devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

feat: add mfa session to secure otp login

Browse Source
This commit is contained in:
catusax
2023-07-20 15:11:39 +08:00
parent 87a962504f
commit 5018462559
9 changed files with 185 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
server/resolvers/verify_otp.go
View File

@@ -28,6 +28,17 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
return res, err
}
mfaSession, err := cookie.GetMfaSession(gc)
if err != nil {
log.Debug("Failed to get otp request by email: ", err)
return res, fmt.Errorf(`invalid session: %s`, err.Error())
}
if _, err := memorystore.Provider.GetMfaSession(params.Email, mfaSession); err != nil {
log.Debug("Failed to get mfa session: ", err)
return res, fmt.Errorf(`invalid session: %s`, err.Error())
}
otp, err := db.Provider.GetOTPByEmail(ctx, params.Email)
if err != nil {
log.Debug("Failed to get otp request by email: ", err)