fix: reread user mfas, preferred loginname as otp account name (#636)

* fix: reread user mfas

* fix: use preferred login name as otp account name

* fix: tests

internal/auth/repository/eventsourcing/eventstore/user.go

@@ -176,15 +176,36 @@ func (repo *UserRepo) ChangePassword(ctx context.Context, userID, old, new strin
 }
 
 func (repo *UserRepo) MyUserMfas(ctx context.Context) ([]*model.MultiFactor, error) {
-	return repo.View.UserMfas(authz.GetCtxData(ctx).UserID)
+	user, err := repo.UserByID(ctx, authz.GetCtxData(ctx).UserID)
+	if err != nil {
+		return nil, err
+	}
+	if user.OTPState == model.MfaStateUnspecified {
+		return []*model.MultiFactor{}, nil
+	}
+	return []*model.MultiFactor{{Type: model.MfaTypeOTP, State: user.OTPState}}, nil
 }
 
 func (repo *UserRepo) AddMfaOTP(ctx context.Context, userID string) (*model.OTP, error) {
-	return repo.UserEvents.AddOTP(ctx, userID)
+	accountName := ""
+	user, err := repo.UserByID(ctx, userID)
+	if err != nil {
+		logging.Log("EVENT-Fk93s").OnError(err).Debug("unable to get user for loginname")
+	} else {
+		accountName = user.PreferredLoginName
+	}
+	return repo.UserEvents.AddOTP(ctx, userID, accountName)
 }
 
 func (repo *UserRepo) AddMyMfaOTP(ctx context.Context) (*model.OTP, error) {
-	return repo.UserEvents.AddOTP(ctx, authz.GetCtxData(ctx).UserID)
+	accountName := ""
+	user, err := repo.UserByID(ctx, authz.GetCtxData(ctx).UserID)
+	if err != nil {
+		logging.Log("EVENT-Ml0sd").OnError(err).Debug("unable to get user for loginname")
+	} else {
+		accountName = user.PreferredLoginName
+	}
+	return repo.UserEvents.AddOTP(ctx, authz.GetCtxData(ctx).UserID, accountName)
 }
 
 func (repo *UserRepo) VerifyMfaOTPSetup(ctx context.Context, userID, code string) error {