feat: pass and handle auth request context for email links (#7815)

* pass and handle auth request context * tests and cleanup * cleanup
2025-08-11 19:17:32 +00:00 · 2024-04-24 17:50:58 +02:00
parent ac985e2dfb
commit d016379e2a
38 changed files with 851 additions and 2018 deletions
--- a/internal/auth/repository/eventsourcing/eventstore/auth_request.go
+++ b/internal/auth/repository/eventsourcing/eventstore/auth_request.go
@@ -543,23 +543,19 @@ func (repo *AuthRequestRepo) AutoRegisterExternalUser(ctx context.Context, regis
 	if err != nil {
 		return err
 	}
-	initCodeGenerator, err := repo.Query.InitEncryptionGenerator(ctx, domain.SecretGeneratorTypeInitCode, repo.UserCodeAlg)
+	addMetadata := make([]*command.AddMetadataEntry, len(metadatas))
+	for i, metadata := range metadatas {
+		addMetadata[i] = &command.AddMetadataEntry{
+			Key:   metadata.Key,
+			Value: metadata.Value,
+		}
+	}
+	human := command.AddHumanFromDomain(registerUser, metadatas, request, externalIDP)
+	err = repo.Command.AddUserHuman(ctx, resourceOwner, human, true, repo.UserCodeAlg)
 	if err != nil {
 		return err
 	}
-	emailCodeGenerator, err := repo.Query.InitEncryptionGenerator(ctx, domain.SecretGeneratorTypeVerifyEmailCode, repo.UserCodeAlg)
-	if err != nil {
-		return err
-	}
-	phoneCodeGenerator, err := repo.Query.InitEncryptionGenerator(ctx, domain.SecretGeneratorTypeVerifyPhoneCode, repo.UserCodeAlg)
-	if err != nil {
-		return err
-	}
-	human, err := repo.Command.RegisterHuman(ctx, resourceOwner, registerUser, externalIDP, orgMemberRoles, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator)
-	if err != nil {
-		return err
-	}
-	request.SetUserInfo(human.AggregateID, human.Username, human.PreferredLoginName, human.DisplayName, "", human.ResourceOwner)
+	request.SetUserInfo(human.ID, human.Username, human.Username, human.DisplayName, "", resourceOwner)
 	request.SelectedIDPConfigID = externalIDP.IDPConfigID
 	request.LinkingUsers = nil
 	err = repo.Command.UserIDPLoginChecked(ctx, request.UserOrgID, request.UserID, request.WithCurrentInfo(info))
--- a/internal/auth/repository/eventsourcing/handler/user_session.go
+++ b/internal/auth/repository/eventsourcing/handler/user_session.go
@@ -160,6 +160,10 @@ func (s *UserSession) Reducers() []handler.AggregateReducer {
 					Event:  user.UserRemovedType,
 					Reduce: s.Reduce,
 				},
+				{
+					Event:  user.HumanRegisteredType,
+					Reduce: s.Reduce,
+				},
 			},
 		},
 		{
@@ -234,6 +238,8 @@ func (u *UserSession) Reduce(event eventstore.Event) (_ *handler.Statement, err
 				handler.NewCol("multi_factor_verification_type", domain.MFALevelNotSetUp),
 				handler.NewCol("external_login_verification", time.Time{}),
 				handler.NewCol("state", domain.UserSessionStateTerminated),
+				handler.NewCol("change_date", event.CreatedAt()),
+				handler.NewCol("sequence", event.Sequence()),
 			},
 			[]handler.Condition{
 				handler.NewCond("instance_id", event.Aggregate().InstanceID),
@@ -247,16 +253,30 @@ func (u *UserSession) Reduce(event eventstore.Event) (_ *handler.Statement, err
 		if err != nil {
 			return nil, err
 		}
-		return handler.NewUpdateStatement(event,
-			[]handler.Column{
-				handler.NewCol("password_verification", time.Time{}),
-			},
-			[]handler.Condition{
-				handler.NewCond("instance_id", event.Aggregate().InstanceID),
-				handler.NewCond("user_id", event.Aggregate().ID),
-				handler.Not(handler.NewCond("user_agent_id", userAgent)),
-				handler.Not(handler.NewCond("state", domain.UserSessionStateTerminated)),
-			},
+		return handler.NewMultiStatement(event,
+			handler.AddUpdateStatement(
+				[]handler.Column{
+					handler.NewCol("password_verification", event.CreatedAt()),
+					handler.NewCol("change_date", event.CreatedAt()),
+					handler.NewCol("sequence", event.Sequence()),
+				},
+				[]handler.Condition{
+					handler.NewCond("instance_id", event.Aggregate().InstanceID),
+					handler.NewCond("user_id", event.Aggregate().ID),
+					handler.NewCond("user_agent_id", userAgent),
+				}),
+			handler.AddUpdateStatement(
+				[]handler.Column{
+					handler.NewCol("password_verification", time.Time{}),
+					handler.NewCol("change_date", event.CreatedAt()),
+					handler.NewCol("sequence", event.Sequence()),
+				},
+				[]handler.Condition{
+					handler.NewCond("instance_id", event.Aggregate().InstanceID),
+					handler.NewCond("user_id", event.Aggregate().ID),
+					handler.Not(handler.NewCond("user_agent_id", userAgent)),
+					handler.Not(handler.NewCond("state", domain.UserSessionStateTerminated)),
+				}),
 		), nil
 	case user.UserV1MFAOTPRemovedType,
 		user.HumanMFAOTPRemovedType,
@@ -264,6 +284,8 @@ func (u *UserSession) Reduce(event eventstore.Event) (_ *handler.Statement, err
 		return handler.NewUpdateStatement(event,
 			[]handler.Column{
 				handler.NewCol("second_factor_verification", time.Time{}),
+				handler.NewCol("change_date", event.CreatedAt()),
+				handler.NewCol("sequence", event.Sequence()),
 			},
 			[]handler.Condition{
 				handler.NewCond("instance_id", event.Aggregate().InstanceID),
@@ -277,6 +299,8 @@ func (u *UserSession) Reduce(event eventstore.Event) (_ *handler.Statement, err
 			[]handler.Column{
 				handler.NewCol("external_login_verification", time.Time{}),
 				handler.NewCol("selected_idp_config_id", ""),
+				handler.NewCol("change_date", event.CreatedAt()),
+				handler.NewCol("sequence", event.Sequence()),
 			},
 			[]handler.Condition{
 				handler.NewCond("instance_id", event.Aggregate().InstanceID),
@@ -289,6 +313,8 @@ func (u *UserSession) Reduce(event eventstore.Event) (_ *handler.Statement, err
 			[]handler.Column{
 				handler.NewCol("passwordless_verification", time.Time{}),
 				handler.NewCol("multi_factor_verification", time.Time{}),
+				handler.NewCol("change_date", event.CreatedAt()),
+				handler.NewCol("sequence", event.Sequence()),
 			},
 			[]handler.Condition{
 				handler.NewCond("instance_id", event.Aggregate().InstanceID),
@@ -300,6 +326,23 @@ func (u *UserSession) Reduce(event eventstore.Event) (_ *handler.Statement, err
 		return handler.NewStatement(event, func(ex handler.Executer, projectionName string) error {
 			return u.view.DeleteUserSessions(event.Aggregate().ID, event.Aggregate().InstanceID)
 		}), nil
+	case user.HumanRegisteredType:
+		return handler.NewStatement(event, func(ex handler.Executer, projectionName string) error {
+			eventData, err := view_model.UserSessionFromEvent(event)
+			if err != nil {
+				return err
+			}
+			session := &view_model.UserSessionView{
+				CreationDate:         event.CreatedAt(),
+				ResourceOwner:        event.Aggregate().ResourceOwner,
+				UserAgentID:          eventData.UserAgentID,
+				UserID:               event.Aggregate().ID,
+				State:                int32(domain.UserSessionStateActive),
+				InstanceID:           event.Aggregate().InstanceID,
+				PasswordVerification: event.CreatedAt(),
+			}
+			return u.updateSession(session, event)
+		}), nil
 	case instance.InstanceRemovedEventType:
 		return handler.NewStatement(event, func(ex handler.Executer, projectionName string) error {
 			return u.view.DeleteInstanceUserSessions(event.Aggregate().InstanceID)