feat: add totp login API (#416)

* fix: * removed hasReversedValue in playground * feat: * added totp methods in db's providers * adding totp in login method * feat: * added toggle in dashboard * fixing issue with env set * feat: * integrated totp * feat: * encrypted userid * added totp_verified column in user table * started test for totp * feat: * test cases totp * test-cases: * completed test cases * tested for all dbs * fixes: * return variable to snake case * import refactoring * feat: * created seperate folder for authenticator with totp subfolder * refactored code * created new table for authenticators * added recovery code for totp * feat: * adding functions to different db providers * feat: * added authenticators method for all db * feat: * added logic for updating mfa in user_profile update * fix: * merge conflict * fix: * resolved mongodb, dynamodb and arangodb test case bug * added new condition for checking first time totp user or not * feat: * changes in all respective db with authenticator * fix: * PR suggested changes * fix(cassandra): list users * Update verify otp * fix totp login api --------- Co-authored-by: lemonScaletech <anand.panigrahi@scaletech.xyz>
2023-11-16 18:30:54 +05:30
parent d8cd965004
commit fe4c693324
57 changed files with 4321 additions and 1111 deletions
--- a/server/db/providers/arangodb/authenticator.go
+++ b/server/db/providers/arangodb/authenticator.go
@@ -0,0 +1,78 @@
+package arangodb
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/google/uuid"
+
+	arangoDriver "github.com/arangodb/go-driver"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+)
+
+func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models.Authenticator) (*models.Authenticator, error) {
+	exists, _ := p.GetAuthenticatorDetailsByUserId(ctx, authenticators.UserID, authenticators.Method)
+	if exists != nil {
+		return authenticators, nil
+	}
+	if authenticators.ID == "" {
+		authenticators.ID = uuid.New().String()
+	}
+
+	authenticators.Key = authenticators.ID
+	authenticators.CreatedAt = time.Now().Unix()
+	authenticators.UpdatedAt = time.Now().Unix()
+
+	authenticatorsCollection, _ := p.db.Collection(ctx, models.Collections.Authenticators)
+	meta, err := authenticatorsCollection.CreateDocument(arangoDriver.WithOverwrite(ctx), authenticators)
+	if err != nil {
+		return authenticators, err
+	}
+	authenticators.Key = meta.Key
+	authenticators.ID = meta.ID.String()
+
+	return authenticators, nil
+}
+
+func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *models.Authenticator) (*models.Authenticator, error) {
+	authenticators.UpdatedAt = time.Now().Unix()
+
+	collection, _ := p.db.Collection(ctx, models.Collections.Authenticators)
+	meta, err := collection.UpdateDocument(ctx, authenticators.Key, authenticators)
+	if err != nil {
+		return authenticators, err
+	}
+
+	authenticators.Key = meta.Key
+	authenticators.ID = meta.ID.String()
+	return authenticators, nil
+}
+
+func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId string, authenticatorType string) (*models.Authenticator, error) {
+	var authenticators *models.Authenticator
+	query := fmt.Sprintf("FOR d in %s FILTER d.user_id == @user_id AND d.method == @method LIMIT 1 RETURN d", models.Collections.Authenticators)
+	bindVars := map[string]interface{}{
+		"user_id": userId,
+		"method":  authenticatorType,
+	}
+	cursor, err := p.db.Query(ctx, query, bindVars)
+	if err != nil {
+		return authenticators, err
+	}
+	defer cursor.Close()
+	for {
+		if !cursor.HasMore() {
+			if authenticators == nil {
+				return authenticators, fmt.Errorf("authenticator not found")
+			}
+			break
+		}
+		_, err := cursor.ReadDocument(ctx, &authenticators)
+		if err != nil {
+			return authenticators, err
+		}
+	}
+	return authenticators, nil
+}