From af66958b5db4ad9a68a56679dc52b17f871735c0 Mon Sep 17 00:00:00 2001 From: lemonScaletech Date: Wed, 13 Sep 2023 14:14:56 +0530 Subject: [PATCH] fixes: * return variable to snake case * import refactoring --- server/graph/generated/generated.go | 264 +++++----------------- server/graph/model/models_gen.go | 22 +- server/graph/schema.graphqls | 6 +- server/resolvers/login.go | 18 +- server/resolvers/verify_totp.go | 5 +- server/test/revoke_access_test.go | 2 - server/test/verification_requests_test.go | 2 - server/test/verify_totp_test.go | 26 ++- 8 files changed, 103 insertions(+), 242 deletions(-) diff --git a/server/graph/generated/generated.go b/server/graph/generated/generated.go index 7217bc5..4ad7cbe 100644 --- a/server/graph/generated/generated.go +++ b/server/graph/generated/generated.go @@ -45,18 +45,16 @@ type DirectiveRoot struct { type ComplexityRoot struct { AuthResponse struct { - AccessToken func(childComplexity int) int - ExpiresIn func(childComplexity int) int - IDToken func(childComplexity int) int - Message func(childComplexity int) int - RefreshToken func(childComplexity int) int - ShouldShowEmailOtpScreen func(childComplexity int) int - ShouldShowMobileOtpScreen func(childComplexity int) int - ShouldShowMobileTotpScreen func(childComplexity int) int - ShouldShowTotpScreen func(childComplexity int) int - TokenTotp func(childComplexity int) int - TotpBase64url func(childComplexity int) int - User func(childComplexity int) int + AccessToken func(childComplexity int) int + ExpiresIn func(childComplexity int) int + IDToken func(childComplexity int) int + Message func(childComplexity int) int + RefreshToken func(childComplexity int) int + ShouldShowEmailOtpScreen func(childComplexity int) int + ShouldShowMobileOtpScreen func(childComplexity int) int + TotpBase64URL func(childComplexity int) int + TotpToken func(childComplexity int) int + User func(childComplexity int) int } EmailTemplate struct { @@ -455,33 +453,19 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in return e.complexity.AuthResponse.ShouldShowMobileOtpScreen(childComplexity), true - case "AuthResponse.should_show_mobile_totp_screen": - if e.complexity.AuthResponse.ShouldShowMobileTotpScreen == nil { + case "AuthResponse.totp_base64_url": + if e.complexity.AuthResponse.TotpBase64URL == nil { break } - return e.complexity.AuthResponse.ShouldShowMobileTotpScreen(childComplexity), true + return e.complexity.AuthResponse.TotpBase64URL(childComplexity), true - case "AuthResponse.should_show_totp_screen": - if e.complexity.AuthResponse.ShouldShowTotpScreen == nil { + case "AuthResponse.totp_token": + if e.complexity.AuthResponse.TotpToken == nil { break } - return e.complexity.AuthResponse.ShouldShowTotpScreen(childComplexity), true - - case "AuthResponse.tokenTOTP": - if e.complexity.AuthResponse.TokenTotp == nil { - break - } - - return e.complexity.AuthResponse.TokenTotp(childComplexity), true - - case "AuthResponse.totpBase64URL": - if e.complexity.AuthResponse.TotpBase64url == nil { - break - } - - return e.complexity.AuthResponse.TotpBase64url(childComplexity), true + return e.complexity.AuthResponse.TotpToken(childComplexity), true case "AuthResponse.user": if e.complexity.AuthResponse.User == nil { @@ -2368,15 +2352,13 @@ type AuthResponse { message: String! should_show_email_otp_screen: Boolean should_show_mobile_otp_screen: Boolean - should_show_mobile_totp_screen: Boolean - should_show_totp_screen: Boolean access_token: String id_token: String refresh_token: String expires_in: Int64 user: User - totpBase64URL: String - tokenTOTP: String + totp_base64_url: String + totp_token: String } type Response { @@ -3700,88 +3682,6 @@ func (ec *executionContext) fieldContext_AuthResponse_should_show_mobile_otp_scr return fc, nil } -func (ec *executionContext) _AuthResponse_should_show_mobile_totp_screen(ctx context.Context, field graphql.CollectedField, obj *model.AuthResponse) (ret graphql.Marshaler) { - fc, err := ec.fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx, field) - if err != nil { - return graphql.Null - } - ctx = graphql.WithFieldContext(ctx, fc) - defer func() { - if r := recover(); r != nil { - ec.Error(ctx, ec.Recover(ctx, r)) - ret = graphql.Null - } - }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { - ctx = rctx // use context from middleware stack in children - return obj.ShouldShowMobileTotpScreen, nil - }) - if err != nil { - ec.Error(ctx, err) - return graphql.Null - } - if resTmp == nil { - return graphql.Null - } - res := resTmp.(*bool) - fc.Result = res - return ec.marshalOBoolean2ᚖbool(ctx, field.Selections, res) -} - -func (ec *executionContext) fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { - fc = &graphql.FieldContext{ - Object: "AuthResponse", - Field: field, - IsMethod: false, - IsResolver: false, - Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) { - return nil, errors.New("field of type Boolean does not have child fields") - }, - } - return fc, nil -} - -func (ec *executionContext) _AuthResponse_should_show_totp_screen(ctx context.Context, field graphql.CollectedField, obj *model.AuthResponse) (ret graphql.Marshaler) { - fc, err := ec.fieldContext_AuthResponse_should_show_totp_screen(ctx, field) - if err != nil { - return graphql.Null - } - ctx = graphql.WithFieldContext(ctx, fc) - defer func() { - if r := recover(); r != nil { - ec.Error(ctx, ec.Recover(ctx, r)) - ret = graphql.Null - } - }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { - ctx = rctx // use context from middleware stack in children - return obj.ShouldShowTotpScreen, nil - }) - if err != nil { - ec.Error(ctx, err) - return graphql.Null - } - if resTmp == nil { - return graphql.Null - } - res := resTmp.(*bool) - fc.Result = res - return ec.marshalOBoolean2ᚖbool(ctx, field.Selections, res) -} - -func (ec *executionContext) fieldContext_AuthResponse_should_show_totp_screen(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { - fc = &graphql.FieldContext{ - Object: "AuthResponse", - Field: field, - IsMethod: false, - IsResolver: false, - Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) { - return nil, errors.New("field of type Boolean does not have child fields") - }, - } - return fc, nil -} - func (ec *executionContext) _AuthResponse_access_token(ctx context.Context, field graphql.CollectedField, obj *model.AuthResponse) (ret graphql.Marshaler) { fc, err := ec.fieldContext_AuthResponse_access_token(ctx, field) if err != nil { @@ -4031,8 +3931,8 @@ func (ec *executionContext) fieldContext_AuthResponse_user(ctx context.Context, return fc, nil } -func (ec *executionContext) _AuthResponse_totpBase64URL(ctx context.Context, field graphql.CollectedField, obj *model.AuthResponse) (ret graphql.Marshaler) { - fc, err := ec.fieldContext_AuthResponse_totpBase64URL(ctx, field) +func (ec *executionContext) _AuthResponse_totp_base64_url(ctx context.Context, field graphql.CollectedField, obj *model.AuthResponse) (ret graphql.Marshaler) { + fc, err := ec.fieldContext_AuthResponse_totp_base64_url(ctx, field) if err != nil { return graphql.Null } @@ -4045,7 +3945,7 @@ func (ec *executionContext) _AuthResponse_totpBase64URL(ctx context.Context, fie }() resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { ctx = rctx // use context from middleware stack in children - return obj.TotpBase64url, nil + return obj.TotpBase64URL, nil }) if err != nil { ec.Error(ctx, err) @@ -4059,7 +3959,7 @@ func (ec *executionContext) _AuthResponse_totpBase64URL(ctx context.Context, fie return ec.marshalOString2ᚖstring(ctx, field.Selections, res) } -func (ec *executionContext) fieldContext_AuthResponse_totpBase64URL(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { +func (ec *executionContext) fieldContext_AuthResponse_totp_base64_url(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { fc = &graphql.FieldContext{ Object: "AuthResponse", Field: field, @@ -4072,8 +3972,8 @@ func (ec *executionContext) fieldContext_AuthResponse_totpBase64URL(ctx context. return fc, nil } -func (ec *executionContext) _AuthResponse_tokenTOTP(ctx context.Context, field graphql.CollectedField, obj *model.AuthResponse) (ret graphql.Marshaler) { - fc, err := ec.fieldContext_AuthResponse_tokenTOTP(ctx, field) +func (ec *executionContext) _AuthResponse_totp_token(ctx context.Context, field graphql.CollectedField, obj *model.AuthResponse) (ret graphql.Marshaler) { + fc, err := ec.fieldContext_AuthResponse_totp_token(ctx, field) if err != nil { return graphql.Null } @@ -4086,7 +3986,7 @@ func (ec *executionContext) _AuthResponse_tokenTOTP(ctx context.Context, field g }() resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { ctx = rctx // use context from middleware stack in children - return obj.TokenTotp, nil + return obj.TotpToken, nil }) if err != nil { ec.Error(ctx, err) @@ -4100,7 +4000,7 @@ func (ec *executionContext) _AuthResponse_tokenTOTP(ctx context.Context, field g return ec.marshalOString2ᚖstring(ctx, field.Selections, res) } -func (ec *executionContext) fieldContext_AuthResponse_tokenTOTP(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { +func (ec *executionContext) fieldContext_AuthResponse_totp_token(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) { fc = &graphql.FieldContext{ Object: "AuthResponse", Field: field, @@ -8249,10 +8149,6 @@ func (ec *executionContext) fieldContext_Mutation_signup(ctx context.Context, fi return ec.fieldContext_AuthResponse_should_show_email_otp_screen(ctx, field) case "should_show_mobile_otp_screen": return ec.fieldContext_AuthResponse_should_show_mobile_otp_screen(ctx, field) - case "should_show_mobile_totp_screen": - return ec.fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx, field) - case "should_show_totp_screen": - return ec.fieldContext_AuthResponse_should_show_totp_screen(ctx, field) case "access_token": return ec.fieldContext_AuthResponse_access_token(ctx, field) case "id_token": @@ -8263,10 +8159,10 @@ func (ec *executionContext) fieldContext_Mutation_signup(ctx context.Context, fi return ec.fieldContext_AuthResponse_expires_in(ctx, field) case "user": return ec.fieldContext_AuthResponse_user(ctx, field) - case "totpBase64URL": - return ec.fieldContext_AuthResponse_totpBase64URL(ctx, field) - case "tokenTOTP": - return ec.fieldContext_AuthResponse_tokenTOTP(ctx, field) + case "totp_base64_url": + return ec.fieldContext_AuthResponse_totp_base64_url(ctx, field) + case "totp_token": + return ec.fieldContext_AuthResponse_totp_token(ctx, field) } return nil, fmt.Errorf("no field named %q was found under type AuthResponse", field.Name) }, @@ -8330,10 +8226,6 @@ func (ec *executionContext) fieldContext_Mutation_mobile_signup(ctx context.Cont return ec.fieldContext_AuthResponse_should_show_email_otp_screen(ctx, field) case "should_show_mobile_otp_screen": return ec.fieldContext_AuthResponse_should_show_mobile_otp_screen(ctx, field) - case "should_show_mobile_totp_screen": - return ec.fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx, field) - case "should_show_totp_screen": - return ec.fieldContext_AuthResponse_should_show_totp_screen(ctx, field) case "access_token": return ec.fieldContext_AuthResponse_access_token(ctx, field) case "id_token": @@ -8344,10 +8236,10 @@ func (ec *executionContext) fieldContext_Mutation_mobile_signup(ctx context.Cont return ec.fieldContext_AuthResponse_expires_in(ctx, field) case "user": return ec.fieldContext_AuthResponse_user(ctx, field) - case "totpBase64URL": - return ec.fieldContext_AuthResponse_totpBase64URL(ctx, field) - case "tokenTOTP": - return ec.fieldContext_AuthResponse_tokenTOTP(ctx, field) + case "totp_base64_url": + return ec.fieldContext_AuthResponse_totp_base64_url(ctx, field) + case "totp_token": + return ec.fieldContext_AuthResponse_totp_token(ctx, field) } return nil, fmt.Errorf("no field named %q was found under type AuthResponse", field.Name) }, @@ -8411,10 +8303,6 @@ func (ec *executionContext) fieldContext_Mutation_login(ctx context.Context, fie return ec.fieldContext_AuthResponse_should_show_email_otp_screen(ctx, field) case "should_show_mobile_otp_screen": return ec.fieldContext_AuthResponse_should_show_mobile_otp_screen(ctx, field) - case "should_show_mobile_totp_screen": - return ec.fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx, field) - case "should_show_totp_screen": - return ec.fieldContext_AuthResponse_should_show_totp_screen(ctx, field) case "access_token": return ec.fieldContext_AuthResponse_access_token(ctx, field) case "id_token": @@ -8425,10 +8313,10 @@ func (ec *executionContext) fieldContext_Mutation_login(ctx context.Context, fie return ec.fieldContext_AuthResponse_expires_in(ctx, field) case "user": return ec.fieldContext_AuthResponse_user(ctx, field) - case "totpBase64URL": - return ec.fieldContext_AuthResponse_totpBase64URL(ctx, field) - case "tokenTOTP": - return ec.fieldContext_AuthResponse_tokenTOTP(ctx, field) + case "totp_base64_url": + return ec.fieldContext_AuthResponse_totp_base64_url(ctx, field) + case "totp_token": + return ec.fieldContext_AuthResponse_totp_token(ctx, field) } return nil, fmt.Errorf("no field named %q was found under type AuthResponse", field.Name) }, @@ -8492,10 +8380,6 @@ func (ec *executionContext) fieldContext_Mutation_mobile_login(ctx context.Conte return ec.fieldContext_AuthResponse_should_show_email_otp_screen(ctx, field) case "should_show_mobile_otp_screen": return ec.fieldContext_AuthResponse_should_show_mobile_otp_screen(ctx, field) - case "should_show_mobile_totp_screen": - return ec.fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx, field) - case "should_show_totp_screen": - return ec.fieldContext_AuthResponse_should_show_totp_screen(ctx, field) case "access_token": return ec.fieldContext_AuthResponse_access_token(ctx, field) case "id_token": @@ -8506,10 +8390,10 @@ func (ec *executionContext) fieldContext_Mutation_mobile_login(ctx context.Conte return ec.fieldContext_AuthResponse_expires_in(ctx, field) case "user": return ec.fieldContext_AuthResponse_user(ctx, field) - case "totpBase64URL": - return ec.fieldContext_AuthResponse_totpBase64URL(ctx, field) - case "tokenTOTP": - return ec.fieldContext_AuthResponse_tokenTOTP(ctx, field) + case "totp_base64_url": + return ec.fieldContext_AuthResponse_totp_base64_url(ctx, field) + case "totp_token": + return ec.fieldContext_AuthResponse_totp_token(ctx, field) } return nil, fmt.Errorf("no field named %q was found under type AuthResponse", field.Name) }, @@ -8739,10 +8623,6 @@ func (ec *executionContext) fieldContext_Mutation_verify_email(ctx context.Conte return ec.fieldContext_AuthResponse_should_show_email_otp_screen(ctx, field) case "should_show_mobile_otp_screen": return ec.fieldContext_AuthResponse_should_show_mobile_otp_screen(ctx, field) - case "should_show_mobile_totp_screen": - return ec.fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx, field) - case "should_show_totp_screen": - return ec.fieldContext_AuthResponse_should_show_totp_screen(ctx, field) case "access_token": return ec.fieldContext_AuthResponse_access_token(ctx, field) case "id_token": @@ -8753,10 +8633,10 @@ func (ec *executionContext) fieldContext_Mutation_verify_email(ctx context.Conte return ec.fieldContext_AuthResponse_expires_in(ctx, field) case "user": return ec.fieldContext_AuthResponse_user(ctx, field) - case "totpBase64URL": - return ec.fieldContext_AuthResponse_totpBase64URL(ctx, field) - case "tokenTOTP": - return ec.fieldContext_AuthResponse_tokenTOTP(ctx, field) + case "totp_base64_url": + return ec.fieldContext_AuthResponse_totp_base64_url(ctx, field) + case "totp_token": + return ec.fieldContext_AuthResponse_totp_token(ctx, field) } return nil, fmt.Errorf("no field named %q was found under type AuthResponse", field.Name) }, @@ -9056,10 +8936,6 @@ func (ec *executionContext) fieldContext_Mutation_verify_otp(ctx context.Context return ec.fieldContext_AuthResponse_should_show_email_otp_screen(ctx, field) case "should_show_mobile_otp_screen": return ec.fieldContext_AuthResponse_should_show_mobile_otp_screen(ctx, field) - case "should_show_mobile_totp_screen": - return ec.fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx, field) - case "should_show_totp_screen": - return ec.fieldContext_AuthResponse_should_show_totp_screen(ctx, field) case "access_token": return ec.fieldContext_AuthResponse_access_token(ctx, field) case "id_token": @@ -9070,10 +8946,10 @@ func (ec *executionContext) fieldContext_Mutation_verify_otp(ctx context.Context return ec.fieldContext_AuthResponse_expires_in(ctx, field) case "user": return ec.fieldContext_AuthResponse_user(ctx, field) - case "totpBase64URL": - return ec.fieldContext_AuthResponse_totpBase64URL(ctx, field) - case "tokenTOTP": - return ec.fieldContext_AuthResponse_tokenTOTP(ctx, field) + case "totp_base64_url": + return ec.fieldContext_AuthResponse_totp_base64_url(ctx, field) + case "totp_token": + return ec.fieldContext_AuthResponse_totp_token(ctx, field) } return nil, fmt.Errorf("no field named %q was found under type AuthResponse", field.Name) }, @@ -9196,10 +9072,6 @@ func (ec *executionContext) fieldContext_Mutation_verify_totp(ctx context.Contex return ec.fieldContext_AuthResponse_should_show_email_otp_screen(ctx, field) case "should_show_mobile_otp_screen": return ec.fieldContext_AuthResponse_should_show_mobile_otp_screen(ctx, field) - case "should_show_mobile_totp_screen": - return ec.fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx, field) - case "should_show_totp_screen": - return ec.fieldContext_AuthResponse_should_show_totp_screen(ctx, field) case "access_token": return ec.fieldContext_AuthResponse_access_token(ctx, field) case "id_token": @@ -9210,10 +9082,10 @@ func (ec *executionContext) fieldContext_Mutation_verify_totp(ctx context.Contex return ec.fieldContext_AuthResponse_expires_in(ctx, field) case "user": return ec.fieldContext_AuthResponse_user(ctx, field) - case "totpBase64URL": - return ec.fieldContext_AuthResponse_totpBase64URL(ctx, field) - case "tokenTOTP": - return ec.fieldContext_AuthResponse_tokenTOTP(ctx, field) + case "totp_base64_url": + return ec.fieldContext_AuthResponse_totp_base64_url(ctx, field) + case "totp_token": + return ec.fieldContext_AuthResponse_totp_token(ctx, field) } return nil, fmt.Errorf("no field named %q was found under type AuthResponse", field.Name) }, @@ -10569,10 +10441,6 @@ func (ec *executionContext) fieldContext_Query_session(ctx context.Context, fiel return ec.fieldContext_AuthResponse_should_show_email_otp_screen(ctx, field) case "should_show_mobile_otp_screen": return ec.fieldContext_AuthResponse_should_show_mobile_otp_screen(ctx, field) - case "should_show_mobile_totp_screen": - return ec.fieldContext_AuthResponse_should_show_mobile_totp_screen(ctx, field) - case "should_show_totp_screen": - return ec.fieldContext_AuthResponse_should_show_totp_screen(ctx, field) case "access_token": return ec.fieldContext_AuthResponse_access_token(ctx, field) case "id_token": @@ -10583,10 +10451,10 @@ func (ec *executionContext) fieldContext_Query_session(ctx context.Context, fiel return ec.fieldContext_AuthResponse_expires_in(ctx, field) case "user": return ec.fieldContext_AuthResponse_user(ctx, field) - case "totpBase64URL": - return ec.fieldContext_AuthResponse_totpBase64URL(ctx, field) - case "tokenTOTP": - return ec.fieldContext_AuthResponse_tokenTOTP(ctx, field) + case "totp_base64_url": + return ec.fieldContext_AuthResponse_totp_base64_url(ctx, field) + case "totp_token": + return ec.fieldContext_AuthResponse_totp_token(ctx, field) } return nil, fmt.Errorf("no field named %q was found under type AuthResponse", field.Name) }, @@ -18740,14 +18608,6 @@ func (ec *executionContext) _AuthResponse(ctx context.Context, sel ast.Selection out.Values[i] = ec._AuthResponse_should_show_mobile_otp_screen(ctx, field, obj) - case "should_show_mobile_totp_screen": - - out.Values[i] = ec._AuthResponse_should_show_mobile_totp_screen(ctx, field, obj) - - case "should_show_totp_screen": - - out.Values[i] = ec._AuthResponse_should_show_totp_screen(ctx, field, obj) - case "access_token": out.Values[i] = ec._AuthResponse_access_token(ctx, field, obj) @@ -18768,13 +18628,13 @@ func (ec *executionContext) _AuthResponse(ctx context.Context, sel ast.Selection out.Values[i] = ec._AuthResponse_user(ctx, field, obj) - case "totpBase64URL": + case "totp_base64_url": - out.Values[i] = ec._AuthResponse_totpBase64URL(ctx, field, obj) + out.Values[i] = ec._AuthResponse_totp_base64_url(ctx, field, obj) - case "tokenTOTP": + case "totp_token": - out.Values[i] = ec._AuthResponse_tokenTOTP(ctx, field, obj) + out.Values[i] = ec._AuthResponse_totp_token(ctx, field, obj) default: panic("unknown field " + strconv.Quote(field.Name)) diff --git a/server/graph/model/models_gen.go b/server/graph/model/models_gen.go index c5586a8..d5ae277 100644 --- a/server/graph/model/models_gen.go +++ b/server/graph/model/models_gen.go @@ -26,18 +26,16 @@ type AdminSignupInput struct { } type AuthResponse struct { - Message string `json:"message"` - ShouldShowEmailOtpScreen *bool `json:"should_show_email_otp_screen"` - ShouldShowMobileOtpScreen *bool `json:"should_show_mobile_otp_screen"` - ShouldShowMobileTotpScreen *bool `json:"should_show_mobile_totp_screen"` - ShouldShowTotpScreen *bool `json:"should_show_totp_screen"` - AccessToken *string `json:"access_token"` - IDToken *string `json:"id_token"` - RefreshToken *string `json:"refresh_token"` - ExpiresIn *int64 `json:"expires_in"` - User *User `json:"user"` - TotpBase64url *string `json:"totpBase64URL"` - TokenTotp *string `json:"tokenTOTP"` + Message string `json:"message"` + ShouldShowEmailOtpScreen *bool `json:"should_show_email_otp_screen"` + ShouldShowMobileOtpScreen *bool `json:"should_show_mobile_otp_screen"` + AccessToken *string `json:"access_token"` + IDToken *string `json:"id_token"` + RefreshToken *string `json:"refresh_token"` + ExpiresIn *int64 `json:"expires_in"` + User *User `json:"user"` + TotpBase64URL *string `json:"totp_base64_url"` + TotpToken *string `json:"totp_token"` } type DeleteEmailTemplateRequest struct { diff --git a/server/graph/schema.graphqls b/server/graph/schema.graphqls index 7805861..bcb0b07 100644 --- a/server/graph/schema.graphqls +++ b/server/graph/schema.graphqls @@ -95,15 +95,13 @@ type AuthResponse { message: String! should_show_email_otp_screen: Boolean should_show_mobile_otp_screen: Boolean - should_show_mobile_totp_screen: Boolean - should_show_totp_screen: Boolean access_token: String id_token: String refresh_token: String expires_in: Int64 user: User - totpBase64URL: String - tokenTOTP: String + totp_base64_url: String + totp_token: String } type Response { diff --git a/server/resolvers/login.go b/server/resolvers/login.go index 002a00b..78a1f7f 100644 --- a/server/resolvers/login.go +++ b/server/resolvers/login.go @@ -3,16 +3,17 @@ package resolvers import ( "context" "fmt" - "github.com/authorizerdev/authorizer/server/crypto" "strings" "time" "github.com/google/uuid" - log "github.com/sirupsen/logrus" "golang.org/x/crypto/bcrypt" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/cookie" + "github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/email" @@ -161,6 +162,7 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes }, nil } + // if mfa enabled and also totp enabled if !isMFADisabled && refs.BoolValue(user.IsMultiFactorAuthEnabled) && !isTOTPLoginDisabled { pubKey, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtPublicKey) if err != nil { @@ -172,26 +174,30 @@ func LoginResolver(ctx context.Context, params model.LoginInput) (*model.AuthRes log.Debug("error while parsing public key") } + //encrypting user id, so it can be used as token for verifying encryptedUserId, err := crypto.EncryptRSA(user.ID, *publicKey) if err != nil { log.Debug("error while encrypting user id") } + + // for first time user or whose totp is not verified if !user.TotpVerified { base64URL, err := db.Provider.GenerateTotp(ctx, user.ID) if err != nil { log.Debug("error while generating base64 url: ", err) } - + // when user is first time registering for totp res = &model.AuthResponse{ Message: `Proceed to totp screen`, - TotpBase64url: base64URL, - TokenTotp: &encryptedUserId, + TotpBase64URL: base64URL, + TotpToken: &encryptedUserId, } return res, nil } else { + //when user is already register for totp res = &model.AuthResponse{ Message: `Proceed to totp screen`, - TokenTotp: &encryptedUserId, + TotpToken: &encryptedUserId, } return res, nil } diff --git a/server/resolvers/verify_totp.go b/server/resolvers/verify_totp.go index 97aa592..900aaff 100644 --- a/server/resolvers/verify_totp.go +++ b/server/resolvers/verify_totp.go @@ -3,15 +3,16 @@ package resolvers import ( "context" "fmt" - "github.com/authorizerdev/authorizer/server/crypto" "strings" "time" "github.com/google/uuid" + log "github.com/sirupsen/logrus" "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/cookie" + "github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/graph/model" @@ -55,7 +56,7 @@ func VerifyTotpResolver(ctx context.Context, params model.VerifyTOTPRequest) (*m status, err := db.Provider.ValidatePasscode(ctx, params.Otp, userID) if err != nil || !status { - return nil, fmt.Errorf("error while validating passcode", err) + return nil, fmt.Errorf("error while validating passcode") } code := "" diff --git a/server/test/revoke_access_test.go b/server/test/revoke_access_test.go index 2f83d3e..4be042d 100644 --- a/server/test/revoke_access_test.go +++ b/server/test/revoke_access_test.go @@ -28,8 +28,6 @@ func revokeAccessTest(t *testing.T, s TestSetup) { verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{ Token: verificationRequest.Token, }) - fmt.Println("\n", verifyRes) - fmt.Println("\n", err) assert.NoError(t, err) assert.NotNil(t, verifyRes.AccessToken) diff --git a/server/test/verification_requests_test.go b/server/test/verification_requests_test.go index 11b7596..e5d5d73 100644 --- a/server/test/verification_requests_test.go +++ b/server/test/verification_requests_test.go @@ -23,8 +23,6 @@ func verificationRequestsTest(t *testing.T, s TestSetup) { Password: s.TestInfo.Password, ConfirmPassword: s.TestInfo.Password, }) - fmt.Println("res", res) - fmt.Println("err", err) assert.NoError(t, err) assert.NotNil(t, res) limit := int64(10) diff --git a/server/test/verify_totp_test.go b/server/test/verify_totp_test.go index c4f38d2..0bb28de 100644 --- a/server/test/verify_totp_test.go +++ b/server/test/verify_totp_test.go @@ -5,6 +5,13 @@ import ( "context" "encoding/base64" "fmt" + "strings" + "testing" + + "github.com/gokyle/twofactor" + "github.com/stretchr/testify/assert" + "github.com/tuotoo/qrcode" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" @@ -12,11 +19,6 @@ import ( "github.com/authorizerdev/authorizer/server/refs" "github.com/authorizerdev/authorizer/server/resolvers" "github.com/authorizerdev/authorizer/server/token" - "github.com/gokyle/twofactor" - "github.com/stretchr/testify/assert" - "github.com/tuotoo/qrcode" - "strings" - "testing" ) func verifyTOTPTest(t *testing.T, s TestSetup) { @@ -67,13 +69,13 @@ func verifyTOTPTest(t *testing.T, s TestSetup) { }) assert.NoError(t, err) assert.NotNil(t, loginRes) - assert.NotNil(t, loginRes.TotpBase64url) - assert.NotNil(t, loginRes.TokenTotp) + assert.NotNil(t, loginRes.TotpBase64URL) + assert.NotNil(t, loginRes.TotpToken) assert.Nil(t, loginRes.AccessToken) assert.Equal(t, loginRes.Message, `Proceed to totp screen`) // get totp url for validation - pngBytes, err := base64.StdEncoding.DecodeString(*loginRes.TotpBase64url) + pngBytes, err := base64.StdEncoding.DecodeString(*loginRes.TotpBase64URL) assert.NoError(t, err) qrmatrix, err := qrcode.Decode(bytes.NewReader(pngBytes)) assert.NoError(t, err) @@ -89,7 +91,7 @@ func verifyTOTPTest(t *testing.T, s TestSetup) { valid, err := resolvers.VerifyTotpResolver(ctx, model.VerifyTOTPRequest{ Otp: code, - Token: *loginRes.TokenTotp, + Token: *loginRes.TotpToken, }) accessToken := *valid.AccessToken @@ -126,8 +128,8 @@ func verifyTOTPTest(t *testing.T, s TestSetup) { }) assert.NoError(t, err) assert.NotNil(t, loginRes) - assert.NotNil(t, loginRes.TokenTotp) - assert.Nil(t, loginRes.TotpBase64url) + assert.NotNil(t, loginRes.TotpToken) + assert.Nil(t, loginRes.TotpBase64URL) assert.Nil(t, loginRes.AccessToken) assert.Equal(t, loginRes.Message, `Proceed to totp screen`) @@ -136,7 +138,7 @@ func verifyTOTPTest(t *testing.T, s TestSetup) { valid, err = resolvers.VerifyTotpResolver(ctx, model.VerifyTOTPRequest{ Otp: code, - Token: *loginRes.TokenTotp, + Token: *loginRes.TotpToken, }) assert.NoError(t, err) assert.NotNil(t, *valid.AccessToken)