fix: login resolver multifactor auth

2022-07-28 11:18:06 +05:30
parent f12491e42d
commit e3c58ffbb0
5 changed files with 70 additions and 24 deletions
--- a/server/graph/generated/generated.go
+++ b/server/graph/generated/generated.go
@@ -44,12 +44,13 @@ type DirectiveRoot struct {

 type ComplexityRoot struct {
 	AuthResponse struct {
-		AccessToken  func(childComplexity int) int
-		ExpiresIn    func(childComplexity int) int
-		IDToken      func(childComplexity int) int
-		Message      func(childComplexity int) int
-		RefreshToken func(childComplexity int) int
-		User         func(childComplexity int) int
+		AccessToken         func(childComplexity int) int
+		ExpiresIn           func(childComplexity int) int
+		IDToken             func(childComplexity int) int
+		Message             func(childComplexity int) int
+		RefreshToken        func(childComplexity int) int
+		ShouldShowOtpScreen func(childComplexity int) int
+		User                func(childComplexity int) int
 	}

 	EmailTemplate struct {
@@ -378,6 +379,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in

 		return e.complexity.AuthResponse.RefreshToken(childComplexity), true

+	case "AuthResponse.should_show_otp_screen":
+		if e.complexity.AuthResponse.ShouldShowOtpScreen == nil {
+			break
+		}
+
+		return e.complexity.AuthResponse.ShouldShowOtpScreen(childComplexity), true
+
 	case "AuthResponse.user":
 		if e.complexity.AuthResponse.User == nil {
 			break
@@ -1890,6 +1898,7 @@ type Error {

 type AuthResponse {
 	message: String!
+	should_show_otp_screen: Boolean
 	access_token: String
 	id_token: String
 	refresh_token: String
@@ -2890,6 +2899,38 @@ func (ec *executionContext) _AuthResponse_message(ctx context.Context, field gra
 	return ec.marshalNString2string(ctx, field.Selections, res)
 }

+func (ec *executionContext) _AuthResponse_should_show_otp_screen(ctx context.Context, field graphql.CollectedField, obj *model.AuthResponse) (ret graphql.Marshaler) {
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	fc := &graphql.FieldContext{
+		Object:     "AuthResponse",
+		Field:      field,
+		Args:       nil,
+		IsMethod:   false,
+		IsResolver: false,
+	}
+
+	ctx = graphql.WithFieldContext(ctx, fc)
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.ShouldShowOtpScreen, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		return graphql.Null
+	}
+	res := resTmp.(*bool)
+	fc.Result = res
+	return ec.marshalOBoolean2ᚖbool(ctx, field.Selections, res)
+}
+
 func (ec *executionContext) _AuthResponse_access_token(ctx context.Context, field graphql.CollectedField, obj *model.AuthResponse) (ret graphql.Marshaler) {
 	defer func() {
 		if r := recover(); r != nil {
@@ -11761,6 +11802,8 @@ func (ec *executionContext) _AuthResponse(ctx context.Context, sel ast.Selection
 			if out.Values[i] == graphql.Null {
 				invalids++
 			}
+		case "should_show_otp_screen":
+			out.Values[i] = ec._AuthResponse_should_show_otp_screen(ctx, field, obj)
 		case "access_token":
 			out.Values[i] = ec._AuthResponse_access_token(ctx, field, obj)
 		case "id_token":
--- a/server/graph/model/models_gen.go
+++ b/server/graph/model/models_gen.go
@@ -23,12 +23,13 @@ type AdminSignupInput struct {
 }

 type AuthResponse struct {
-	Message      string  `json:"message"`
-	AccessToken  *string `json:"access_token"`
-	IDToken      *string `json:"id_token"`
-	RefreshToken *string `json:"refresh_token"`
-	ExpiresIn    *int64  `json:"expires_in"`
-	User         *User   `json:"user"`
+	Message             string  `json:"message"`
+	ShouldShowOtpScreen *bool   `json:"should_show_otp_screen"`
+	AccessToken         *string `json:"access_token"`
+	IDToken             *string `json:"id_token"`
+	RefreshToken        *string `json:"refresh_token"`
+	ExpiresIn           *int64  `json:"expires_in"`
+	User                *User   `json:"user"`
 }

 type DeleteEmailTemplateRequest struct {
--- a/server/graph/schema.resolvers.go
+++ b/server/graph/schema.resolvers.go
@@ -177,7 +177,5 @@ func (r *Resolver) Mutation() generated.MutationResolver { return &mutationResol
 // Query returns generated.QueryResolver implementation.
 func (r *Resolver) Query() generated.QueryResolver { return &queryResolver{r} }

-type (
-	mutationResolver struct{ *Resolver }
-	queryResolver    struct{ *Resolver }
-)
+type mutationResolver struct{ *Resolver }
+type queryResolver struct{ *Resolver }
--- a/server/resolvers/login.go
+++ b/server/resolvers/login.go
@@ -15,6 +15,7 @@ import (
 	"github.com/authorizerdev/authorizer/server/db/models"
 	"github.com/authorizerdev/authorizer/server/graph/model"
 	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
 	"github.com/authorizerdev/authorizer/server/token"
 	"github.com/authorizerdev/authorizer/server/utils"
 	"github.com/authorizerdev/authorizer/server/validators"
@@ -97,6 +98,13 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes
 		scope = params.Scope
 	}

+	if refs.BoolValue(user.IsMultiFactorAuthEnabled) {
+		return &model.AuthResponse{
+			Message:             "Please check the OTP in your inbox",
+			ShouldShowOtpScreen: refs.NewBoolRef(true),
+		}, nil
+	}
+
 	authToken, err := token.CreateAuthToken(gc, user, roles, scope, constants.AuthRecipeMethodBasicAuth)
 	if err != nil {
 		log.Debug("Failed to create auth token", err)