get email and phone from user resource

2025-12-12 13:35:07 +00:00 · 2024-04-17 15:19:19 +02:00
parent 346f13e38d
commit c4a6af4061
3 changed files with 51 additions and 8 deletions
--- a/apps/login/app/api/session/route.ts
+++ b/apps/login/app/api/session/route.ts
@@ -3,6 +3,7 @@ import {
  deleteSession,
  listHumanAuthFactors,
  getSession,
+  getUserByID,
 } from "#/lib/zitadel";
 import {
  SessionCookie,
@@ -16,7 +17,7 @@ import {
  createSessionForIdpAndUpdateCookie,
  setSessionAndUpdateCookie,
 } from "#/utils/session";
-import { Checks, RequestChallenges } from "@zitadel/server";
+import { Challenges, Checks, RequestChallenges } from "@zitadel/server";
 import { NextRequest, NextResponse } from "next/server";

 export async function POST(request: NextRequest) {
@@ -91,12 +92,37 @@ export async function PUT(request: NextRequest) {

    const domain: string = request.nextUrl.hostname;

-    if (challenges && challenges.webAuthN && !challenges.webAuthN.domain) {
-      challenges.webAuthN.domain = domain;
-    }
-
    return recentPromise
-      .then((recent) => {
+      .then(async (recent) => {
+        if (
+          challenges &&
+          (challenges.otpEmail === "" || challenges.otpSms === "")
+        ) {
+          const sessionResponse = await getSession(
+            server,
+            recent.id,
+            recent.token
+          );
+          if (sessionResponse && sessionResponse.session?.factors?.user?.id) {
+            const userResponse = await getUserByID(
+              sessionResponse.session.factors.user.id
+            );
+            if (
+              challenges.otpEmail === "" &&
+              userResponse.user?.human?.email?.email
+            ) {
+              challenges.otpEmail = userResponse.user?.human?.email?.email;
+            }
+
+            if (
+              challenges.otpSms === "" &&
+              userResponse.user?.human?.phone?.phone
+            ) {
+              challenges.otpSms = userResponse.user?.human?.phone?.phone;
+            }
+          }
+        }
+
        return setSessionAndUpdateCookie(
          recent,
          checks,
@@ -114,6 +140,15 @@ export async function PUT(request: NextRequest) {
              authFactors = response.result;
            }
          }
+          if (challenges && challenges.o && session.factors?.user?.id) {
+            const response = await listHumanAuthFactors(
+              server,
+              session.factors?.user?.id
+            );
+            if (response.result && response.result.length) {
+              authFactors = response.result;
+            }
+          }
          return NextResponse.json({
            sessionId: session.id,
            factors: session.factors,
--- a/apps/login/lib/zitadel.ts
+++ b/apps/login/lib/zitadel.ts
@@ -1,4 +1,4 @@
-import { RegisterTOTPResponse } from "@zitadel/server";
+import { GetUserByIDResponse, RegisterTOTPResponse } from "@zitadel/server";
 import {
  LegalAndSupportSettings,
  PasswordComplexitySettings,
@@ -302,6 +302,14 @@ export async function addHumanUser(
  );
 }

+export async function getUserByID(
+  userId: string
+): Promise<GetUserByIDResponse> {
+  const userService = user.getUser(server);
+
+  return userService.getUserByID({ userId }, {});
+}
+
 export async function listHumanAuthFactors(
  server: ZitadelServer,
  userId: string
--- a/apps/login/ui/LoginOTP.tsx
+++ b/apps/login/ui/LoginOTP.tsx
@@ -66,7 +66,7 @@ export default function LoginOTP({
    const challenges: Challenges = {};

    if (method === "email") {
-      challenges.otpEmail = "peintnerm@gmail.com";
+      challenges.otpEmail = "";
    }

    if (method === "sms") {