devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

feat: add totp UI & recovery code (#429)

Browse Source
This commit is contained in:
Lakhan Samani
2023-12-03 09:03:22 +05:30
committed by GitHub
parent d7da81d308
commit cac67b7915
11 changed files with 87 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/resolvers/verify_otp.go
View File

@@ -56,7 +56,7 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
return res, err
}
// Verify OTP based on TOPT or OTP
if refs.BoolValue(params.Totp) {
if refs.BoolValue(params.IsTotp) {
status, err := authenticators.Provider.Validate(ctx, params.Otp, user.ID)
if err != nil {
log.Debug("Failed to validate totp: ", err)
@@ -64,7 +64,17 @@ func VerifyOtpResolver(ctx context.Context, params model.VerifyOTPRequest) (*mod
}
if !status {
log.Debug("Failed to verify otp request: Incorrect value")
return res, fmt.Errorf(`invalid otp`)
log.Info("Checking if otp is recovery code")
// Check if otp is recovery code
isValidRecoveryCode, err := authenticators.Provider.ValidateRecoveryCode(ctx, params.Otp, user.ID)
if err != nil {
log.Debug("Failed to validate recovery code: ", err)
return nil, fmt.Errorf("error while validating recovery code")
}
if !isValidRecoveryCode {
log.Debug("Failed to verify otp request: Incorrect value")
return res, fmt.Errorf(`invalid otp`)
}
}
} else {
var otp *models.OTP