pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-20 18:51:11 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
django-backend
thrilltrack-explorer/src-old/hooks/useRequireMFA.ts

50 lines
1.4 KiB
TypeScript
Raw Permalink Blame History

import { useAuth } from './useAuth';
import { useUserRole } from './useUserRole';
import { useEffect, useState } from 'react';
import { getEnrolledFactors } from '@/lib/authService';
export function useRequireMFA() {
const { aal, session } = useAuth();
const { isModerator, isAdmin, loading: roleLoading } = useUserRole();
const [isEnrolled, setIsEnrolled] = useState(false);
const [loading, setLoading] = useState(true);
// Check actual enrollment status
useEffect(() => {
const checkEnrollment = async () => {
if (!session) {
setIsEnrolled(false);
setLoading(false);
return;
}
const factors = await getEnrolledFactors();
setIsEnrolled(factors.length > 0);
setLoading(false);
};
if (!roleLoading) {
checkEnrollment();
}
}, [session, roleLoading]);
// MFA is required for moderators and admins
const requiresMFA = isModerator() || isAdmin();
// User has MFA if they have AAL2 AND have enrolled factors
const hasMFA = aal === 'aal2' && isEnrolled;
// User needs to verify MFA if they're enrolled but session is still at AAL1
const needsVerification = requiresMFA && isEnrolled && aal === 'aal1';
return {
requiresMFA,
hasMFA,
isEnrolled,
needsEnrollment: requiresMFA && !isEnrolled,
needsVerification,
aal,
loading: loading || roleLoading,
};
}
Reference in New Issue View Git Blame Copy Permalink