feat(core): initial Google Authenticator support for 2FA

UI/WebServerResources/js/Common/Authentication.service.js

@@ -62,6 +62,7 @@
           var d = $q.defer(),
               username = data.username,
               password = data.password,
+              verificationCode = data.verificationCode,
               domain = data.domain,
               language,
               rememberLogin = data.rememberLogin ? 1 : 0;
@@ -80,6 +81,7 @@
             data: {
               userName: username,
               password: password,
+              verificationCode: verificationCode,
               domain: domain,
               language: language,
               rememberLogin: rememberLogin
@@ -91,8 +93,12 @@
               d.reject({error: l('cookiesNotEnabled')});
             }
             else {
+              // Check for Google Authenticator 2FA
+              if (typeof data.GoogleAuthenticatorMissingKey != 'undefined' && response.status == 202) {
+                d.resolve({gamissingkey: 1});
+              }
               // Check password policy
-              if (typeof data.expire != 'undefined' && typeof data.grace != 'undefined') {
+              else if (typeof data.expire != 'undefined' && typeof data.grace != 'undefined') {
                 if (data.expire < 0 && data.grace > 0) {
                   d.reject({grace: data.grace});
                   //showPasswordDialog('grace', createPasswordGraceDialog, data['grace']);
@@ -110,7 +116,10 @@
             }
           }, function(response) {
             var msg, perr, data = response.data;
-            if (data && data.LDAPPasswordPolicyError) {
+            if (data && data.GoogleAuthenticatorInvalidKey) {
+              msg = l('You provided an invalid Google Authenticator key.');
+            }
+            else if (data && data.LDAPPasswordPolicyError) {
               perr = data.LDAPPasswordPolicyError;
               if (perr == passwordPolicyConfig.PolicyNoError) {
                 msg = l('Wrong username or password.');

UI/WebServerResources/js/Main/Main.app.js

@@ -23,6 +23,7 @@
       if (/\blanguage=/.test($window.location.search))
         this.creds.language = $window.language;
       this.loginState = false;
+      this.showGoogleAuthenticatorCode = false;
 
       // Show login once everything is initialized
       this.showLogin = false;
@@ -33,16 +34,23 @@
       vm.loginState = 'authenticating';
       Authentication.login(vm.creds)
         .then(function(data) {
-          vm.loginState = 'logged';
-          vm.cn = data.cn;
 
-          // Let the user see the succesfull message before reloading the page
-          $timeout(function() {
-            if ($window.location.href === data.url)
-              $window.location.reload(true);
-            else
-              $window.location.href = data.url;
-          }, 1000);
+          if (typeof data.gamissingkey != 'undefined' && data.gamissingkey == 1) {
+            vm.showGoogleAuthenticatorCode = true;
+            vm.loginState = 'error';
+          }
+          else {
+            vm.loginState = 'logged';
+            vm.cn = data.cn;
+
+            // Let the user see the succesfull message before reloading the page
+            $timeout(function() {
+              if ($window.location.href === data.url)
+                $window.location.reload(true);
+              else
+                $window.location.href = data.url;
+            }, 1000);
+          }
         }, function(msg) {
           vm.loginState = 'error';
           vm.errorMessage = msg.error;