feat: mfa policy (#913)

* feat: add mfa to login policy * feat: add mfa to login policy * feat: add mfa to login policy * feat: add mfa to login policy * feat: add mfa to login policy on org * feat: add mfa to login policy on org * feat: append events on policy views * feat: iam login policy mfa definition * feat: login policies on orgs * feat: configured mfas in login process * feat: configured mfas in login process * Update internal/ui/login/static/i18n/en.yaml Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: rename software and hardware mfas * fix: pr requests * fix user mfa * fix: test * fix: oidc version * fix: oidc version * fix: proto gen Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Max Peintner <max@caos.ch>
2025-08-12 13:48:23 +00:00 · 2020-11-04 11:26:10 +01:00
parent 51417be35d
commit 202aae4954
76 changed files with 12913 additions and 5614 deletions
--- a/internal/user/repository/view/model/user_session_test.go
+++ b/internal/user/repository/view/model/user_session_test.go
@@ -78,7 +78,7 @@ func TestAppendEvent(t *testing.T) {
 				event:    &es_models.Event{CreationDate: now(), Type: es_model.MFAOTPCheckSucceeded},
 				userView: &UserSessionView{},
 			},
-			result: &UserSessionView{ChangeDate: now(), MfaSoftwareVerification: now()},
+			result: &UserSessionView{ChangeDate: now(), SecondFactorVerification: now()},
 		},
 		{
 			name: "append human otp check succeeded event",
@@ -86,55 +86,55 @@ func TestAppendEvent(t *testing.T) {
 				event:    &es_models.Event{CreationDate: now(), Type: es_model.HumanMFAOTPCheckSucceeded},
 				userView: &UserSessionView{},
 			},
-			result: &UserSessionView{ChangeDate: now(), MfaSoftwareVerification: now()},
+			result: &UserSessionView{ChangeDate: now(), SecondFactorVerification: now()},
 		},
 		{
 			name: "append user otp check failed event",
 			args: args{
 				event:    &es_models.Event{CreationDate: now(), Type: es_model.MFAOTPCheckFailed},
-				userView: &UserSessionView{MfaSoftwareVerification: now()},
+				userView: &UserSessionView{SecondFactorVerification: now()},
 			},
-			result: &UserSessionView{ChangeDate: now(), MfaSoftwareVerification: time.Time{}},
+			result: &UserSessionView{ChangeDate: now(), SecondFactorVerification: time.Time{}},
 		},
 		{
 			name: "append human otp check failed event",
 			args: args{
 				event:    &es_models.Event{CreationDate: now(), Type: es_model.HumanMFAOTPCheckFailed},
-				userView: &UserSessionView{MfaSoftwareVerification: now()},
+				userView: &UserSessionView{SecondFactorVerification: now()},
 			},
-			result: &UserSessionView{ChangeDate: now(), MfaSoftwareVerification: time.Time{}},
+			result: &UserSessionView{ChangeDate: now(), SecondFactorVerification: time.Time{}},
 		},
 		{
 			name: "append user otp removed event",
 			args: args{
 				event:    &es_models.Event{CreationDate: now(), Type: es_model.MFAOTPRemoved},
-				userView: &UserSessionView{MfaSoftwareVerification: now()},
+				userView: &UserSessionView{SecondFactorVerification: now()},
 			},
-			result: &UserSessionView{ChangeDate: now(), MfaSoftwareVerification: time.Time{}},
+			result: &UserSessionView{ChangeDate: now(), SecondFactorVerification: time.Time{}},
 		},
 		{
 			name: "append human otp removed event",
 			args: args{
 				event:    &es_models.Event{CreationDate: now(), Type: es_model.HumanMFAOTPRemoved},
-				userView: &UserSessionView{MfaSoftwareVerification: now()},
+				userView: &UserSessionView{SecondFactorVerification: now()},
 			},
-			result: &UserSessionView{ChangeDate: now(), MfaSoftwareVerification: time.Time{}},
+			result: &UserSessionView{ChangeDate: now(), SecondFactorVerification: time.Time{}},
 		},
 		{
 			name: "append user signed out event",
 			args: args{
 				event:    &es_models.Event{CreationDate: now(), Type: es_model.SignedOut},
-				userView: &UserSessionView{PasswordVerification: now(), MfaSoftwareVerification: now()},
+				userView: &UserSessionView{PasswordVerification: now(), SecondFactorVerification: now()},
 			},
-			result: &UserSessionView{ChangeDate: now(), PasswordVerification: time.Time{}, MfaSoftwareVerification: time.Time{}, State: 1},
+			result: &UserSessionView{ChangeDate: now(), PasswordVerification: time.Time{}, SecondFactorVerification: time.Time{}, State: 1},
 		},
 		{
 			name: "append human signed out event",
 			args: args{
 				event:    &es_models.Event{CreationDate: now(), Type: es_model.HumanSignedOut},
-				userView: &UserSessionView{PasswordVerification: now(), MfaSoftwareVerification: now()},
+				userView: &UserSessionView{PasswordVerification: now(), SecondFactorVerification: now()},
 			},
-			result: &UserSessionView{ChangeDate: now(), PasswordVerification: time.Time{}, MfaSoftwareVerification: time.Time{}, State: 1},
+			result: &UserSessionView{ChangeDate: now(), PasswordVerification: time.Time{}, SecondFactorVerification: time.Time{}, State: 1},
 		},
 	}
 	for _, tt := range tests {