✨ FE: 2FA 2nd iteration (ITISFoundation#3679)

Author: odeimaiz

services/static-webserver/client/source/class/osparc/Application.js

@@ -426,6 +426,8 @@ qx.Class.define("osparc.Application", {
      * Resets session and restarts
     */
     logout: function() {
+      osparc.component.message.FlashMessenger.getInstance().logAs(this.tr("You are logged out"));
+
       osparc.data.PollTasks.getInstance().removeTasks();
       osparc.auth.Manager.getInstance().logout();
       if (this.__mainPage) {

services/static-webserver/client/source/class/osparc/auth/LoginPage.js

@@ -87,14 +87,14 @@ qx.Class.define("osparc.auth.LoginPage", {
       const verifyPhoneNumber = new osparc.auth.ui.VerifyPhoneNumberView();
       const resetRequest = new osparc.auth.ui.ResetPassRequestView();
       const reset = new osparc.auth.ui.ResetPassView();
-      const loginSMSCode = new osparc.auth.ui.LoginSMSCodeView();
+      const login2FAValidationCode = new osparc.auth.ui.Login2FAValidationCodeView();
 
       pages.add(login);
       pages.add(register);
       pages.add(verifyPhoneNumber);
       pages.add(resetRequest);
       pages.add(reset);
-      pages.add(loginSMSCode);
+      pages.add(login2FAValidationCode);
 
       const page = osparc.auth.core.Utils.findParameterInFragment("page");
       const code = osparc.auth.core.Utils.findParameterInFragment("code");
@@ -137,18 +137,27 @@ qx.Class.define("osparc.auth.LoginPage", {
         login.resetValues();
       }, this);
 
-      login.addListener("toSMSCode", e => {
+      login.addListener("to2FAValidationCode", e => {
         const msg = e.getData();
         const startIdx = msg.indexOf("+");
-        loginSMSCode.set({
+        login2FAValidationCode.set({
           userEmail: login.getEmail(),
           userPhoneNumber: msg.substring(startIdx, msg.length)
         });
-        pages.setSelection([loginSMSCode]);
+        pages.setSelection([login2FAValidationCode]);
         login.resetValues();
       }, this);
 
-      loginSMSCode.addListener("done", msg => {
+      verifyPhoneNumber.addListener("skipPhoneRegistration", e => {
+        login2FAValidationCode.set({
+          userEmail: e.getData(),
+          userPhoneNumber: null
+        });
+        pages.setSelection([login2FAValidationCode]);
+        login.resetValues();
+      }, this);
+
+      login2FAValidationCode.addListener("done", msg => {
         login.resetValues();
         this.fireDataEvent("done", msg);
       }, this);

services/static-webserver/client/source/class/osparc/auth/Manager.js

@@ -58,7 +58,7 @@ qx.Class.define("osparc.auth.Manager", {
           phone: phoneNumber
         }
       };
-      return osparc.data.Resources.fetch("auth", "postVerifyPhoneNumber", params);
+      return osparc.data.Resources.fetch("auth", "verifyPhoneNumber", params);
     },
 
     validateCodeRegister: function(email, phone, code, loginCbk, failCbk, context) {
@@ -69,7 +69,7 @@ qx.Class.define("osparc.auth.Manager", {
           code
         }
       };
-      osparc.data.Resources.fetch("auth", "postValidationCodeRegister", params)
+      osparc.data.Resources.fetch("auth", "validateCodeRegister", params)
         .then(data => {
           osparc.data.Resources.getOne("profile", {}, null, false)
             .then(profile => {
@@ -88,7 +88,7 @@ qx.Class.define("osparc.auth.Manager", {
           code
         }
       };
-      osparc.data.Resources.fetch("auth", "postValidationCodeLogin", params)
+      osparc.data.Resources.fetch("auth", "validateCodeLogin", params)
         .then(data => {
           osparc.data.Resources.getOne("profile", {}, null, false)
             .then(profile => {
@@ -100,6 +100,26 @@ qx.Class.define("osparc.auth.Manager", {
         .catch(err => failCbk.call(context, err.message));
     },
 
+    resendCodeViaSMS: function(email) {
+      const params = {
+        data: {
+          email,
+          via: "SMS"
+        }
+      };
+      return osparc.data.Resources.fetch("auth", "resendCode", params);
+    },
+
+    resendCodeViaEmail: function(email) {
+      const params = {
+        data: {
+          email,
+          via: "Email"
+        }
+      };
+      return osparc.data.Resources.fetch("auth", "resendCode", params);
+    },
+
     isLoggedIn: function() {
       // TODO: how to store this localy?? See http://www.qooxdoo.org/devel/pages/data_binding/stores.html#offline-store
       // TODO: check if expired??

services/static-webserver/client/source/class/osparc/auth/core/BaseAuthPage.js

@@ -38,7 +38,7 @@ qx.Class.define("osparc.auth.core.BaseAuthPage", {
     this.set({
       layout: new qx.ui.layout.VBox(20),
       width: 300,
-      height: 250
+      height: 350
     });
     // at least chrome hates it when a password input field exists
     // outside a form, so lets accomodate him

services/static-webserver/client/source/class/osparc/auth/core/Utils.js

@@ -18,8 +18,7 @@
 qx.Class.define("osparc.auth.core.Utils", {
   type: "static",
 
-  statics:
-  {
+  statics: {
     passwordLengthValidator: function(value, item) {
       const valid = value != null && value.length > 3;
       if (!valid) {
@@ -83,6 +82,20 @@ qx.Class.define("osparc.auth.core.Utils", {
         }
         window.history.replaceState("", document.title, url);
       }
+    },
+
+    restartResendTimer: function(button, buttonText, count = 60) {
+      const refreshIntervalId = setInterval(() => {
+        if (count > 0) {
+          count--;
+        } else {
+          clearInterval(refreshIntervalId);
+        }
+        button.set({
+          label: count > 0 ? buttonText + ` (${count})` : buttonText,
+          enabled: count === 0
+        });
+      }, 1000);
     }
   }
 });

services/static-webserver/client/source/class/osparc/auth/ui/LoginSMSCodeView.js renamed to services/static-webserver/client/source/class/osparc/auth/ui/Login2FAValidationCodeView.js

@@ -16,14 +16,14 @@
 ************************************************************************ */
 
 
-qx.Class.define("osparc.auth.ui.LoginSMSCodeView", {
+qx.Class.define("osparc.auth.ui.Login2FAValidationCodeView", {
   extend: osparc.auth.core.BaseAuthPage,
 
   properties: {
     userPhoneNumber: {
       check: "String",
-      init: "+41-XXXXXXXXX",
-      nullable: false,
+      init: null,
+      nullable: true,
       event: "changeUserPhoneNumber"
     },
 
@@ -37,14 +37,16 @@ qx.Class.define("osparc.auth.ui.LoginSMSCodeView", {
   members: {
     __validateCodeTF: null,
     __validateCodeBtn: null,
-    __resendCodeBtn: null,
+    __resendCodeSMSBtn: null,
+    __resendCodeEmailBtn: null,
 
     _buildPage: function() {
-      const smsCodeDesc = new qx.ui.basic.Label();
-      this.bind("userPhoneNumber", smsCodeDesc, "value", {
-        converter: pNumber => this.tr("We just sent a 4-digit code to ") + pNumber
+      const introText = new qx.ui.basic.Label();
+      const justSentText = this.tr("We just sent a 4-digit code to ");
+      this.bind("userPhoneNumber", introText, "value", {
+        converter: pNumber => justSentText + (pNumber ? pNumber : this.getUserEmail())
       });
-      this.add(smsCodeDesc);
+      this.add(introText);
 
       const validateCodeTF = this.__validateCodeTF = new qx.ui.form.TextField().set({
         placeholder: this.tr("Type code"),
@@ -54,7 +56,7 @@ qx.Class.define("osparc.auth.ui.LoginSMSCodeView", {
       this.addListener("appear", () => {
         validateCodeTF.focus();
         validateCodeTF.activate();
-        osparc.auth.ui.VerifyPhoneNumberView.restartResendTimer(this.__resendCodeBtn, this.tr("Resend code"));
+        this.__restartTimers();
       });
 
       const validateCodeBtn = this.__validateCodeBtn = new osparc.ui.form.FetchButton(this.tr("Validate")).set({
@@ -64,32 +66,65 @@ qx.Class.define("osparc.auth.ui.LoginSMSCodeView", {
       validateCodeBtn.addListener("execute", () => this.__validateCodeLogin(), this);
       this.add(validateCodeBtn);
 
-      const resendLayout = new qx.ui.container.Composite(new qx.ui.layout.HBox(5).set({
+      const resendLayout = new qx.ui.container.Composite(new qx.ui.layout.VBox(5).set({
         alignY: "middle"
       }));
       const resendCodeDesc = new qx.ui.basic.Label().set({
-        value: this.tr("Didn't receive the code?")
+        value: this.tr("Didn't receive the code? Resend code")
       });
-      resendLayout.add(resendCodeDesc, {
+      resendLayout.add(resendCodeDesc);
+
+      const resendBtnsLayout = new qx.ui.container.Composite(new qx.ui.layout.HBox(5).set({
+        alignY: "middle"
+      }));
+      resendLayout.add(resendBtnsLayout);
+
+      const resendCodeSMSBtn = this.__resendCodeSMSBtn = new qx.ui.form.Button().set({
+        label: this.tr("Via SMS") + ` (60)`,
+        enabled: false
+      });
+      this.bind("userPhoneNumber", resendCodeSMSBtn, "visibility", {
+        converter: pNumber => pNumber ? "visible" : "excluded"
+      });
+      resendBtnsLayout.add(resendCodeSMSBtn, {
         flex: 1
       });
+      resendCodeSMSBtn.addListener("execute", () => {
+        osparc.auth.Manager.getInstance().resendCodeViaSMS(this.getUserEmail())
+          .then(data => {
+            osparc.component.message.FlashMessenger.logAs(data.reason, "INFO");
+            introText.setValue(justSentText + this.getUserPhoneNumber());
+            this.__restartTimers();
+          })
+          .catch(err => osparc.component.message.FlashMessenger.logAs(err.message, "ERROR"));
+      }, this);
 
-      this.add(new qx.ui.core.Spacer(null, 20));
-      const resendCodeBtn = this.__resendCodeBtn = new qx.ui.form.Button().set({
-        label: this.tr("Resend code") + ` (60)`,
+      const resendCodeEmailBtn = this.__resendCodeEmailBtn = new qx.ui.form.Button().set({
+        label: this.tr("Via email") + ` (60)`,
         enabled: false
       });
-      resendLayout.add(resendCodeBtn, {
+      resendBtnsLayout.add(resendCodeEmailBtn, {
         flex: 1
       });
-      resendCodeBtn.addListener("execute", () => {
-        const msg = this.tr("Not yet implemented. Please, reload the page instead");
-        osparc.component.message.FlashMessenger.getInstance().logAs(msg, "WARNING");
-        // osparc.auth.ui.VerifyPhoneNumberView.restartResendTimer(this.__resendCodeBtn, this.tr("Resend code"));
+      resendCodeEmailBtn.addListener("execute", () => {
+        osparc.auth.Manager.getInstance().resendCodeViaEmail(this.getUserEmail())
+          .then(data => {
+            osparc.component.message.FlashMessenger.logAs(data.reason, "INFO");
+            introText.setValue(justSentText + this.getUserEmail());
+            this.__restartTimers();
+          })
+          .catch(err => osparc.component.message.FlashMessenger.logAs(err.message, "ERROR"));
       }, this);
       this.add(resendLayout);
     },
 
+    __restartTimers: function() {
+      if (this.getUserPhoneNumber()) {
+        osparc.auth.core.Utils.restartResendTimer(this.__resendCodeSMSBtn, this.tr("Via SMS"));
+      }
+      osparc.auth.core.Utils.restartResendTimer(this.__resendCodeEmailBtn, this.tr("Via email"));
+    },
+
     __validateCodeLogin: function() {
       this.__validateCodeBtn.setFetching(true);
 

services/static-webserver/client/source/class/osparc/auth/ui/LoginView.js

@@ -40,7 +40,7 @@ qx.Class.define("osparc.auth.ui.LoginView", {
     "toRegister": "qx.event.type.Event",
     "toReset": "qx.event.type.Event",
     "toVerifyPhone": "qx.event.type.Data",
-    "toSMSCode": "qx.event.type.Data"
+    "to2FAValidationCode": "qx.event.type.Data"
   },
 
   /*
@@ -91,21 +91,24 @@ qx.Class.define("osparc.auth.ui.LoginView", {
       const grp = new qx.ui.container.Composite(new qx.ui.layout.HBox(20));
 
       const registerBtn = this.createLinkButton(this.tr("Create Account"), () => {
+        registerBtn.setEnabled(false);
         osparc.data.Resources.getOne("config")
           .then(config => {
             if (config["invitation_required"]) {
               let text = this.tr("Registration is currently only available with an invitation.");
               text += "<br>";
-              text += this.tr("Please contact [email protected]");
-              osparc.component.message.FlashMessenger.getInstance().logAs(text, "INFO");
+              text += this.tr("Please contact ");
+              osparc.store.StaticInfo.getInstance().getSupportEmail()
+                .then(supportEmail => {
+                  text += supportEmail;
+                  osparc.component.message.FlashMessenger.getInstance().logAs(text, "INFO");
+                });
             } else {
               this.fireEvent("toRegister");
             }
           })
-          .catch(err => {
-            console.error(err);
-            this.fireEvent("toRegister");
-          });
+          .catch(err => console.error(err));
+        registerBtn.setEnabled(true);
       }, this);
       osparc.utils.Utils.setIdToWidget(registerBtn, "loginCreateAccountBtn");
 
@@ -179,10 +182,10 @@ qx.Class.define("osparc.auth.ui.LoginView", {
         window.history.replaceState(null, window.document.title, window.location.pathname);
       };
 
-      const twoFactorAuthCbk = log => {
+      const twoFactorAuthCbk = msg => {
         this.__loginBtn.setFetching(false);
-        osparc.component.message.FlashMessenger.getInstance().logAs(log, "INFO");
-        this.fireDataEvent("toSMSCode", log);
+        osparc.component.message.FlashMessenger.getInstance().logAs(msg, "INFO");
+        this.fireDataEvent("to2FAValidationCode", msg);
         // we don't need the form any more, so remove it and mock-navigate-away
         // and thus tell the password manager to save the content
         this._formElement.dispose();