feat: expose totpEnabled status and pass TOTP token through sync setup

Author: JYC333

apps/server/src/routes/api/setup.ts

@@ -1,16 +1,19 @@
-"use strict";
 
-import sqlInit from "../../services/sql_init.js";
-import setupService from "../../services/setup.js";
-import log from "../../services/log.js";
-import appInfo from "../../services/app_info.js";
+
 import type { Request } from "express";
 
+import appInfo from "../../services/app_info.js";
+import log from "../../services/log.js";
+import setupService from "../../services/setup.js";
+import sqlInit from "../../services/sql_init.js";
+import totp from "../../services/totp.js";
+
 function getStatus() {
     return {
         isInitialized: sqlInit.isDbInitialized(),
         schemaExists: sqlInit.schemaExists(),
-        syncVersion: appInfo.syncVersion
+        syncVersion: appInfo.syncVersion,
+        totpEnabled: totp.isTotpEnabled()
     };
 }
 
@@ -19,9 +22,9 @@ async function setupNewDocument() {
 }
 
 function setupSyncFromServer(req: Request) {
-    const { syncServerHost, syncProxy, password } = req.body;
+    const { syncServerHost, syncProxy, password, totpToken } = req.body;
 
-    return setupService.setupSyncFromSyncServer(syncServerHost, syncProxy, password);
+    return setupService.setupSyncFromSyncServer(syncServerHost, syncProxy, password, totpToken);
 }
 
 function saveSyncSeed(req: Request) {
@@ -82,10 +85,26 @@ function getSyncSeed() {
     };
 }
 
+async function checkServerTotpStatus(req: Request) {
+    const { syncServerHost } = req.body;
+
+    if (!syncServerHost) {
+        return { totpEnabled: false };
+    }
+
+    try {
+        const resp = await setupService.checkRemoteTotpStatus(syncServerHost);
+        return { totpEnabled: !!resp.totpEnabled };
+    } catch {
+        return { totpEnabled: false };
+    }
+}
+
 export default {
     getStatus,
     setupNewDocument,
     setupSyncFromServer,
     getSyncSeed,
-    saveSyncSeed
+    saveSyncSeed,
+    checkServerTotpStatus
 };

apps/server/src/routes/routes.ts

@@ -244,6 +244,7 @@ function register(app: express.Application) {
     asyncRoute(PST, "/api/setup/sync-from-server", [auth.checkAppNotInitialized], setupApiRoute.setupSyncFromServer, apiResultHandler);
     route(GET, "/api/setup/sync-seed", [loginRateLimiter, auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
     asyncRoute(PST, "/api/setup/sync-seed", [auth.checkAppNotInitialized], setupApiRoute.saveSyncSeed, apiResultHandler);
+    asyncRoute(PST, "/api/setup/check-server-totp", [auth.checkAppNotInitialized], setupApiRoute.checkServerTotpStatus, apiResultHandler);
 
     apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
     apiRoute(GET, "/api/autocomplete/notesCount", autocompleteApiRoute.getNotesCount);

apps/server/src/services/api-interface.ts

@@ -6,6 +6,7 @@ import type { OptionRow } from "@triliumnext/commons";
 export interface SetupStatusResponse {
     syncVersion: number;
     schemaExists: boolean;
+    totpEnabled: boolean;
 }
 
 /**

apps/server/src/services/setup.ts

@@ -1,13 +1,13 @@
-import syncService from "./sync.js";
+import becca from "../becca/becca.js";
+import type { SetupStatusResponse, SetupSyncSeedResponse } from "./api-interface.js";
+import appInfo from "./app_info.js";
 import log from "./log.js";
-import sqlInit from "./sql_init.js";
 import optionService from "./options.js";
-import syncOptions from "./sync_options.js";
 import request from "./request.js";
-import appInfo from "./app_info.js";
+import sqlInit from "./sql_init.js";
+import syncService from "./sync.js";
+import syncOptions from "./sync_options.js";
 import { timeLimit } from "./utils.js";
-import becca from "../becca/becca.js";
-import type { SetupStatusResponse, SetupSyncSeedResponse } from "./api-interface.js";
 
 async function hasSyncServerSchemaAndSeed() {
     const response = await requestToSyncServer<SetupStatusResponse>("GET", "/api/setup/status");
@@ -55,13 +55,13 @@ async function requestToSyncServer<T>(method: string, path: string, body?: strin
             url: syncOptions.getSyncServerHost() + path,
             body,
             proxy: syncOptions.getSyncProxy(),
-            timeout: timeout
+            timeout
         }),
         timeout
     )) as T;
 }
 
-async function setupSyncFromSyncServer(syncServerHost: string, syncProxy: string, password: string) {
+async function setupSyncFromSyncServer(syncServerHost: string, syncProxy: string, password: string, totpToken?: string) {
     if (sqlInit.isDbInitialized()) {
         return {
             result: "failure",
@@ -76,7 +76,7 @@ async function setupSyncFromSyncServer(syncServerHost: string, syncProxy: string
         const resp = await request.exec<SetupSyncSeedResponse>({
             method: "get",
             url: `${syncServerHost}/api/setup/sync-seed`,
-            auth: { password },
+            auth: { password, totpToken },
             proxy: syncProxy,
             timeout: 30000 // seed request should not take long
         });
@@ -111,10 +111,25 @@ function getSyncSeedOptions() {
     return [becca.getOption("documentId"), becca.getOption("documentSecret")];
 }
 
+async function checkRemoteTotpStatus(syncServerHost: string): Promise<{ totpEnabled: boolean }> {
+    try {
+        const resp = await request.exec<{ totpEnabled?: boolean }>({
+            method: "get",
+            url: `${syncServerHost}/api/setup/status`,
+            proxy: null,
+            timeout: 10000
+        });
+        return { totpEnabled: !!resp?.totpEnabled };
+    } catch {
+        return { totpEnabled: false };
+    }
+}
+
 export default {
     hasSyncServerSchemaAndSeed,
     triggerSync,
     sendSeedToSyncServer,
     setupSyncFromSyncServer,
-    getSyncSeedOptions
+    getSyncSeedOptions,
+    checkRemoteTotpStatus
 };