feat(api/v2): implement TOTP session check (#6362)

* feat(api/v2): implement TOTP session check * add integration test * correct typo in projection test * fix event type typos --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-11 21:17:32 +00:00 · 2023-08-15 12:50:42 +03:00
parent 8953353210
commit 0017542aa2
15 changed files with 437 additions and 21 deletions
--- a/internal/query/projection/session.go
+++ b/internal/query/projection/session.go
@@ -30,6 +30,7 @@ const (
 	SessionColumnIntentCheckedAt      = "intent_checked_at"
 	SessionColumnWebAuthNCheckedAt    = "webauthn_checked_at"
 	SessionColumnWebAuthNUserVerified = "webauthn_user_verified"
+	SessionColumnTOTPCheckedAt        = "totp_checked_at"
 	SessionColumnMetadata             = "metadata"
 	SessionColumnTokenID              = "token_id"
 )
@@ -58,6 +59,7 @@ func newSessionProjection(ctx context.Context, config crdb.StatementHandlerConfi
 			crdb.NewColumn(SessionColumnIntentCheckedAt, crdb.ColumnTypeTimestamp, crdb.Nullable()),
 			crdb.NewColumn(SessionColumnWebAuthNCheckedAt, crdb.ColumnTypeTimestamp, crdb.Nullable()),
 			crdb.NewColumn(SessionColumnWebAuthNUserVerified, crdb.ColumnTypeBool, crdb.Nullable()),
+			crdb.NewColumn(SessionColumnTOTPCheckedAt, crdb.ColumnTypeTimestamp, crdb.Nullable()),
 			crdb.NewColumn(SessionColumnMetadata, crdb.ColumnTypeJSONB, crdb.Nullable()),
 			crdb.NewColumn(SessionColumnTokenID, crdb.ColumnTypeText, crdb.Nullable()),
 		},
@@ -93,6 +95,10 @@ func (p *sessionProjection) reducers() []handler.AggregateReducer {
 					Event:  session.WebAuthNCheckedType,
 					Reduce: p.reduceWebAuthNChecked,
 				},
+				{
+					Event:  session.TOTPCheckedType,
+					Reduce: p.reduceTOTPChecked,
+				},
 				{
 					Event:  session.TokenSetType,
 					Reduce: p.reduceTokenSet,
@@ -229,6 +235,26 @@ func (p *sessionProjection) reduceWebAuthNChecked(event eventstore.Event) (*hand
 	), nil
 }

+func (p *sessionProjection) reduceTOTPChecked(event eventstore.Event) (*handler.Statement, error) {
+	e, ok := event.(*session.TOTPCheckedEvent)
+	if !ok {
+		return nil, errors.ThrowInvalidArgumentf(nil, "HANDL-Oqu8i", "reduce.wrong.event.type %s", session.TOTPCheckedType)
+	}
+
+	return crdb.NewUpdateStatement(
+		e,
+		[]handler.Column{
+			handler.NewCol(SessionColumnChangeDate, e.CreationDate()),
+			handler.NewCol(SessionColumnSequence, e.Sequence()),
+			handler.NewCol(SessionColumnTOTPCheckedAt, e.CheckedAt),
+		},
+		[]handler.Condition{
+			handler.NewCond(SessionColumnID, e.Aggregate().ID),
+			handler.NewCond(SessionColumnInstanceID, e.Aggregate().InstanceID),
+		},
+	), nil
+}
+
 func (p *sessionProjection) reduceTokenSet(event eventstore.Event) (*handler.Statement, error) {
 	e, ok := event.(*session.TokenSetEvent)
 	if !ok {