect('/apps/dashboard'); } } } // logout function public async logout({ auth, response }: HttpContext) { // await auth.logout(); await auth.use('web').logout(); return response.redirect('/app/login'); // return response.status(200); } }