trust this device to skip 2fa (#9012)

* trust this device to skip 2fa Signed-off-by: 21pages <sunboeasy@gmail.com> * Update connection.rs --------- Signed-off-by: 21pages <sunboeasy@gmail.com> Co-authored-by: RustDesk <71636191+rustdesk@users.noreply.github.com>
2026-04-03 12:11:29 +03:00 · 2024-08-12 18:08:33 +08:00
parent 57834840b8
commit 1729ee337f
64 changed files with 845 additions and 22 deletions
--- a/src/ipc.rs
+++ b/src/ipc.rs
@@ -25,7 +25,9 @@ use hbb_common::{
    config::{self, Config, Config2},
    futures::StreamExt as _,
    futures_util::sink::SinkExt,
-    log, password_security as password, timeout,
+    log, password_security as password,
+    sodiumoxide::base64,
+    timeout,
    tokio::{
        self,
        io::{AsyncRead, AsyncWrite},
@@ -260,6 +262,8 @@ pub enum Data {
    // Although the key is not neccessary, it is used to avoid hardcoding the key.
    WaylandScreencastRestoreToken((String, String)),
    HwCodecConfig(Option<String>),
+    RemoveTrustedDevices(Vec<Bytes>),
+    ClearTrustedDevices,
 }

 #[tokio::main(flavor = "current_thread")]
@@ -486,6 +490,8 @@ async fn handle(data: Data, stream: &mut Connection) {
                    value = crate::audio_service::get_voice_call_input_device();
                } else if name == "unlock-pin" {
                    value = Some(Config::get_unlock_pin());
+                } else if name == "trusted-devices" {
+                    value = Some(Config::get_trusted_devices_json());
                } else {
                    value = None;
                }
@@ -638,6 +644,12 @@ async fn handle(data: Data, stream: &mut Connection) {
                );
            }
        }
+        Data::RemoveTrustedDevices(v) => {
+            Config::remove_trusted_devices(&v);
+        }
+        Data::ClearTrustedDevices => {
+            Config::clear_trusted_devices();
+        }
        _ => {}
    }
 }
@@ -866,6 +878,17 @@ pub async fn set_config_async(name: &str, value: String) -> ResultType<()> {
    Ok(())
 }

+#[tokio::main(flavor = "current_thread")]
+pub async fn set_data(data: &Data) -> ResultType<()> {
+    set_data_async(data).await
+}
+
+pub async fn set_data_async(data: &Data) -> ResultType<()> {
+    let mut c = connect(1000, "").await?;
+    c.send(data).await?;
+    Ok(())
+}
+
 #[tokio::main(flavor = "current_thread")]
 pub async fn set_config(name: &str, value: String) -> ResultType<()> {
    set_config_async(name, value).await
@@ -926,6 +949,30 @@ pub fn get_unlock_pin() -> String {
    }
 }

+#[cfg(feature = "flutter")]
+#[cfg(not(any(target_os = "android", target_os = "ios")))]
+pub fn get_trusted_devices() -> String {
+    if let Ok(Some(v)) = get_config("trusted-devices") {
+        v
+    } else {
+        Config::get_trusted_devices_json()
+    }
+}
+
+#[cfg(feature = "flutter")]
+#[cfg(not(any(target_os = "android", target_os = "ios")))]
+pub fn remove_trusted_devices(hwids: Vec<Bytes>) {
+    Config::remove_trusted_devices(&hwids);
+    allow_err!(set_data(&Data::RemoveTrustedDevices(hwids)));
+}
+
+#[cfg(feature = "flutter")]
+#[cfg(not(any(target_os = "android", target_os = "ios")))]
+pub fn clear_trusted_devices() {
+    Config::clear_trusted_devices();
+    allow_err!(set_data(&Data::ClearTrustedDevices));
+}
+
 pub fn get_id() -> String {
    if let Ok(Some(v)) = get_config("id") {
        // update salt also, so that next time reinstallation not causing first-time auto-login failure