Ask preferred 2FA method during registration

Fix #115
Dashlane · Jul 27, 2023 · e10b871 · e10b871
1 parent 120da96
commit e10b871
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 9 deletions.
diff --git a/src/endpoints/getAuthenticationMethodsForDevice.ts b/src/endpoints/getAuthenticationMethodsForDevice.ts
@@ -1,6 +1,5 @@
 import { requestAppApi } from '../requestApi';
-
-type SupportedAuthenticationMethod = 'email_token' | 'totp' | 'duo_push' | 'dashlane_authenticator';
+import { SupportedAuthenticationMethod } from '../types';
 
 const defaultSupportedMethods: SupportedAuthenticationMethod[] = [
     'email_token',
@@ -26,6 +25,7 @@ interface GetAuthenticationMethodsForDeviceResult {
                   isNitroProvider?: boolean;
               };
           }
+        | Record<string, never>
         | {
               type: 'email_token' | 'totp' | 'duo_push' | 'dashlane_authenticator';
           }
@@ -39,6 +39,10 @@ interface GetAuthenticationMethodsForDeviceResult {
               }[];
           }
     )[];
+    /**
+     * Indicates the type of account the user owns
+     */
+    accountType: 'masterPassword' | 'invisibleMasterPassword';
 }
 
 // Unused for now

diff --git a/src/middleware/registerDevice.ts b/src/middleware/registerDevice.ts
@@ -7,9 +7,10 @@ import {
     performEmailTokenVerification,
     performTotpVerification,
 } from '../endpoints';
-import { askOtp, askToken } from '../utils';
+import { askOtp, askToken, askVerificationMethod } from '../utils';
 import { getAuthenticationMethodsForDevice } from '../endpoints/getAuthenticationMethodsForDevice';
 import { requestEmailTokenVerification } from '../endpoints/requestEmailTokenVerification';
+import { SupportedAuthenticationMethod } from '../types';
 
 interface RegisterDevice {
     login: string;
@@ -22,20 +23,31 @@ export const registerDevice = async (
     winston.debug('Registering the device...');
 
     // Log in via a compatible verification method
-    const { verifications } = await getAuthenticationMethodsForDevice({ login });
+    const { verifications, accountType } = await getAuthenticationMethodsForDevice({ login });
+
+    if (accountType === 'invisibleMasterPassword') {
+        throw new Error('Master password-less is currently not supported');
+    }
+
+    const selectedVerificationMethod =
+        verifications.length > 1
+            ? await askVerificationMethod(verifications.map((method) => method.type as SupportedAuthenticationMethod))
+            : verifications[0].type;
 
     let authTicket: string;
-    if (verifications.find((method) => method.type === 'duo_push')) {
+    if (selectedVerificationMethod === 'duo_push') {
+        winston.info('Please accept the Duo push notification on your phone');
         ({ authTicket } = await performDuoPushVerification({ login }));
-    } else if (verifications.find((method) => method.type === 'dashlane_authenticator')) {
+    } else if (selectedVerificationMethod === 'dashlane_authenticator') {
+        winston.info('Please accept the Dashlane Authenticator push notification on your phone');
         ({ authTicket } = await performDashlaneAuthenticatorVerification({ login }));
-    } else if (verifications.find((method) => method.type === 'totp')) {
+    } else if (selectedVerificationMethod === 'totp') {
         const otp = await askOtp();
         ({ authTicket } = await performTotpVerification({
             login,
             otp,
         }));
-    } else if (verifications.find((method) => method.type === 'email_token')) {
+    } else if (selectedVerificationMethod === 'email_token') {
         await requestEmailTokenVerification({ login });
 
         const token = await askToken();

diff --git a/src/types.ts b/src/types.ts
@@ -201,3 +201,5 @@ export class PrintableVaultNote {
         return this.vaultNote.title.trim();
     }
 }
+
+export type SupportedAuthenticationMethod = 'email_token' | 'totp' | 'duo_push' | 'dashlane_authenticator';
diff --git a/src/utils/dialogs.ts b/src/utils/dialogs.ts
@@ -1,6 +1,13 @@
 import inquirer from 'inquirer';
 import inquirerSearchList from 'inquirer-search-list';
-import { PrintableVaultCredential, PrintableVaultNote, VaultCredential, VaultNote } from '../types';
+import { removeUnderscoresAndCapitalize } from './strings';
+import {
+    PrintableVaultCredential,
+    PrintableVaultNote,
+    SupportedAuthenticationMethod,
+    VaultCredential,
+    VaultNote,
+} from '../types';
 import PromptConstructor = inquirer.prompts.PromptConstructor;
 
 export const prompt = inquirer.createPromptModule({ output: process.stderr });
@@ -138,3 +145,17 @@ export const askToken = async () => {
     ]);
     return response.token;
 };
+
+export const askVerificationMethod = async (verificationMethods: SupportedAuthenticationMethod[]) => {
+    const response = await inquirer.prompt<{ verificationMethod: string }>([
+        {
+            type: 'list',
+            name: 'verificationMethod',
+            message: 'What second factor method would you like to use?',
+            choices: verificationMethods.map((method) => {
+                return { name: removeUnderscoresAndCapitalize(method), value: method };
+            }),
+        },
+    ]);
+    return response.verificationMethod;
+};
diff --git a/src/utils/strings.ts b/src/utils/strings.ts
@@ -26,3 +26,11 @@ export const getTeamDeviceCredentialsFromEnv = (): TeamDeviceCredentials | null
         return null;
     }
 };
+
+/** Remove underscores and capitalize string */
+export const removeUnderscoresAndCapitalize = (string: string): string => {
+    return string
+        .split('_')
+        .map((word) => word[0].toUpperCase() + word.slice(1))
+        .join(' ');
+};