mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-11 20:57:31 +00:00
feat(api): add otp (sms and email) checks in session api (#6422)
* feat: add otp (sms and email) checks in session api * implement sending * fix tests * add tests * add integration tests * fix merge main and add tests * put default OTP Email url into config --------- Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
This commit is contained in:
Livio Spring
@@ -17,53 +17,57 @@ import (
|
||||
)
|
||||
|
||||
var (
|
||||
expectedSessionQuery = regexp.QuoteMeta(`SELECT projections.sessions4.id,` +
|
||||
` projections.sessions4.creation_date,` +
|
||||
` projections.sessions4.change_date,` +
|
||||
` projections.sessions4.sequence,` +
|
||||
` projections.sessions4.state,` +
|
||||
` projections.sessions4.resource_owner,` +
|
||||
` projections.sessions4.creator,` +
|
||||
` projections.sessions4.user_id,` +
|
||||
` projections.sessions4.user_checked_at,` +
|
||||
expectedSessionQuery = regexp.QuoteMeta(`SELECT projections.sessions5.id,` +
|
||||
` projections.sessions5.creation_date,` +
|
||||
` projections.sessions5.change_date,` +
|
||||
` projections.sessions5.sequence,` +
|
||||
` projections.sessions5.state,` +
|
||||
` projections.sessions5.resource_owner,` +
|
||||
` projections.sessions5.creator,` +
|
||||
` projections.sessions5.user_id,` +
|
||||
` projections.sessions5.user_checked_at,` +
|
||||
` projections.login_names2.login_name,` +
|
||||
` projections.users8_humans.display_name,` +
|
||||
` projections.users8.resource_owner,` +
|
||||
` projections.sessions4.password_checked_at,` +
|
||||
` projections.sessions4.intent_checked_at,` +
|
||||
` projections.sessions4.webauthn_checked_at,` +
|
||||
` projections.sessions4.webauthn_user_verified,` +
|
||||
` projections.sessions4.totp_checked_at,` +
|
||||
` projections.sessions4.metadata,` +
|
||||
` projections.sessions4.token_id` +
|
||||
` FROM projections.sessions4` +
|
||||
` LEFT JOIN projections.login_names2 ON projections.sessions4.user_id = projections.login_names2.user_id AND projections.sessions4.instance_id = projections.login_names2.instance_id` +
|
||||
` LEFT JOIN projections.users8_humans ON projections.sessions4.user_id = projections.users8_humans.user_id AND projections.sessions4.instance_id = projections.users8_humans.instance_id` +
|
||||
` LEFT JOIN projections.users8 ON projections.sessions4.user_id = projections.users8.id AND projections.sessions4.instance_id = projections.users8.instance_id` +
|
||||
` projections.sessions5.password_checked_at,` +
|
||||
` projections.sessions5.intent_checked_at,` +
|
||||
` projections.sessions5.webauthn_checked_at,` +
|
||||
` projections.sessions5.webauthn_user_verified,` +
|
||||
` projections.sessions5.totp_checked_at,` +
|
||||
` projections.sessions5.otp_sms_checked_at,` +
|
||||
` projections.sessions5.otp_email_checked_at,` +
|
||||
` projections.sessions5.metadata,` +
|
||||
` projections.sessions5.token_id` +
|
||||
` FROM projections.sessions5` +
|
||||
` LEFT JOIN projections.login_names2 ON projections.sessions5.user_id = projections.login_names2.user_id AND projections.sessions5.instance_id = projections.login_names2.instance_id` +
|
||||
` LEFT JOIN projections.users8_humans ON projections.sessions5.user_id = projections.users8_humans.user_id AND projections.sessions5.instance_id = projections.users8_humans.instance_id` +
|
||||
` LEFT JOIN projections.users8 ON projections.sessions5.user_id = projections.users8.id AND projections.sessions5.instance_id = projections.users8.instance_id` +
|
||||
` AS OF SYSTEM TIME '-1 ms'`)
|
||||
expectedSessionsQuery = regexp.QuoteMeta(`SELECT projections.sessions4.id,` +
|
||||
` projections.sessions4.creation_date,` +
|
||||
` projections.sessions4.change_date,` +
|
||||
` projections.sessions4.sequence,` +
|
||||
` projections.sessions4.state,` +
|
||||
` projections.sessions4.resource_owner,` +
|
||||
` projections.sessions4.creator,` +
|
||||
` projections.sessions4.user_id,` +
|
||||
` projections.sessions4.user_checked_at,` +
|
||||
expectedSessionsQuery = regexp.QuoteMeta(`SELECT projections.sessions5.id,` +
|
||||
` projections.sessions5.creation_date,` +
|
||||
` projections.sessions5.change_date,` +
|
||||
` projections.sessions5.sequence,` +
|
||||
` projections.sessions5.state,` +
|
||||
` projections.sessions5.resource_owner,` +
|
||||
` projections.sessions5.creator,` +
|
||||
` projections.sessions5.user_id,` +
|
||||
` projections.sessions5.user_checked_at,` +
|
||||
` projections.login_names2.login_name,` +
|
||||
` projections.users8_humans.display_name,` +
|
||||
` projections.users8.resource_owner,` +
|
||||
` projections.sessions4.password_checked_at,` +
|
||||
` projections.sessions4.intent_checked_at,` +
|
||||
` projections.sessions4.webauthn_checked_at,` +
|
||||
` projections.sessions4.webauthn_user_verified,` +
|
||||
` projections.sessions4.totp_checked_at,` +
|
||||
` projections.sessions4.metadata,` +
|
||||
` projections.sessions5.password_checked_at,` +
|
||||
` projections.sessions5.intent_checked_at,` +
|
||||
` projections.sessions5.webauthn_checked_at,` +
|
||||
` projections.sessions5.webauthn_user_verified,` +
|
||||
` projections.sessions5.totp_checked_at,` +
|
||||
` projections.sessions5.otp_sms_checked_at,` +
|
||||
` projections.sessions5.otp_email_checked_at,` +
|
||||
` projections.sessions5.metadata,` +
|
||||
` COUNT(*) OVER ()` +
|
||||
` FROM projections.sessions4` +
|
||||
` LEFT JOIN projections.login_names2 ON projections.sessions4.user_id = projections.login_names2.user_id AND projections.sessions4.instance_id = projections.login_names2.instance_id` +
|
||||
` LEFT JOIN projections.users8_humans ON projections.sessions4.user_id = projections.users8_humans.user_id AND projections.sessions4.instance_id = projections.users8_humans.instance_id` +
|
||||
` LEFT JOIN projections.users8 ON projections.sessions4.user_id = projections.users8.id AND projections.sessions4.instance_id = projections.users8.instance_id` +
|
||||
` FROM projections.sessions5` +
|
||||
` LEFT JOIN projections.login_names2 ON projections.sessions5.user_id = projections.login_names2.user_id AND projections.sessions5.instance_id = projections.login_names2.instance_id` +
|
||||
` LEFT JOIN projections.users8_humans ON projections.sessions5.user_id = projections.users8_humans.user_id AND projections.sessions5.instance_id = projections.users8_humans.instance_id` +
|
||||
` LEFT JOIN projections.users8 ON projections.sessions5.user_id = projections.users8.id AND projections.sessions5.instance_id = projections.users8.instance_id` +
|
||||
` AS OF SYSTEM TIME '-1 ms'`)
|
||||
|
||||
sessionCols = []string{
|
||||
@@ -84,6 +88,8 @@ var (
|
||||
"webauthn_checked_at",
|
||||
"webauthn_user_verified",
|
||||
"totp_checked_at",
|
||||
"otp_sms_checked_at",
|
||||
"otp_email_checked_at",
|
||||
"metadata",
|
||||
"token",
|
||||
}
|
||||
@@ -106,6 +112,8 @@ var (
|
||||
"webauthn_checked_at",
|
||||
"webauthn_user_verified",
|
||||
"totp_checked_at",
|
||||
"otp_sms_checked_at",
|
||||
"otp_email_checked_at",
|
||||
"metadata",
|
||||
"count",
|
||||
}
|
||||
@@ -160,6 +168,8 @@ func Test_SessionsPrepare(t *testing.T) {
|
||||
testNow,
|
||||
true,
|
||||
testNow,
|
||||
testNow,
|
||||
testNow,
|
||||
[]byte(`{"key": "dmFsdWU="}`),
|
||||
},
|
||||
},
|
||||
@@ -198,6 +208,12 @@ func Test_SessionsPrepare(t *testing.T) {
|
||||
TOTPFactor: SessionTOTPFactor{
|
||||
TOTPCheckedAt: testNow,
|
||||
},
|
||||
OTPSMSFactor: SessionOTPFactor{
|
||||
OTPCheckedAt: testNow,
|
||||
},
|
||||
OTPEmailFactor: SessionOTPFactor{
|
||||
OTPCheckedAt: testNow,
|
||||
},
|
||||
Metadata: map[string][]byte{
|
||||
"key": []byte("value"),
|
||||
},
|
||||
@@ -231,6 +247,8 @@ func Test_SessionsPrepare(t *testing.T) {
|
||||
testNow,
|
||||
true,
|
||||
testNow,
|
||||
testNow,
|
||||
testNow,
|
||||
[]byte(`{"key": "dmFsdWU="}`),
|
||||
},
|
||||
{
|
||||
@@ -251,6 +269,8 @@ func Test_SessionsPrepare(t *testing.T) {
|
||||
testNow,
|
||||
false,
|
||||
testNow,
|
||||
testNow,
|
||||
testNow,
|
||||
[]byte(`{"key": "dmFsdWU="}`),
|
||||
},
|
||||
},
|
||||
@@ -289,6 +309,12 @@ func Test_SessionsPrepare(t *testing.T) {
|
||||
TOTPFactor: SessionTOTPFactor{
|
||||
TOTPCheckedAt: testNow,
|
||||
},
|
||||
OTPSMSFactor: SessionOTPFactor{
|
||||
OTPCheckedAt: testNow,
|
||||
},
|
||||
OTPEmailFactor: SessionOTPFactor{
|
||||
OTPCheckedAt: testNow,
|
||||
},
|
||||
Metadata: map[string][]byte{
|
||||
"key": []byte("value"),
|
||||
},
|
||||
@@ -321,6 +347,12 @@ func Test_SessionsPrepare(t *testing.T) {
|
||||
TOTPFactor: SessionTOTPFactor{
|
||||
TOTPCheckedAt: testNow,
|
||||
},
|
||||
OTPSMSFactor: SessionOTPFactor{
|
||||
OTPCheckedAt: testNow,
|
||||
},
|
||||
OTPEmailFactor: SessionOTPFactor{
|
||||
OTPCheckedAt: testNow,
|
||||
},
|
||||
Metadata: map[string][]byte{
|
||||
"key": []byte("value"),
|
||||
},
|
||||
@@ -407,6 +439,8 @@ func Test_SessionPrepare(t *testing.T) {
|
||||
testNow,
|
||||
true,
|
||||
testNow,
|
||||
testNow,
|
||||
testNow,
|
||||
[]byte(`{"key": "dmFsdWU="}`),
|
||||
"tokenID",
|
||||
},
|
||||
@@ -440,6 +474,12 @@ func Test_SessionPrepare(t *testing.T) {
|
||||
TOTPFactor: SessionTOTPFactor{
|
||||
TOTPCheckedAt: testNow,
|
||||
},
|
||||
OTPSMSFactor: SessionOTPFactor{
|
||||
OTPCheckedAt: testNow,
|
||||
},
|
||||
OTPEmailFactor: SessionOTPFactor{
|
||||
OTPCheckedAt: testNow,
|
||||
},
|
||||
Metadata: map[string][]byte{
|
||||
"key": []byte("value"),
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user