adapter.find('email', req.session.email, function(err, user) {
if (err) return next(err);
var token = req.body.token;
var key = user.twoFactorKey;
var valid = utils.verify(token, key);
if (valid) {
// update user in db
user.twoFactorEnabled = true;
adapter.update(user, function(err, user) {
if (err) return next(err);
res.send('two-factor auth now enabled.\n log out and back in');
});
return;
}
var options = {
key: key,
email: req.session.email
};
var qr = utils.qr(options);
res.render('settings', {
title: 'Settings',
qr: qr,
error: 'Token invalid'
});
});
adapter.find('email', email, function(err, user) {
if (err) return next(err);
var key = user && user.twoFactorKey;
// verify POSTed token
var valid = utils.verify(token, key);
// redirect to /login if invalid
if (!valid) {
// destroy current session
return utils.destroy(req, function() {
// send only JSON when REST is active
if (config.rest) return res.send(401);
res.redirect(loginRoute + '?redirect=' + target);
});
}
// token seems to be fine
// user is now logged in
req.session.loggedIn = true;
// emit 'login' event
that.emit('login', user, res, target);
// let lockit handle the response
if (config.login.handleResponse) {
// send only JSON when REST is active
if (config.rest) return res.send(204);
// redirect to target url
res.redirect(target);
}
});