search

Badgerati / Pode

Pode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers
https://badgerati.github.io/Pode
MIT License
830 stars 92 forks source link

Two Factor authentication #1297

Open LLIT opened 4 months ago

LLIT commented 4 months ago

What to do?

I m working on adding 2FA to my pode site, but I am getting gray hairs.... The PowerShell part is up and running, I can generate and validate the keys.

But what to do in Pode.

User1 has 2FA enabled. Use2 has not.

Example 1

Step 1: Validate user/pass (easy with New-PodeAuthScheme -Form{...})

Step 2: if 2FA is enabled (another form with pin and hidden username ) else Skip this step, but how?

Example 2

$custom_scheme | Add-PodeAuth -Name 'Login' -ScriptBlock {
    param($username, $password, $pin)
}

Create 2 login forms Hide Pin with value ""

Example 3

The one I am hoping for

Add-PodeRoute -Method Post -Path '/login' -ScriptBlock {
    if (!(Test-PodeAuth -Name TwoFALogin) {
        if (Test-PodeAuth -Name Login) {
            if ($User.TwoFA) {
                Write-PodeViewResponse -Path 'auth-login2fa'
            }
            else {
                "Set-PodeAuth -Name TwoFALogin" - The one i cant find :-)
            }
        }
        else {
            Write-PodeViewResponse -Path 'auth-login2fa'
        }
    else {
        "Set-PodeAuth -Name TwoFALogin" - The one i cant find :-)
    }
} 
Add-PodeRoute -Method Post -Path '/OtherPAge' -Authentication TwoFALogin -ScriptBlock {
    Do Stuff
}