feat(login): add OTP (email and sms) (#6353)

* feat: login with otp * fix(i18n): japanese translation * add missing files * fix provider change * add event types translations to en * add tests * resourceOwner * remove unused handler * fix: secret generators and add comments * add setup step * rename * linting * fix setup * improve otp handling * fix autocomplete * translations for login and notifications * translations for event types * changes from review * check selected mfa type
2025-08-12 10:49:25 +00:00 · 2023-08-15 14:47:05 +02:00
parent faa9ed4de9
commit 7c494fd219
76 changed files with 3203 additions and 88 deletions
--- a/internal/user/repository/view/model/user_session.go
+++ b/internal/user/repository/view/model/user_session.go
@@ -139,12 +139,32 @@ func (v *UserSessionView) AppendEvent(event *models.Event) error {
 	case user.UserV1MFAOTPCheckSucceededType,
 		user.HumanMFAOTPCheckSucceededType:
 		v.setSecondFactorVerification(event.CreationDate, domain.MFATypeTOTP)
+	case user.HumanOTPSMSCheckSucceededType:
+		data := new(es_model.OTPVerified)
+		err := data.SetData(event)
+		if err != nil {
+			return err
+		}
+		if v.UserAgentID == data.UserAgentID {
+			v.setSecondFactorVerification(event.CreationDate, domain.MFATypeOTPSMS)
+		}
+	case user.HumanOTPEmailCheckSucceededType:
+		data := new(es_model.OTPVerified)
+		err := data.SetData(event)
+		if err != nil {
+			return err
+		}
+		if v.UserAgentID == data.UserAgentID {
+			v.setSecondFactorVerification(event.CreationDate, domain.MFATypeOTPEmail)
+		}
 	case user.UserV1MFAOTPCheckFailedType,
 		user.UserV1MFAOTPRemovedType,
 		user.HumanMFAOTPCheckFailedType,
 		user.HumanMFAOTPRemovedType,
 		user.HumanU2FTokenCheckFailedType,
-		user.HumanU2FTokenRemovedType:
+		user.HumanU2FTokenRemovedType,
+		user.HumanOTPSMSCheckFailedType,
+		user.HumanOTPEmailCheckFailedType:
 		v.SecondFactorVerification = time.Time{}
 	case user.HumanU2FTokenVerifiedType:
 		data := new(es_model.WebAuthNVerify)
@@ -218,6 +238,10 @@ func (v *UserSessionView) EventTypes() []models.EventType {
 		models.EventType(user.UserV1MFAOTPRemovedType),
 		models.EventType(user.HumanMFAOTPCheckFailedType),
 		models.EventType(user.HumanMFAOTPRemovedType),
+		models.EventType(user.HumanOTPSMSCheckSucceededType),
+		models.EventType(user.HumanOTPSMSCheckFailedType),
+		models.EventType(user.HumanOTPEmailCheckSucceededType),
+		models.EventType(user.HumanOTPEmailCheckFailedType),
 		models.EventType(user.HumanU2FTokenCheckFailedType),
 		models.EventType(user.HumanU2FTokenRemovedType),
 		models.EventType(user.HumanU2FTokenVerifiedType),