Añadir ruta /security-2falogin (verificación en 2 pasos / TOTP)
Activación de 2FA (TOTP) para el login del juego, guardando el secreto en acore_auth.account.totp_secret tal como lo lee el bnetserver 3.4.3. - lib/two-factor.ts: TOTP (HMAC-SHA1, 30s, 6 dígitos, ±1) idéntico al core (verificado contra los vectores RFC 6238), Base32, otpauth, y codificado del secreto: crudo por defecto o AES-128-GCM (ciphertext‖IV12‖tag12) si se define TOTP_MASTER_SECRET (mismo hex que TOTPMasterSecret del servidor). - Flujo seguro sin bloqueos: el secreto se genera y queda PENDIENTE en la sesión; sólo se escribe en la cuenta tras verificar un código válido. - /api/account/2fa: activar (password + token de seguridad), verificar y desactivar (con código actual). QR generado en el servidor (el secreto no sale a terceros). - Página + componente fieles al markup (preview, pasos, copiar clave, ojos). Verificado E2E: activar -> QR/secreto -> verificar -> totp_secret = 20 bytes (igual al secreto escaneado) -> desactivar -> NULL. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,71 @@
|
||||
import type { Metadata } from 'next'
|
||||
import { setRequestLocale } from 'next-intl/server'
|
||||
import { redirect, Link } from '@/i18n/navigation'
|
||||
import { getSession } from '@/lib/session'
|
||||
import { is2faEnabled } from '@/lib/two-factor'
|
||||
import { PageShell } from '@/components/PageShell'
|
||||
import { TwoFactorLogin } from '@/components/TwoFactorLogin'
|
||||
|
||||
export const dynamic = 'force-dynamic'
|
||||
|
||||
export const metadata: Metadata = { title: 'Verificación en 2 pasos' }
|
||||
|
||||
const IMG = '/nw-themes/nw-ryu/nw-images'
|
||||
|
||||
export default async function Security2faLoginPage({ params }: { params: Promise<{ locale: string }> }) {
|
||||
const { locale } = await params
|
||||
setRequestLocale(locale)
|
||||
|
||||
const session = await getSession()
|
||||
if (!session.bnetId) redirect({ href: '/login', locale })
|
||||
if (!session.username) redirect({ href: '/select-account', locale })
|
||||
|
||||
const enabled = session.accountId ? await is2faEnabled(session.accountId) : false
|
||||
|
||||
return (
|
||||
<PageShell title="Verificación en 2 pasos">
|
||||
<div className="box-content">
|
||||
<div className="title-box-content">
|
||||
<h2>Información</h2>
|
||||
<Link className="back-to-account" href="/account">Regresar a mi cuenta</Link>
|
||||
<Link className="back-to-account-responsive" href="/account">Regresar</Link>
|
||||
</div>
|
||||
<div className="body-box-content justified">
|
||||
<br />
|
||||
<div className="twofa-login-info">
|
||||
<img
|
||||
className="twofa-login-preview"
|
||||
src={`${IMG}/nw-general/nw-authenticator-preview.png`}
|
||||
alt="Vista previa autenticador"
|
||||
/>
|
||||
<div className="twofa-login-info-text">
|
||||
<p><span>2FA</span> son las siglas de "Two Factor Authentication", o verificación en dos pasos.</p>
|
||||
<br />
|
||||
<p>Es un método que añade una capa adicional de seguridad al proceso de inicio de sesión.</p>
|
||||
<p>En lugar de simplemente ingresar tu nombre de usuario y contraseña, 2FA requiere un segundo paso de verificación, aumentando así la protección de tu cuenta.</p>
|
||||
<br />
|
||||
<p>Una vez activado, luego de ingresar usuario y contraseña, aparecerá una ventana (Imagen derecha) que te pedirá el código de autenticación generado por la aplicación.</p>
|
||||
<br />
|
||||
<p><span>Códigos de respaldo</span></p>
|
||||
<p>Al activar 2FA, se te proporcionarán códigos de respaldo únicos.</p>
|
||||
<p>Estos códigos son útiles en caso de que pierdas acceso a tu aplicación de autenticación.</p>
|
||||
<p>Cada código de respaldo puede usarse una sola vez.</p>
|
||||
<p>Guárdalos en un lugar seguro, ya que te permitirán acceder a tu cuenta en el sitio web si no puedes usar la aplicación de autenticación.</p>
|
||||
<br />
|
||||
<p>Si aún no tienes Token de seguridad, puedes solicitarlo <Link href="/security-token" target="_blank">aquí</Link>.</p>
|
||||
<br />
|
||||
</div>
|
||||
</div>
|
||||
<fieldset>
|
||||
<legend>NOTA</legend>
|
||||
<div className="separate2">
|
||||
<p>Utiliza una aplicación de autenticación para iniciar sesión en el juego una vez que lo tengas activado.</p>
|
||||
</div>
|
||||
</fieldset>
|
||||
|
||||
<TwoFactorLogin enabled={enabled} />
|
||||
</div>
|
||||
</div>
|
||||
</PageShell>
|
||||
)
|
||||
}
|
||||
@@ -0,0 +1,109 @@
|
||||
import QRCode from 'qrcode'
|
||||
import { getSession } from '@/lib/session'
|
||||
import { authenticate } from '@/lib/auth'
|
||||
import { checkSecurityToken } from '@/lib/security-token'
|
||||
import { getRealmName } from '@/lib/realm'
|
||||
import {
|
||||
base32Encode,
|
||||
otpauthUrl,
|
||||
generateSecret,
|
||||
validateToken,
|
||||
is2faEnabled,
|
||||
setAccountTotpSecret,
|
||||
clearAccountTotpSecret,
|
||||
getAccountTotpSecret,
|
||||
} from '@/lib/two-factor'
|
||||
|
||||
// "15#1" -> "WOW1" (índice tras '#'); si no hay índice, usa el username tal cual.
|
||||
function wowLabel(username: string): string {
|
||||
const idx = username.split('#')[1]
|
||||
return idx ? `WOW${idx}` : username
|
||||
}
|
||||
|
||||
export async function POST(request: Request) {
|
||||
const session = await getSession()
|
||||
if (!session.bnetId || !session.accountId || !session.bnetEmail || !session.username) {
|
||||
return Response.json({ success: false, message: 'Tu sesión ha expirado. Inicia sesión de nuevo.' }, { status: 401 })
|
||||
}
|
||||
const accountId = session.accountId
|
||||
|
||||
let body: Record<string, unknown> = {}
|
||||
try {
|
||||
body = await request.json()
|
||||
} catch {
|
||||
return Response.json({ success: false, message: 'Solicitud no válida.' }, { status: 400 })
|
||||
}
|
||||
const action = String(body.action ?? '')
|
||||
|
||||
/* ------------------------------- Activar 2FA ------------------------------ */
|
||||
if (action === 'activate') {
|
||||
if (await is2faEnabled(accountId)) {
|
||||
return Response.json({ success: false, message: 'La verificación en 2 pasos ya está activada en esta cuenta.' })
|
||||
}
|
||||
const password = String(body.password ?? '')
|
||||
const securityToken = String(body.securityToken ?? '')
|
||||
if (!password || !securityToken) {
|
||||
return Response.json({ success: false, message: 'Introduce tu contraseña y tu token de seguridad.' })
|
||||
}
|
||||
const bnet = await authenticate(session.bnetEmail, password)
|
||||
if (!bnet) return Response.json({ success: false, message: 'Contraseña incorrecta.' })
|
||||
if (!(await checkSecurityToken(accountId, securityToken))) {
|
||||
return Response.json({ success: false, message: 'Token de seguridad incorrecto. Puedes solicitar uno nuevo.' })
|
||||
}
|
||||
|
||||
const secret = generateSecret()
|
||||
const secretBase32 = base32Encode(secret)
|
||||
const realm = await getRealmName()
|
||||
const url = otpauthUrl(realm, wowLabel(session.username), secretBase32)
|
||||
const qrCodeUrl = await QRCode.toDataURL(url, { margin: 1, width: 220 })
|
||||
|
||||
// Guardamos el secreto como PENDIENTE (no se escribe en la cuenta hasta que
|
||||
// el usuario confirme un código válido; así se evita cualquier bloqueo).
|
||||
session.pending2fa = secret.toString('hex')
|
||||
session.pending2faFor = accountId
|
||||
await session.save()
|
||||
|
||||
return Response.json({
|
||||
success: true,
|
||||
message: 'Escanea el código QR con tu aplicación de autenticación y confirma un código para activar 2FA.',
|
||||
qrCodeUrl,
|
||||
secretKey: secretBase32,
|
||||
})
|
||||
}
|
||||
|
||||
/* ------------------------------- Verificar -------------------------------- */
|
||||
if (action === 'verify') {
|
||||
if (!session.pending2fa || session.pending2faFor !== accountId) {
|
||||
return Response.json({ success: false, message: 'No hay una activación pendiente. Vuelve a empezar.' })
|
||||
}
|
||||
const code = String(body.code ?? '').replace(/\D/g, '')
|
||||
if (code.length !== 6) return Response.json({ success: false, message: 'Introduce el código de 6 dígitos.' })
|
||||
|
||||
const secret = Buffer.from(session.pending2fa, 'hex')
|
||||
if (!validateToken(secret, Number(code))) {
|
||||
return Response.json({ success: false, message: 'Código incorrecto. Comprueba la hora de tu dispositivo e inténtalo de nuevo.' })
|
||||
}
|
||||
|
||||
await setAccountTotpSecret(accountId, secret)
|
||||
session.pending2fa = undefined
|
||||
session.pending2faFor = undefined
|
||||
await session.save()
|
||||
|
||||
return Response.json({ success: true, message: '¡Verificación en 2 pasos activada! A partir de ahora se pedirá el código al iniciar sesión en el juego.' })
|
||||
}
|
||||
|
||||
/* ------------------------------- Desactivar ------------------------------- */
|
||||
if (action === 'disable') {
|
||||
const secret = await getAccountTotpSecret(accountId)
|
||||
if (!secret) return Response.json({ success: false, message: 'La verificación en 2 pasos no está activada.' })
|
||||
const code = String(body.code ?? '').replace(/\D/g, '')
|
||||
if (code.length !== 6) return Response.json({ success: false, message: 'Introduce el código de 6 dígitos de tu aplicación.' })
|
||||
if (!validateToken(secret, Number(code))) {
|
||||
return Response.json({ success: false, message: 'Código incorrecto. No se ha desactivado 2FA.' })
|
||||
}
|
||||
await clearAccountTotpSecret(accountId)
|
||||
return Response.json({ success: true, message: 'Verificación en 2 pasos desactivada.' })
|
||||
}
|
||||
|
||||
return Response.json({ success: false, message: 'Acción no válida.' }, { status: 400 })
|
||||
}
|
||||
@@ -448,3 +448,27 @@ textarea:focus {
|
||||
vertical-align: middle;
|
||||
margin-right: 6px;
|
||||
}
|
||||
|
||||
/* ==== Verificación en 2 pasos (/security-2falogin) ==== */
|
||||
.twofa-login-info { display: block; }
|
||||
.twofa-login-preview {
|
||||
float: right;
|
||||
max-width: 370px;
|
||||
margin-left: 24px;
|
||||
margin-bottom: 8px;
|
||||
height: auto;
|
||||
border: 2px solid #352e2b;
|
||||
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.35);
|
||||
}
|
||||
.google-play-logo { height: 40px; width: 140px; vertical-align: middle; }
|
||||
.apple-store-logo { height: 40px; width: 120px; vertical-align: middle; }
|
||||
.toggle-password, .toggle-token { cursor: pointer; margin-left: -28px; color: #b1997f; transition: .3s; }
|
||||
.toggle-password:hover, .toggle-token:hover { color: #fff; }
|
||||
.copy-secret-container { display: flex; align-items: center; justify-content: center; gap: 8px; margin-top: 6px; }
|
||||
#secret-key { width: 240px; text-align: center; }
|
||||
.copy-btn { cursor: pointer; }
|
||||
#qr-code { display: block; margin: 0 auto; max-width: 220px; height: auto; background: #fff; padding: 8px; border-radius: 6px; }
|
||||
@media screen and (max-width: 1024px) {
|
||||
.twofa-login-info { display: flex; flex-direction: column-reverse; align-items: center; }
|
||||
.twofa-login-preview { float: none; display: block; clear: both; margin: 10px auto 8px auto; max-width: 90vw; }
|
||||
}
|
||||
|
||||
@@ -0,0 +1,292 @@
|
||||
'use client'
|
||||
|
||||
import { useState } from 'react'
|
||||
|
||||
const LOGOS = '/nw-themes/nw-ryu/nw-images/nw-logos'
|
||||
|
||||
type Msg = { success: boolean; text: string } | null
|
||||
|
||||
async function post(action: string, extra: Record<string, string>): Promise<{ success: boolean; message: string; qrCodeUrl?: string; secretKey?: string }> {
|
||||
const res = await fetch('/api/account/2fa', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
credentials: 'same-origin',
|
||||
body: JSON.stringify({ action, ...extra }),
|
||||
})
|
||||
return res.json()
|
||||
}
|
||||
|
||||
/** Ojo para mostrar/ocultar un campo de contraseña/token. */
|
||||
function EyeToggle({ shown, onToggle }: { shown: boolean; onToggle: () => void }) {
|
||||
return (
|
||||
<span
|
||||
className={`far ${shown ? 'fa-eye-slash' : 'fa-eye'} toggle-password`}
|
||||
onClick={onToggle}
|
||||
role="button"
|
||||
tabIndex={0}
|
||||
aria-label={shown ? 'Ocultar' : 'Mostrar'}
|
||||
></span>
|
||||
)
|
||||
}
|
||||
|
||||
export function TwoFactorLogin({ enabled }: { enabled: boolean }) {
|
||||
return (
|
||||
<div className="centered">
|
||||
<br />
|
||||
<br />
|
||||
{enabled ? <DisableForm /> : <ActivateFlow />}
|
||||
</div>
|
||||
)
|
||||
}
|
||||
|
||||
/* ------------------------------ Activar + QR ------------------------------- */
|
||||
function ActivateFlow() {
|
||||
const [password, setPassword] = useState('')
|
||||
const [showPassword, setShowPassword] = useState(false)
|
||||
const [token, setToken] = useState('')
|
||||
const [showToken, setShowToken] = useState(false)
|
||||
const [busy, setBusy] = useState(false)
|
||||
const [msg, setMsg] = useState<Msg>(null)
|
||||
const [qr, setQr] = useState<{ qrCodeUrl: string; secretKey: string } | null>(null)
|
||||
const [done, setDone] = useState(false)
|
||||
|
||||
// verificación
|
||||
const [code, setCode] = useState('')
|
||||
const [vBusy, setVBusy] = useState(false)
|
||||
const [vMsg, setVMsg] = useState<Msg>(null)
|
||||
const [copied, setCopied] = useState(false)
|
||||
|
||||
async function activate(e: React.FormEvent) {
|
||||
e.preventDefault()
|
||||
if (busy) return
|
||||
setBusy(true)
|
||||
setMsg(null)
|
||||
try {
|
||||
const d = await post('activate', { password, securityToken: token })
|
||||
setMsg({ success: !!d.success, text: d.message })
|
||||
if (d.success && d.qrCodeUrl && d.secretKey) setQr({ qrCodeUrl: d.qrCodeUrl, secretKey: d.secretKey })
|
||||
} catch {
|
||||
setMsg({ success: false, text: 'Algo ha salido mal. Por favor intente más tarde.' })
|
||||
} finally {
|
||||
setBusy(false)
|
||||
}
|
||||
}
|
||||
|
||||
async function verify(e: React.FormEvent) {
|
||||
e.preventDefault()
|
||||
if (vBusy) return
|
||||
setVBusy(true)
|
||||
setVMsg(null)
|
||||
try {
|
||||
const d = await post('verify', { code })
|
||||
setVMsg({ success: !!d.success, text: d.message })
|
||||
if (d.success) setDone(true)
|
||||
} catch {
|
||||
setVMsg({ success: false, text: 'Algo ha salido mal. Por favor intente más tarde.' })
|
||||
} finally {
|
||||
setVBusy(false)
|
||||
}
|
||||
}
|
||||
|
||||
function copySecret() {
|
||||
if (!qr) return
|
||||
navigator.clipboard?.writeText(qr.secretKey).then(() => {
|
||||
setCopied(true)
|
||||
setTimeout(() => setCopied(false), 1500)
|
||||
})
|
||||
}
|
||||
|
||||
return (
|
||||
<>
|
||||
<form onSubmit={activate} id="uw-2fa-form">
|
||||
<table className="middle-center-table">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<input
|
||||
type={showPassword ? 'text' : 'password'}
|
||||
maxLength={16}
|
||||
name="password"
|
||||
id="password"
|
||||
placeholder="Contraseña"
|
||||
value={password}
|
||||
onChange={(e) => setPassword(e.target.value)}
|
||||
disabled={!!qr}
|
||||
/>
|
||||
<EyeToggle shown={showPassword} onToggle={() => setShowPassword((s) => !s)} />
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<input
|
||||
type={showToken ? 'text' : 'password'}
|
||||
maxLength={6}
|
||||
name="security-token"
|
||||
id="security-token"
|
||||
placeholder="Token de seguridad"
|
||||
value={token}
|
||||
onChange={(e) => setToken(e.target.value)}
|
||||
disabled={!!qr}
|
||||
/>
|
||||
<EyeToggle shown={showToken} onToggle={() => setShowToken((s) => !s)} />
|
||||
</td>
|
||||
</tr>
|
||||
{!qr && (
|
||||
<tr>
|
||||
<td>
|
||||
<button type="submit" className="activate-2fa-button" disabled={busy}>
|
||||
{busy ? 'Activando 2FA' : 'Activar 2FA'}
|
||||
</button>
|
||||
</td>
|
||||
</tr>
|
||||
)}
|
||||
</tbody>
|
||||
</table>
|
||||
</form>
|
||||
<hr />
|
||||
{msg && (
|
||||
<div className={`alert-message ${msg.success ? 'green-info' : 'red-info'}`} style={{ display: 'block' }}>
|
||||
{msg.text}
|
||||
</div>
|
||||
)}
|
||||
|
||||
{qr && (
|
||||
<div id="qr-code-container">
|
||||
<p>Paso 1) Descarga la aplicación de autenticación:</p>
|
||||
<a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2" target="_blank" rel="noopener noreferrer" title="Google Authenticator (Android)">
|
||||
<img src={`${LOGOS}/google-play.png`} alt="Google Play" className="google-play-logo" />
|
||||
</a>
|
||||
<a href="https://apps.apple.com/app/google-authenticator/id388497605" target="_blank" rel="noopener noreferrer" title="Google Authenticator (iOS)">
|
||||
<img src={`${LOGOS}/app-store.png`} alt="App Store" className="apple-store-logo" />
|
||||
</a>
|
||||
<br />
|
||||
<br />
|
||||
<p>Paso 2) Escanea este código QR con tu aplicación de autenticación:</p>
|
||||
<img id="qr-code" src={qr.qrCodeUrl} alt="QR Code" />
|
||||
<br />
|
||||
<br />
|
||||
<p>Si no puedes escanear el código QR copia y pega esta clave en tu aplicación de autenticación:</p>
|
||||
<div className="copy-secret-container">
|
||||
<input type="text" id="secret-key" className="centered" value={qr.secretKey} readOnly />
|
||||
<span
|
||||
className={`fa ${copied ? 'fa-check' : 'fa-copy'} copy-btn second-brown`}
|
||||
title={copied ? '¡Copiado!' : 'Copiar clave'}
|
||||
onClick={copySecret}
|
||||
role="button"
|
||||
tabIndex={0}
|
||||
></span>
|
||||
</div>
|
||||
<br />
|
||||
<br />
|
||||
<p>Paso 3) Ingresa el código generado por tu aplicación de autenticación:</p>
|
||||
<form onSubmit={verify} id="uw-2fa-verify-form" autoComplete="off">
|
||||
<table className="middle-center-table">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<input
|
||||
type="text"
|
||||
maxLength={6}
|
||||
name="authenticator-code"
|
||||
id="authenticator-code"
|
||||
placeholder="Código de 6 dígitos"
|
||||
required
|
||||
className="centered"
|
||||
inputMode="numeric"
|
||||
pattern="\d{6}"
|
||||
value={code}
|
||||
onChange={(e) => setCode(e.target.value)}
|
||||
disabled={done}
|
||||
/>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<button type="submit" className="verify-2fa-button" disabled={vBusy || done}>
|
||||
{done ? 'Verificado ✔️' : vBusy ? 'Verificando...' : 'Verificar código'}
|
||||
</button>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</form>
|
||||
<hr />
|
||||
{vMsg && (
|
||||
<div className={`alert-message ${vMsg.success ? 'green-info' : 'red-info'}`} style={{ display: 'block' }}>
|
||||
{vMsg.text}
|
||||
</div>
|
||||
)}
|
||||
<br />
|
||||
</div>
|
||||
)}
|
||||
</>
|
||||
)
|
||||
}
|
||||
|
||||
/* ------------------------------- Desactivar -------------------------------- */
|
||||
function DisableForm() {
|
||||
const [code, setCode] = useState('')
|
||||
const [busy, setBusy] = useState(false)
|
||||
const [msg, setMsg] = useState<Msg>(null)
|
||||
const [done, setDone] = useState(false)
|
||||
|
||||
async function disable(e: React.FormEvent) {
|
||||
e.preventDefault()
|
||||
if (busy) return
|
||||
setBusy(true)
|
||||
setMsg(null)
|
||||
try {
|
||||
const d = await post('disable', { code })
|
||||
setMsg({ success: !!d.success, text: d.message })
|
||||
if (d.success) setDone(true)
|
||||
} catch {
|
||||
setMsg({ success: false, text: 'Algo ha salido mal. Por favor intente más tarde.' })
|
||||
} finally {
|
||||
setBusy(false)
|
||||
}
|
||||
}
|
||||
|
||||
return (
|
||||
<>
|
||||
<p className="green-info"><i className="fas fa-shield-alt"></i> La verificación en 2 pasos está activada en esta cuenta.</p>
|
||||
<p>Para desactivarla, introduce un código actual de tu aplicación de autenticación.</p>
|
||||
<br />
|
||||
<form onSubmit={disable} id="uw-2fa-disable-form">
|
||||
<table className="middle-center-table">
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<input
|
||||
type="text"
|
||||
maxLength={6}
|
||||
name="authenticator-code"
|
||||
placeholder="Código de 6 dígitos"
|
||||
required
|
||||
className="centered"
|
||||
inputMode="numeric"
|
||||
pattern="\d{6}"
|
||||
value={code}
|
||||
onChange={(e) => setCode(e.target.value)}
|
||||
disabled={done}
|
||||
/>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<button type="submit" className="deactivate-2fa-button" disabled={busy || done}>
|
||||
{done ? '2FA desactivado ✔️' : busy ? 'Desactivando...' : 'Desactivar 2FA'}
|
||||
</button>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</form>
|
||||
<hr />
|
||||
{msg && (
|
||||
<div className={`alert-message ${msg.success ? 'green-info' : 'red-info'}`} style={{ display: 'block' }}>
|
||||
{msg.text}
|
||||
</div>
|
||||
)}
|
||||
</>
|
||||
)
|
||||
}
|
||||
@@ -7,6 +7,10 @@ export interface SessionData {
|
||||
bnetEmail?: string
|
||||
username?: string // cuenta de juego elegida (<bnetId>#<index>)
|
||||
accountId?: number
|
||||
// Secreto TOTP pendiente de confirmar (hex) durante el alta de 2FA, ligado a
|
||||
// la cuenta de juego que lo generó. Se guarda sólo hasta verificar el código.
|
||||
pending2fa?: string
|
||||
pending2faFor?: number
|
||||
}
|
||||
|
||||
export const sessionOptions: SessionOptions = {
|
||||
|
||||
@@ -0,0 +1,159 @@
|
||||
import crypto from 'node:crypto'
|
||||
import type { RowDataPacket } from 'mysql2'
|
||||
import { db, DB } from './db'
|
||||
|
||||
/**
|
||||
* TOTP para el login del juego (Battle.net / AzerothCore 3.4.3).
|
||||
*
|
||||
* El secreto se guarda en `acore_auth.account.totp_secret` (VARBINARY). El
|
||||
* servidor lo lee y valida en cada inicio de sesión. Reproduce exactamente la
|
||||
* implementación del core (src/common/Cryptography/TOTP.cpp): HMAC-SHA1, ventana
|
||||
* de 30 s, 6 dígitos y una tolerancia de ±1 intervalo.
|
||||
*
|
||||
* Almacenamiento (igual que `.account 2fa setup` del core):
|
||||
* - Sin master key (por defecto, TOTPMasterSecret vacío): se guarda el secreto
|
||||
* en crudo (20 bytes).
|
||||
* - Con master key (TOTP_MASTER_SECRET = mismo hex que TOTPMasterSecret del
|
||||
* bnetserver): se cifra con AES-128-GCM y se guarda `ciphertext‖IV(12)‖tag(12)`.
|
||||
*/
|
||||
|
||||
const SECRET_LENGTH = 20
|
||||
const INTERVAL = 30
|
||||
|
||||
/* --------------------------------- Base32 ---------------------------------- */
|
||||
const B32_ALPHABET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'
|
||||
|
||||
export function base32Encode(buf: Buffer): string {
|
||||
let bits = 0
|
||||
let value = 0
|
||||
let out = ''
|
||||
for (const byte of buf) {
|
||||
value = (value << 8) | byte
|
||||
bits += 8
|
||||
while (bits >= 5) {
|
||||
out += B32_ALPHABET[(value >>> (bits - 5)) & 31]
|
||||
bits -= 5
|
||||
}
|
||||
}
|
||||
if (bits > 0) out += B32_ALPHABET[(value << (5 - bits)) & 31]
|
||||
return out // sin relleno '='; los autenticadores lo aceptan
|
||||
}
|
||||
|
||||
/* ---------------------------------- TOTP ----------------------------------- */
|
||||
/** Genera el token de 6 dígitos para un instante dado (mismo algoritmo que el core). */
|
||||
export function generateToken(secret: Buffer, timestamp: number): number {
|
||||
let counter = Math.floor(timestamp / INTERVAL)
|
||||
const challenge = Buffer.alloc(8)
|
||||
for (let i = 7; i >= 0; i--) {
|
||||
challenge[i] = counter & 0xff
|
||||
counter = Math.floor(counter / 256)
|
||||
}
|
||||
const digest = crypto.createHmac('sha1', secret).update(challenge).digest()
|
||||
const offset = digest[19] & 0xf
|
||||
const truncated =
|
||||
(((digest[offset] & 0x7f) << 24) |
|
||||
(digest[offset + 1] << 16) |
|
||||
(digest[offset + 2] << 8) |
|
||||
digest[offset + 3]) >>>
|
||||
0
|
||||
return truncated % 1000000
|
||||
}
|
||||
|
||||
/** Valida un token con tolerancia de ±1 intervalo (now-30, now, now+30). */
|
||||
export function validateToken(secret: Buffer, token: number): boolean {
|
||||
const now = Math.floor(Date.now() / 1000)
|
||||
return (
|
||||
token === generateToken(secret, now - INTERVAL) ||
|
||||
token === generateToken(secret, now) ||
|
||||
token === generateToken(secret, now + INTERVAL)
|
||||
)
|
||||
}
|
||||
|
||||
/* -------------------------------- otpauth ---------------------------------- */
|
||||
export function otpauthUrl(issuer: string, label: string, secretBase32: string): string {
|
||||
const iss = encodeURIComponent(issuer)
|
||||
const lbl = encodeURIComponent(label)
|
||||
return `otpauth://totp/${iss}:${lbl}?secret=${secretBase32}&issuer=${iss}&algorithm=SHA1&digits=6&period=30`
|
||||
}
|
||||
|
||||
/* ------------------------ Cifrado para la base de datos --------------------- */
|
||||
// Clave AES de 16 bytes desde el master key hex, en little-endian (igual que
|
||||
// BigNumber::ToByteArray del core, cuyo valor por defecto es littleEndian=true).
|
||||
function masterKeyBytes(): Buffer | null {
|
||||
const hex = (process.env.TOTP_MASTER_SECRET || '').trim()
|
||||
if (!hex) return null
|
||||
let n: bigint
|
||||
try {
|
||||
n = BigInt('0x' + hex.replace(/^0x/i, ''))
|
||||
} catch {
|
||||
return null
|
||||
}
|
||||
const buf = Buffer.alloc(16)
|
||||
let v = n
|
||||
for (let i = 0; i < 16; i++) {
|
||||
buf[i] = Number(v & 0xffn)
|
||||
v >>= 8n
|
||||
}
|
||||
return buf
|
||||
}
|
||||
|
||||
/** Codifica el secreto para guardarlo en `account.totp_secret` (crudo o AES-GCM). */
|
||||
export function encodeSecretForDb(raw: Buffer): Buffer {
|
||||
const key = masterKeyBytes()
|
||||
if (!key) return raw
|
||||
const iv = crypto.randomBytes(12)
|
||||
const cipher = crypto.createCipheriv('aes-128-gcm', key, iv, { authTagLength: 12 })
|
||||
const ct = Buffer.concat([cipher.update(raw), cipher.final()])
|
||||
const tag = cipher.getAuthTag() // 12 bytes
|
||||
return Buffer.concat([ct, iv, tag]) // ciphertext ‖ IV(12) ‖ tag(12)
|
||||
}
|
||||
|
||||
/** Decodifica el secreto almacenado (crudo o AES-GCM). Devuelve null si falla. */
|
||||
export function decodeSecretFromDb(stored: Buffer): Buffer | null {
|
||||
const key = masterKeyBytes()
|
||||
if (!key) return stored
|
||||
if (stored.length < 24) return null
|
||||
const tag = stored.subarray(stored.length - 12)
|
||||
const iv = stored.subarray(stored.length - 24, stored.length - 12)
|
||||
const ct = stored.subarray(0, stored.length - 24)
|
||||
try {
|
||||
const decipher = crypto.createDecipheriv('aes-128-gcm', key, iv, { authTagLength: 12 })
|
||||
decipher.setAuthTag(tag)
|
||||
return Buffer.concat([decipher.update(ct), decipher.final()])
|
||||
} catch {
|
||||
return null
|
||||
}
|
||||
}
|
||||
|
||||
/* --------------------------- Acceso a la cuenta ---------------------------- */
|
||||
export async function is2faEnabled(accountId: number): Promise<boolean> {
|
||||
const [rows] = await db(DB.auth).query<RowDataPacket[]>(
|
||||
'SELECT totp_secret FROM account WHERE id = ?',
|
||||
[accountId],
|
||||
)
|
||||
return Boolean(rows[0] && rows[0].totp_secret != null)
|
||||
}
|
||||
|
||||
/** Devuelve el secreto TOTP en crudo (descifrado) de la cuenta, o null si no tiene 2FA. */
|
||||
export async function getAccountTotpSecret(accountId: number): Promise<Buffer | null> {
|
||||
const [rows] = await db(DB.auth).query<RowDataPacket[]>(
|
||||
'SELECT totp_secret FROM account WHERE id = ?',
|
||||
[accountId],
|
||||
)
|
||||
const stored = rows[0]?.totp_secret
|
||||
if (stored == null) return null
|
||||
return decodeSecretFromDb(Buffer.from(stored))
|
||||
}
|
||||
|
||||
export async function setAccountTotpSecret(accountId: number, raw: Buffer): Promise<void> {
|
||||
await db(DB.auth).query('UPDATE account SET totp_secret = ? WHERE id = ?', [encodeSecretForDb(raw), accountId])
|
||||
}
|
||||
|
||||
export async function clearAccountTotpSecret(accountId: number): Promise<void> {
|
||||
await db(DB.auth).query('UPDATE account SET totp_secret = NULL WHERE id = ?', [accountId])
|
||||
}
|
||||
|
||||
/** Genera un secreto TOTP aleatorio (20 bytes, como RECOMMENDED_SECRET_LENGTH del core). */
|
||||
export function generateSecret(): Buffer {
|
||||
return crypto.randomBytes(SECRET_LENGTH)
|
||||
}
|
||||
Generated
+249
-5
@@ -8,11 +8,13 @@
|
||||
"name": "web-next",
|
||||
"version": "0.1.0",
|
||||
"dependencies": {
|
||||
"@types/qrcode": "^1.5.6",
|
||||
"iron-session": "^8.0.4",
|
||||
"mysql2": "^3.22.6",
|
||||
"next": "16.2.10",
|
||||
"next-intl": "^4.13.2",
|
||||
"nodemailer": "^9.0.3",
|
||||
"qrcode": "^1.5.4",
|
||||
"react": "19.2.4",
|
||||
"react-dom": "19.2.4",
|
||||
"sanitize-html": "^2.17.6",
|
||||
@@ -2450,6 +2452,14 @@
|
||||
"@types/node": "*"
|
||||
}
|
||||
},
|
||||
"node_modules/@types/qrcode": {
|
||||
"version": "1.5.6",
|
||||
"resolved": "https://registry.npmjs.org/@types/qrcode/-/qrcode-1.5.6.tgz",
|
||||
"integrity": "sha512-te7NQcV2BOvdj2b1hCAHzAoMNuj65kNBMz0KBaxM6c3VGBOhU0dURQKOtH8CFNI/dsKkwlv32p26qYQTWoB5bw==",
|
||||
"dependencies": {
|
||||
"@types/node": "*"
|
||||
}
|
||||
},
|
||||
"node_modules/@types/react": {
|
||||
"version": "19.2.17",
|
||||
"resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.17.tgz",
|
||||
@@ -3192,11 +3202,18 @@
|
||||
"url": "https://github.com/sponsors/epoberezkin"
|
||||
}
|
||||
},
|
||||
"node_modules/ansi-regex": {
|
||||
"version": "5.0.1",
|
||||
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz",
|
||||
"integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==",
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/ansi-styles": {
|
||||
"version": "4.3.0",
|
||||
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
|
||||
"integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"color-convert": "^2.0.1"
|
||||
},
|
||||
@@ -3558,6 +3575,14 @@
|
||||
"node": ">=6"
|
||||
}
|
||||
},
|
||||
"node_modules/camelcase": {
|
||||
"version": "5.3.1",
|
||||
"resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz",
|
||||
"integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==",
|
||||
"engines": {
|
||||
"node": ">=6"
|
||||
}
|
||||
},
|
||||
"node_modules/caniuse-lite": {
|
||||
"version": "1.0.30001805",
|
||||
"resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001805.tgz",
|
||||
@@ -3598,11 +3623,20 @@
|
||||
"resolved": "https://registry.npmjs.org/client-only/-/client-only-0.0.1.tgz",
|
||||
"integrity": "sha512-IV3Ou0jSMzZrd3pZ48nLkT9DA7Ag1pnPzaiQhpW7c3RbcqqzvzzVu+L8gfqMp/8IM2MQtSiqaCxrrcfu8I8rMA=="
|
||||
},
|
||||
"node_modules/cliui": {
|
||||
"version": "6.0.0",
|
||||
"resolved": "https://registry.npmjs.org/cliui/-/cliui-6.0.0.tgz",
|
||||
"integrity": "sha512-t6wbgtoCXvAzst7QgXxJYqPt0usEfbgQdftEPbLL/cvv6HPE5VgvqCuAIDR0NgU52ds6rFwqrgakNLrHEjCbrQ==",
|
||||
"dependencies": {
|
||||
"string-width": "^4.2.0",
|
||||
"strip-ansi": "^6.0.0",
|
||||
"wrap-ansi": "^6.2.0"
|
||||
}
|
||||
},
|
||||
"node_modules/color-convert": {
|
||||
"version": "2.0.1",
|
||||
"resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
|
||||
"integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"color-name": "~1.1.4"
|
||||
},
|
||||
@@ -3613,8 +3647,7 @@
|
||||
"node_modules/color-name": {
|
||||
"version": "1.1.4",
|
||||
"resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
|
||||
"integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==",
|
||||
"dev": true
|
||||
"integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
|
||||
},
|
||||
"node_modules/concat-map": {
|
||||
"version": "0.0.1",
|
||||
@@ -3735,6 +3768,14 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"node_modules/decamelize": {
|
||||
"version": "1.2.0",
|
||||
"resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz",
|
||||
"integrity": "sha512-z2S+W9X73hAUUki+N+9Za2lBlun89zigOyGrsax+KUQ6wKW4ZoWpEYBkGhQjwAjjDCkWxhY0VKEhk8wzY7F5cA==",
|
||||
"engines": {
|
||||
"node": ">=0.10.0"
|
||||
}
|
||||
},
|
||||
"node_modules/deep-is": {
|
||||
"version": "0.1.4",
|
||||
"resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz",
|
||||
@@ -3799,6 +3840,11 @@
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/dijkstrajs": {
|
||||
"version": "1.0.3",
|
||||
"resolved": "https://registry.npmjs.org/dijkstrajs/-/dijkstrajs-1.0.3.tgz",
|
||||
"integrity": "sha512-qiSlmBq9+BCdCA/L46dw8Uy93mloxsPSbwnm5yrKn2vMPiy8KyAskTF6zuV/j5BMsmOGZDPs7KjU+mjb670kfA=="
|
||||
},
|
||||
"node_modules/doctrine": {
|
||||
"version": "2.1.0",
|
||||
"resolved": "https://registry.npmjs.org/doctrine/-/doctrine-2.1.0.tgz",
|
||||
@@ -4771,6 +4817,14 @@
|
||||
"node": ">=6.9.0"
|
||||
}
|
||||
},
|
||||
"node_modules/get-caller-file": {
|
||||
"version": "2.0.5",
|
||||
"resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz",
|
||||
"integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==",
|
||||
"engines": {
|
||||
"node": "6.* || 8.* || >= 10.*"
|
||||
}
|
||||
},
|
||||
"node_modules/get-intrinsic": {
|
||||
"version": "1.3.0",
|
||||
"resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz",
|
||||
@@ -5312,6 +5366,14 @@
|
||||
"url": "https://github.com/sponsors/ljharb"
|
||||
}
|
||||
},
|
||||
"node_modules/is-fullwidth-code-point": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
|
||||
"integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==",
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/is-generator-function": {
|
||||
"version": "1.1.2",
|
||||
"resolved": "https://registry.npmjs.org/is-generator-function/-/is-generator-function-1.1.2.tgz",
|
||||
@@ -6521,6 +6583,14 @@
|
||||
"url": "https://github.com/sponsors/sindresorhus"
|
||||
}
|
||||
},
|
||||
"node_modules/p-try": {
|
||||
"version": "2.2.0",
|
||||
"resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz",
|
||||
"integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==",
|
||||
"engines": {
|
||||
"node": ">=6"
|
||||
}
|
||||
},
|
||||
"node_modules/parent-module": {
|
||||
"version": "1.0.1",
|
||||
"resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz",
|
||||
@@ -6542,7 +6612,6 @@
|
||||
"version": "4.0.0",
|
||||
"resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz",
|
||||
"integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==",
|
||||
"dev": true,
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
@@ -6579,6 +6648,14 @@
|
||||
"url": "https://github.com/sponsors/jonschlinkert"
|
||||
}
|
||||
},
|
||||
"node_modules/pngjs": {
|
||||
"version": "5.0.0",
|
||||
"resolved": "https://registry.npmjs.org/pngjs/-/pngjs-5.0.0.tgz",
|
||||
"integrity": "sha512-40QW5YalBNfQo5yRYmiw7Yz6TKKVr3h6970B2YE+3fQpsWcrbj1PzJgxeJ19DRQjhMbKPIuMY8rFaXc8moolVw==",
|
||||
"engines": {
|
||||
"node": ">=10.13.0"
|
||||
}
|
||||
},
|
||||
"node_modules/po-parser": {
|
||||
"version": "2.1.1",
|
||||
"resolved": "https://registry.npmjs.org/po-parser/-/po-parser-2.1.1.tgz",
|
||||
@@ -6649,6 +6726,22 @@
|
||||
"node": ">=6"
|
||||
}
|
||||
},
|
||||
"node_modules/qrcode": {
|
||||
"version": "1.5.4",
|
||||
"resolved": "https://registry.npmjs.org/qrcode/-/qrcode-1.5.4.tgz",
|
||||
"integrity": "sha512-1ca71Zgiu6ORjHqFBDpnSMTR2ReToX4l1Au1VFLyVeBTFavzQnv5JxMFr3ukHVKpSrSA2MCk0lNJSykjUfz7Zg==",
|
||||
"dependencies": {
|
||||
"dijkstrajs": "^1.0.1",
|
||||
"pngjs": "^5.0.0",
|
||||
"yargs": "^15.3.1"
|
||||
},
|
||||
"bin": {
|
||||
"qrcode": "bin/qrcode"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=10.13.0"
|
||||
}
|
||||
},
|
||||
"node_modules/queue-microtask": {
|
||||
"version": "1.2.3",
|
||||
"resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz",
|
||||
@@ -6736,6 +6829,19 @@
|
||||
"url": "https://github.com/sponsors/ljharb"
|
||||
}
|
||||
},
|
||||
"node_modules/require-directory": {
|
||||
"version": "2.1.1",
|
||||
"resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
|
||||
"integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==",
|
||||
"engines": {
|
||||
"node": ">=0.10.0"
|
||||
}
|
||||
},
|
||||
"node_modules/require-main-filename": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz",
|
||||
"integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg=="
|
||||
},
|
||||
"node_modules/resolve": {
|
||||
"version": "2.0.0-next.7",
|
||||
"resolved": "https://registry.npmjs.org/resolve/-/resolve-2.0.0-next.7.tgz",
|
||||
@@ -6898,6 +7004,11 @@
|
||||
"semver": "bin/semver.js"
|
||||
}
|
||||
},
|
||||
"node_modules/set-blocking": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz",
|
||||
"integrity": "sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw=="
|
||||
},
|
||||
"node_modules/set-function-length": {
|
||||
"version": "1.2.2",
|
||||
"resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz",
|
||||
@@ -7134,6 +7245,24 @@
|
||||
"node": ">= 0.4"
|
||||
}
|
||||
},
|
||||
"node_modules/string-width": {
|
||||
"version": "4.2.3",
|
||||
"resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz",
|
||||
"integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==",
|
||||
"dependencies": {
|
||||
"emoji-regex": "^8.0.0",
|
||||
"is-fullwidth-code-point": "^3.0.0",
|
||||
"strip-ansi": "^6.0.1"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/string-width/node_modules/emoji-regex": {
|
||||
"version": "8.0.0",
|
||||
"resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
|
||||
"integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A=="
|
||||
},
|
||||
"node_modules/string.prototype.includes": {
|
||||
"version": "2.0.1",
|
||||
"resolved": "https://registry.npmjs.org/string.prototype.includes/-/string.prototype.includes-2.0.1.tgz",
|
||||
@@ -7242,6 +7371,17 @@
|
||||
"url": "https://github.com/sponsors/ljharb"
|
||||
}
|
||||
},
|
||||
"node_modules/strip-ansi": {
|
||||
"version": "6.0.1",
|
||||
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
|
||||
"integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
|
||||
"dependencies": {
|
||||
"ansi-regex": "^5.0.1"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/strip-bom": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz",
|
||||
@@ -7785,6 +7925,11 @@
|
||||
"url": "https://github.com/sponsors/ljharb"
|
||||
}
|
||||
},
|
||||
"node_modules/which-module": {
|
||||
"version": "2.0.1",
|
||||
"resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.1.tgz",
|
||||
"integrity": "sha512-iBdZ57RDvnOR9AGBhML2vFZf7h8vmBjhoaZqODJBFWHVtKkDmKuHai3cx5PgVMrX5YDNp27AofYbAwctSS+vhQ=="
|
||||
},
|
||||
"node_modules/which-typed-array": {
|
||||
"version": "1.1.22",
|
||||
"resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.22.tgz",
|
||||
@@ -7815,12 +7960,111 @@
|
||||
"node": ">=0.10.0"
|
||||
}
|
||||
},
|
||||
"node_modules/wrap-ansi": {
|
||||
"version": "6.2.0",
|
||||
"resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz",
|
||||
"integrity": "sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==",
|
||||
"dependencies": {
|
||||
"ansi-styles": "^4.0.0",
|
||||
"string-width": "^4.1.0",
|
||||
"strip-ansi": "^6.0.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/y18n": {
|
||||
"version": "4.0.3",
|
||||
"resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.3.tgz",
|
||||
"integrity": "sha512-JKhqTOwSrqNA1NY5lSztJ1GrBiUodLMmIZuLiDaMRJ+itFd+ABVE8XBjOvIWL+rSqNDC74LCSFmlb/U4UZ4hJQ=="
|
||||
},
|
||||
"node_modules/yallist": {
|
||||
"version": "3.1.1",
|
||||
"resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
|
||||
"integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==",
|
||||
"dev": true
|
||||
},
|
||||
"node_modules/yargs": {
|
||||
"version": "15.4.1",
|
||||
"resolved": "https://registry.npmjs.org/yargs/-/yargs-15.4.1.tgz",
|
||||
"integrity": "sha512-aePbxDmcYW++PaqBsJ+HYUFwCdv4LVvdnhBy78E57PIor8/OVvhMrADFFEDh8DHDFRv/O9i3lPhsENjO7QX0+A==",
|
||||
"dependencies": {
|
||||
"cliui": "^6.0.0",
|
||||
"decamelize": "^1.2.0",
|
||||
"find-up": "^4.1.0",
|
||||
"get-caller-file": "^2.0.1",
|
||||
"require-directory": "^2.1.1",
|
||||
"require-main-filename": "^2.0.0",
|
||||
"set-blocking": "^2.0.0",
|
||||
"string-width": "^4.2.0",
|
||||
"which-module": "^2.0.0",
|
||||
"y18n": "^4.0.0",
|
||||
"yargs-parser": "^18.1.2"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/yargs-parser": {
|
||||
"version": "18.1.3",
|
||||
"resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-18.1.3.tgz",
|
||||
"integrity": "sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ==",
|
||||
"dependencies": {
|
||||
"camelcase": "^5.0.0",
|
||||
"decamelize": "^1.2.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=6"
|
||||
}
|
||||
},
|
||||
"node_modules/yargs/node_modules/find-up": {
|
||||
"version": "4.1.0",
|
||||
"resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz",
|
||||
"integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==",
|
||||
"dependencies": {
|
||||
"locate-path": "^5.0.0",
|
||||
"path-exists": "^4.0.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/yargs/node_modules/locate-path": {
|
||||
"version": "5.0.0",
|
||||
"resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz",
|
||||
"integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==",
|
||||
"dependencies": {
|
||||
"p-locate": "^4.1.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/yargs/node_modules/p-limit": {
|
||||
"version": "2.3.0",
|
||||
"resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz",
|
||||
"integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==",
|
||||
"dependencies": {
|
||||
"p-try": "^2.0.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=6"
|
||||
},
|
||||
"funding": {
|
||||
"url": "https://github.com/sponsors/sindresorhus"
|
||||
}
|
||||
},
|
||||
"node_modules/yargs/node_modules/p-locate": {
|
||||
"version": "4.1.0",
|
||||
"resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz",
|
||||
"integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==",
|
||||
"dependencies": {
|
||||
"p-limit": "^2.2.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
}
|
||||
},
|
||||
"node_modules/yocto-queue": {
|
||||
"version": "0.1.0",
|
||||
"resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz",
|
||||
|
||||
@@ -9,11 +9,13 @@
|
||||
"lint": "eslint"
|
||||
},
|
||||
"dependencies": {
|
||||
"@types/qrcode": "^1.5.6",
|
||||
"iron-session": "^8.0.4",
|
||||
"mysql2": "^3.22.6",
|
||||
"next": "16.2.10",
|
||||
"next-intl": "^4.13.2",
|
||||
"nodemailer": "^9.0.3",
|
||||
"qrcode": "^1.5.4",
|
||||
"react": "19.2.4",
|
||||
"react-dom": "19.2.4",
|
||||
"sanitize-html": "^2.17.6",
|
||||
|
||||
@@ -1028,7 +1028,7 @@ textarea:focus, select:focus, input[type=password]:focus, input[type=number]:foc
|
||||
width: 304px;
|
||||
}
|
||||
|
||||
.change-password-button, .change-email-button, .transfer-button, .sec-token-button, .dnt-button, .recover-button, .rename-guild-button, .trade-points-sell-button, .trade-points-buy-button, .trade-points-check-button, .show-gift-button {
|
||||
.change-password-button, .change-email-button, .transfer-button, .sec-token-button, .dnt-button, .recover-button, .rename-guild-button, .trade-points-sell-button, .trade-points-buy-button, .trade-points-check-button, .show-gift-button, .activate-2fa-button, .verify-2fa-button, .deactivate-2fa-button, .confirm-deactivate-2fa-button {
|
||||
display: block;
|
||||
width: 304px;
|
||||
margin: 0 auto;
|
||||
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 82 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 24 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 10 KiB |
Reference in New Issue
Block a user