GitList
Browse code

now handling OTP expiration

Louis Jonget authored on28/02/2025 11:42:42
Showing2 changed files
build/synocam_home_switch.pbw
History View file @b07658a
1 1 
Binary files a/build/synocam_home_switch.pbw and b/build/synocam_home_switch.pbw differ
src/pkjs/index.js
History View file @b07658a
... ... 
@@ -50,18 +50,24 @@ function getOtp() {
50 50 
         //console.log('-- seed:' + JSON.parse(localStorage.getItem('clay-settings')).OTP_seed)
51 51 
         //console.log('-- key:' + key)
52 52 
     var epoch = Math.round(new Date().getTime() / 1000.0);
53 
-    var time = leftpad(dec2hex(Math.floor(epoch / 30)), 16, '0');
54 
-    // updated for jsSHA v2.0.0 - http://caligatio.github.io/jsSHA/
55 
-    var shaObj = new jsSHA("SHA-1", "HEX");
56 
-    shaObj.setHMACKey(key, "HEX");
57 
-    shaObj.update(time);
58 
-    var hmac = shaObj.getHMAC("HEX");
59 
-    //console.log('-- hmac:' + hmac)
60 
-    var offset = hex2dec(hmac.substring(hmac.length - 1));
61 
-    //console.log('--offset:' + offset)
62 
-    var otp = (hex2dec(hmac.substring(offset * 2, offset * 2 + 8)) & hex2dec('7fffffff')) + '';
63 
-    otp = (otp).substring(otp.length - 6, otp.length);
64 
-    return otp
53 
+    if ((30-(epoch % 30))<10){
54 
+        console.log('------- waiting for new TOTP,'+ epoch);
55 
+	return false;
56 
+    }else{
57 
+        var time = leftpad(dec2hex(Math.floor(epoch / 30)), 16, '0');
58 
+        // updated for jsSHA v2.0.0 - http://caligatio.github.io/jsSHA/
59 
+        var shaObj = new jsSHA("SHA-1", "HEX");
60 
+        shaObj.setHMACKey(key, "HEX");
61 
+        shaObj.update(time);
62 
+        var hmac = shaObj.getHMAC("HEX");
63 
+        //console.log('-- hmac:' + hmac)
64 
+        var offset = hex2dec(hmac.substring(hmac.length - 1));
65 
+        //console.log('--offset:' + offset)
66 
+        var otp = (hex2dec(hmac.substring(offset * 2, offset * 2 + 8)) & hex2dec('7fffffff')) + '';
67 
+        otp = (otp).substring(otp.length - 6, otp.length);
68 
+        console.log('------- TOTP ' + otp + ' is expiring in ' + (30-(epoch % 30)));
69 
+        return otp
70 
+    }
65 71 
 }
66 72
67 73 
 function xhr_to_syno(method, url_path, onload_function, max_retry) {
... ... 
@@ -146,7 +152,10 @@ function xhr_to_syno(method, url_path, onload_function, max_retry) {
146 152 
                     });
147 153 
                     return false;
148 154 
                 }
149 
-            }
155 
+            } else {
156 
+                console.log('------xhr readyState ' + xhr.readyState );
157 
+
158 
+	    }
150 159 
         };
151 160
152 161 
         xhr.ontimeout = function(e) {
... ... 
@@ -173,6 +182,10 @@ function authenticate() {
173 182 
         var url_path = "/webapi/auth.cgi?api=SYNO.API.Auth&method=Login&version=6&account=" + username + "&passwd=" + password + "&session=SurveillanceStation&format=sid";
174 183 
         if (JSON.parse(localStorage.getItem('clay-settings')).OTP_enabled) {
175 184 
             var otp_code = getOtp()
185 
+            if (!otp_code) {
186 
+                setTimeout(function(){authenticate()},1000);
187 
+		return true;
188 
+	    }
176 189 
             console.log('-- otp_code is :' + otp_code)
177 190 
             url_path = url_path + "&otp_code=" + otp_code
178 191 
         }
... ... 
@@ -211,7 +224,13 @@ function authenticate() {
211 224 
                 }
212 225 
             } else {
213 226 
                 console.log('------Authentication failed : ' + JSON.stringify(response));
214 
-                message = "Authentication failed";
227 
+		    if (response.error.code==400){
228 
+		        console.log('------Authentication failed because of wrong creds');
229 
+                        message = "Authentication failed, check your credentials";
230 
+		    }else if(response.error.code==404){
231 
+			console.log('------Authentication failed because of wrong TOTP');
232 
+                        message = "Authentication failed, check your TOTP seed";
233 
+		    }
215 234 
                 // Build message
216 235 
                 var dict = {
217 236 
                     'auth': message,
... ... 
@@ -224,7 +243,7 @@ function authenticate() {
224 243 
                 });
225 244 
             }
226 245 
         };
227 
-        max_retry = 10;
246 
+        max_retry = 1;
228 247 
         xhr_to_syno(method, url_path, onload_function, max_retry);
229 248 
     } else {
230 249 
         console.log("--- failed to get settings");
... ... 
@@ -331,7 +350,6 @@ function timed_switch_home(duration) {
331 350
332 351 
 function switch_home(bool) {
333 352 
     var response;
334 
-    console.log('---- authenticate');
335 353 
     if (sid != "") {
336 354 
         console.log('---- switching home mode to ' + bool);
337 355 
         var epoch = Math.round(new Date().getTime() / 1000.0);
... ... 
@@ -419,4 +437,4 @@ Pebble.addEventListener('appmessage', function(e) {
419 437 
             console.log('Sorry. I don\'t understand your request :' + dict[0]);
420 438 
     }
421 439
422 
-});
423 440 
\ No newline at end of file
441 
+});