feat: add totp login API (#416)

* fix:
* removed hasReversedValue in playground

* feat:
* added totp methods in db's providers
* adding totp in login method

* feat:
* added toggle in dashboard
* fixing issue with env set

* feat:
* integrated totp

* feat:
* encrypted userid
* added totp_verified column in user table
* started test for totp

* feat:
* test cases totp

* test-cases:
* completed test cases
* tested for all dbs

* fixes:
* return variable to snake case
* import refactoring

* feat:
* created seperate folder for authenticator with totp subfolder
* refactored code
* created new table for authenticators
* added recovery code for totp

* feat:
* adding functions to different db providers

* feat:
* added authenticators method for all db

* feat:
* added logic for updating mfa in user_profile update

* fix:
* merge conflict

* fix:
* resolved mongodb, dynamodb and arangodb test case bug
* added new condition for checking first time totp user or not

* feat:
* changes in all respective db with authenticator

* fix:
* PR suggested changes

* fix(cassandra): list users

* Update verify otp

* fix totp login api

---------

Co-authored-by: lemonScaletech <anand.panigrahi@scaletech.xyz>

server/db/providers/mongodb/authenticator.go

@@ -0,0 +1,52 @@
+package mongodb
+
+import (
+	"context"
+	"time"
+
+	"github.com/google/uuid"
+	"go.mongodb.org/mongo-driver/bson"
+	"go.mongodb.org/mongo-driver/mongo/options"
+
+	"github.com/authorizerdev/authorizer/server/db/models"
+)
+
+func (p *provider) AddAuthenticator(ctx context.Context, authenticators *models.Authenticator) (*models.Authenticator, error) {
+	exists, _ := p.GetAuthenticatorDetailsByUserId(ctx, authenticators.UserID, authenticators.Method)
+	if exists != nil {
+		return authenticators, nil
+	}
+
+	if authenticators.ID == "" {
+		authenticators.ID = uuid.New().String()
+	}
+	authenticators.CreatedAt = time.Now().Unix()
+	authenticators.UpdatedAt = time.Now().Unix()
+	authenticators.Key = authenticators.ID
+	authenticatorsCollection := p.db.Collection(models.Collections.Authenticators, options.Collection())
+	_, err := authenticatorsCollection.InsertOne(ctx, authenticators)
+	if err != nil {
+		return authenticators, err
+	}
+	return authenticators, nil
+}
+
+func (p *provider) UpdateAuthenticator(ctx context.Context, authenticators *models.Authenticator) (*models.Authenticator, error) {
+	authenticators.UpdatedAt = time.Now().Unix()
+	authenticatorsCollection := p.db.Collection(models.Collections.Authenticators, options.Collection())
+	_, err := authenticatorsCollection.UpdateOne(ctx, bson.M{"_id": bson.M{"$eq": authenticators.ID}}, bson.M{"$set": authenticators})
+	if err != nil {
+		return authenticators, err
+	}
+	return authenticators, nil
+}
+
+func (p *provider) GetAuthenticatorDetailsByUserId(ctx context.Context, userId string, authenticatorType string) (*models.Authenticator, error) {
+	var authenticators *models.Authenticator
+	authenticatorsCollection := p.db.Collection(models.Collections.Authenticators, options.Collection())
+	err := authenticatorsCollection.FindOne(ctx, bson.M{"user_id": userId, "method": authenticatorType}).Decode(&authenticators)
+	if err != nil {
+		return authenticators, err
+	}
+	return authenticators, nil
+}

server/db/providers/mongodb/provider.go

@@ -122,6 +122,15 @@ func NewProvider() (*provider, error) {
 		},
 	}, options.CreateIndexes())
 
+	mongodb.CreateCollection(ctx, models.Collections.Authenticators, options.CreateCollection())
+	authenticatorsCollection := mongodb.Collection(models.Collections.Authenticators, options.Collection())
+	authenticatorsCollection.Indexes().CreateMany(ctx, []mongo.IndexModel{
+		{
+			Keys:    bson.M{"user_id": 1},
+			Options: options.Index().SetSparse(true),
+		},
+	}, options.CreateIndexes())
+
 	return &provider{
 		db: mongodb,
 	}, nil