TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 01:47:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: passwordless (#1116)

Browse Source 
* fix passwordless session handling

* only check passwordless when enabled in policy

* set preferred user name in webauthn

* fix tests

* add passwordless in setup

* fix(console): exclude credentials for passwordless (#1115)

* fix: exclude creds

* fix i18n type loginpolicy

* fix enter on dialog input

* remove arg

Co-authored-by: Max Peintner <max@caos.ch>
This commit is contained in:
Livio Amstutz
2020-12-17 16:22:27 +01:00
committed by GitHub
parent c5287364a4
commit b183d49761
19 changed files with 194 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/user/repository/eventsourcing/eventstore.go
View File

@@ -1302,12 +1302,12 @@ func (es *UserEventstore) verifyMFAOTP(otp *usr_model.OTP, code string) error {
return nil
}
func (es *UserEventstore) AddU2F(ctx context.Context, userID string, isLoginUI bool) (*usr_model.WebAuthNToken, error) {
func (es *UserEventstore) AddU2F(ctx context.Context, userID string, accountName string, isLoginUI bool) (*usr_model.WebAuthNToken, error) {
user, err := es.HumanByID(ctx, userID)
if err != nil {
return nil, err
}
webAuthN, err := es.webauthn.BeginRegistration(user, usr_model.AuthenticatorAttachmentUnspecified, usr_model.UserVerificationRequirementDiscouraged, isLoginUI, user.U2FTokens...)
webAuthN, err := es.webauthn.BeginRegistration(user, accountName, usr_model.AuthenticatorAttachmentUnspecified, usr_model.UserVerificationRequirementDiscouraged, isLoginUI, user.U2FTokens...)
if err != nil {
return nil, err
}
@@ -1418,12 +1418,12 @@ func (es *UserEventstore) GetPasswordless(ctx context.Context, userID string) ([
return user.PasswordlessTokens, nil
}
func (es *UserEventstore) AddPasswordless(ctx context.Context, userID string, isLoginUI bool) (*usr_model.WebAuthNToken, error) {
func (es *UserEventstore) AddPasswordless(ctx context.Context, userID, accountName string, isLoginUI bool) (*usr_model.WebAuthNToken, error) {
user, err := es.HumanByID(ctx, userID)
if err != nil {
return nil, err
}
webAuthN, err := es.webauthn.BeginRegistration(user, usr_model.AuthenticatorAttachmentUnspecified, usr_model.UserVerificationRequirementRequired, isLoginUI, user.PasswordlessTokens...)
webAuthN, err := es.webauthn.BeginRegistration(user, accountName, usr_model.AuthenticatorAttachmentUnspecified, usr_model.UserVerificationRequirementRequired, isLoginUI, user.PasswordlessTokens...)
if err != nil {
return nil, err
}

4
internal/user/repository/view/model/user_session.go
View File

@@ -155,8 +155,12 @@ func (v *UserSessionView) AppendEvent(event *models.Event) error {
es_model.HumanSignedOut,
es_model.UserLocked,
es_model.UserDeactivated:
v.PasswordlessVerification = time.Time{}
v.PasswordVerification = time.Time{}
v.SecondFactorVerification = time.Time{}
v.SecondFactorVerificationType = int32(req_model.MFALevelNotSetUp)
v.MultiFactorVerification = time.Time{}
v.MultiFactorVerificationType = int32(req_model.MFALevelNotSetUp)
v.ExternalLoginVerification = time.Time{}
v.State = int32(req_model.UserSessionStateTerminated)
case es_model.HumanExternalIDPRemoved, es_model.HumanExternalIDPCascadeRemoved: