userid ass mfa session key
This commit is contained in:
catusax
parent
9f52c08883
commit
ba0cf189de
|
|
@ -42,15 +42,15 @@ func (c *provider) DeleteSessionForNamespace(namespace string) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// SetMfaSession sets the mfa session with key and value of email
|
||||
func (c *provider) SetMfaSession(email, key string, expiration int64) error {
|
||||
c.mfasessionStore.Set(email, key, email, expiration)
|
||||
// SetMfaSession sets the mfa session with key and value of userId
|
||||
func (c *provider) SetMfaSession(userId, key string, expiration int64) error {
|
||||
c.mfasessionStore.Set(userId, key, userId, expiration)
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetMfaSession returns value of given mfa session
|
||||
func (c *provider) GetMfaSession(email, key string) (string, error) {
|
||||
val := c.mfasessionStore.Get(email, key)
|
||||
func (c *provider) GetMfaSession(userId, key string) (string, error) {
|
||||
val := c.mfasessionStore.Get(userId, key)
|
||||
if val == "" {
|
||||
return "", fmt.Errorf("Not found")
|
||||
}
|
||||
|
|
@ -58,8 +58,8 @@ func (c *provider) GetMfaSession(email, key string) (string, error) {
|
|||
}
|
||||
|
||||
// DeleteMfaSession deletes given mfa session from in-memory store.
|
||||
func (c *provider) DeleteMfaSession(email, key string) error {
|
||||
c.mfasessionStore.Remove(email, key)
|
||||
func (c *provider) DeleteMfaSession(userId, key string) error {
|
||||
c.mfasessionStore.Remove(userId, key)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -12,12 +12,12 @@ type Provider interface {
|
|||
DeleteAllUserSessions(userId string) error
|
||||
// DeleteSessionForNamespace deletes the session for a given namespace
|
||||
DeleteSessionForNamespace(namespace string) error
|
||||
// SetMfaSession sets the mfa session with key and value of email
|
||||
SetMfaSession(email, key string, expiration int64) error
|
||||
// SetMfaSession sets the mfa session with key and value of userId
|
||||
SetMfaSession(userId, key string, expiration int64) error
|
||||
// GetMfaSession returns value of given mfa session
|
||||
GetMfaSession(email, key string) (string, error)
|
||||
GetMfaSession(userId, key string) (string, error)
|
||||
// DeleteMfaSession deletes given mfa session from in-memory store.
|
||||
DeleteMfaSession(email, key string) error
|
||||
DeleteMfaSession(userId, key string) error
|
||||
|
||||
// SetState sets the login state (key, value form) in the session store
|
||||
SetState(key, state string) error
|
||||
|
|
|
|||
|
|
@ -93,12 +93,12 @@ func (c *provider) DeleteSessionForNamespace(namespace string) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// SetMfaSession sets the mfa session with key and value of email
|
||||
func (c *provider) SetMfaSession(email, key string, expiration int64) error {
|
||||
// SetMfaSession sets the mfa session with key and value of userId
|
||||
func (c *provider) SetMfaSession(userId, key string, expiration int64) error {
|
||||
currentTime := time.Now()
|
||||
expireTime := time.Unix(expiration, 0)
|
||||
duration := expireTime.Sub(currentTime)
|
||||
err := c.store.Set(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, email, key), email, duration).Err()
|
||||
err := c.store.Set(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, userId, key), userId, duration).Err()
|
||||
if err != nil {
|
||||
log.Debug("Error saving user session to redis: ", err)
|
||||
return err
|
||||
|
|
@ -106,9 +106,9 @@ func (c *provider) SetMfaSession(email, key string, expiration int64) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// GetMfaSession returns value of given mfa session
|
||||
func (c *provider) GetMfaSession(email, key string) (string, error) {
|
||||
data, err := c.store.Get(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, email, key)).Result()
|
||||
// GetMfaSession returns value of given mfa session
|
||||
func (c *provider) GetMfaSession(userId, key string) (string, error) {
|
||||
data, err := c.store.Get(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, userId, key)).Result()
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
@ -116,8 +116,8 @@ func (c *provider) GetMfaSession(email, key string) (string, error) {
|
|||
}
|
||||
|
||||
// DeleteMfaSession deletes given mfa session from in-memory store.
|
||||
func (c *provider) DeleteMfaSession(email, key string) error {
|
||||
if err := c.store.Del(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, email, key)).Err(); err != nil {
|
||||
func (c *provider) DeleteMfaSession(userId, key string) error {
|
||||
if err := c.store.Del(c.ctx, fmt.Sprintf("%s%s:%s", mfaSessionPrefix, userId, key)).Err(); err != nil {
|
||||
log.Debug("Error deleting user session from redis: ", err)
|
||||
// continue
|
||||
}
|
||||
|
|
|
|||
|
|
@ -125,7 +125,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
|
|||
}
|
||||
|
||||
mfaSession := uuid.NewString()
|
||||
err = memorystore.Provider.SetMfaSession(params.Email, mfaSession, expires)
|
||||
err = memorystore.Provider.SetMfaSession(user.ID, mfaSession, expires)
|
||||
if err != nil {
|
||||
log.Debug("Failed to add mfasession: ", err)
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -122,15 +122,25 @@ func MobileLoginResolver(ctx context.Context, params model.MobileLoginInput) (*m
|
|||
smsBody := strings.Builder{}
|
||||
smsBody.WriteString("Your verification code is: ")
|
||||
smsBody.WriteString(smsCode)
|
||||
expires := time.Now().Add(duration).Unix()
|
||||
_, err := db.Provider.UpsertOTP(ctx, &models.OTP{
|
||||
PhoneNumber: params.PhoneNumber,
|
||||
Otp: smsCode,
|
||||
ExpiresAt: time.Now().Add(duration).Unix(),
|
||||
ExpiresAt: expires,
|
||||
})
|
||||
if err != nil {
|
||||
log.Debug("error while upserting OTP: ", err.Error())
|
||||
return nil, err
|
||||
}
|
||||
|
||||
mfaSession := uuid.NewString()
|
||||
err = memorystore.Provider.SetMfaSession(user.ID, mfaSession, expires)
|
||||
if err != nil {
|
||||
log.Debug("Failed to add mfasession: ", err)
|
||||
return nil, err
|
||||
}
|
||||
cookie.SetMfaSession(gc, mfaSession)
|
||||
|
||||
go func() {
|
||||
utils.RegisterEvent(ctx, constants.UserLoginWebhookEvent, constants.AuthRecipeMethodMobileBasicAuth, *user)
|
||||
smsproviders.SendSMS(params.PhoneNumber, smsBody.String())
|
||||
|
|
|
|||
|
|
@ -27,6 +27,13 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
|
|||
log.Debug("Failed to get GinContext: ", err)
|
||||
return res, err
|
||||
}
|
||||
|
||||
mfaSession, err := cookie.GetMfaSession(gc)
|
||||
if err != nil {
|
||||
log.Debug("Failed to get otp request by email: ", err)
|
||||
return res, fmt.Errorf(`invalid session: %s`, err.Error())
|
||||
}
|
||||
|
||||
if refs.StringValue(params.Email) == "" && refs.StringValue(params.PhoneNumber) == "" {
|
||||
log.Debug("Email or phone number is required")
|
||||
return res, fmt.Errorf(`email or phone_number is required`)
|
||||
|
|
@ -68,6 +75,12 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
|
|||
log.Debug("Failed to get user by email: ", err)
|
||||
return res, err
|
||||
}
|
||||
|
||||
if _, err := memorystore.Provider.GetMfaSession(user.ID, mfaSession); err != nil {
|
||||
log.Debug("Failed to get mfa session: ", err)
|
||||
return res, fmt.Errorf(`invalid session: %s`, err.Error())
|
||||
}
|
||||
|
||||
isSignUp := user.EmailVerifiedAt == nil && user.PhoneNumberVerifiedAt == nil
|
||||
// TODO - Add Login method in DB when we introduce OTP for social media login
|
||||
loginMethod := constants.AuthRecipeMethodBasicAuth
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user