add 2fa

2025-01-24 19:37:17 +01:00
parent c9682ca64d
commit 2c5f1e0417
3 changed files with 272 additions and 70 deletions
@@ -1,7 +1,9 @@
 package ring

 import (
+	"encoding/json"
 	"net/http"
+	"net/url"

 	"github.com/AlexxIT/go2rtc/internal/api"
 	"github.com/AlexxIT/go2rtc/internal/streams"
@@ -18,30 +20,75 @@ func Init() {
 }

 func apiRing(w http.ResponseWriter, r *http.Request) {
-	query := r.URL.Query()
-	refreshToken := query.Get("refresh_token")
+    query := r.URL.Query()
+    var ringAPI *ring.RingRestClient
+    var err error

-	ringAPI, err := ring.NewRingRestClient(ring.RefreshTokenAuth{RefreshToken: refreshToken}, nil)
-	if err != nil {
-		http.Error(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
+    // Check auth method
+    if email := query.Get("email"); email != "" {
+        // Email/Password Flow
+        password := query.Get("password")
+        code := query.Get("code")

-	devices, err := ringAPI.FetchRingDevices()
-	if err != nil {
-		http.Error(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
+        ringAPI, err = ring.NewRingRestClient(ring.EmailAuth{
+            Email:    email,
+            Password: password,
+        }, nil)

-	var items []*api.Source
+        if err != nil {
+            http.Error(w, err.Error(), http.StatusInternalServerError)
+            return
+        }

-	for _, camera := range devices.AllCameras {
-		query.Set("device_id", camera.DeviceID)
+        // Try authentication (this will trigger 2FA if needed)
+        if _, err = ringAPI.GetAuth(code); err != nil {
+            if ringAPI.Using2FA {
+                // Return 2FA prompt
+                json.NewEncoder(w).Encode(map[string]interface{}{
+                    "needs_2fa": true,
+                    "prompt":    ringAPI.PromptFor2FA,
+                })
+                return
+            }
+            http.Error(w, err.Error(), http.StatusInternalServerError)
+            return
+        }
+    } else {
+        // Refresh Token Flow
+        refreshToken := query.Get("refresh_token")
+        if refreshToken == "" {
+            http.Error(w, "either email/password or refresh_token is required", http.StatusBadRequest)
+            return
+        }

-		items = append(items, &api.Source{
-			Name: camera.Description, URL: "ring:?" + query.Encode(),
-		})
-	}
+        ringAPI, err = ring.NewRingRestClient(ring.RefreshTokenAuth{
+            RefreshToken: refreshToken,
+        }, nil)
+        if err != nil {
+            http.Error(w, err.Error(), http.StatusInternalServerError)
+            return
+        }
+    }

-	api.ResponseSources(w, items)
+    // Fetch devices
+    devices, err := ringAPI.FetchRingDevices()
+    if err != nil {
+        http.Error(w, err.Error(), http.StatusInternalServerError)
+        return
+    }
+
+    // Create clean query with only required parameters
+    cleanQuery := url.Values{}
+	cleanQuery.Set("refresh_token", ringAPI.RefreshToken)
+
+    var items []*api.Source
+    for _, camera := range devices.AllCameras {
+        cleanQuery.Set("device_id", camera.DeviceID)
+        items = append(items, &api.Source{
+            Name: camera.Description,
+            URL:  "ring:?" + cleanQuery.Encode(),
+        })
+    }
+
+    api.ResponseSources(w, items)
 }