TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 19:44:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
a1d24353db
zitadel/internal/domain
History
Livio Spring 07b2bac463
fix: allow login with user created through v2 api without password (#8291) 
# Which Problems Are Solved

User created through the User V2 API without any authentication method
and possibly unverified email address was not able to login through the
current hosted login UI.

An unverified email address would result in a mail verification and not
an initialization mail like it would with the management API. Also the
login UI would then require the user to enter the init code, which the
user never received.

# How the Problems Are Solved

- When verifying the email through the login UI, it will check for
existing auth methods (password, IdP, passkeys). In case there are none,
the user will be prompted to set a password.
- When a user was created through the V2 API with a verified email and
no auth method, the user will be prompted to set a password in the login
UI.
- Since setting a password requires a corresponding code, the code will
be generated and sent when login in.

# Additional Changes

- Changed `RequestSetPassword` to get the codeGenerator from the
eventstore instead of getting it from query.

# Additional Context

- closes https://github.com/zitadel/zitadel/issues/6600
- closes https://github.com/zitadel/zitadel/issues/8235

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-07-17 06:43:07 +02:00
..
schema feat: implement user schema management (#7416) 2024-03-12 13:50:13 +00:00
action.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
application_api.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
application_key.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
application_oauth.go feat(6222): remove @ and project from OIDC client ID (#8178) 2024-07-04 08:31:40 +00:00
application_oidc_test.go fix: remove hard requirement of grant type auth code for device code apps + warnings for missing urls (#7429) 2024-02-29 15:28:06 +00:00
application_oidc.go fix(oidc): store requested response_mode (#8145) 2024-06-17 09:50:12 +00:00
application_saml.go feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
application.go feat: protos refactoring 2021-03-09 10:30:11 +01:00
asset.go fix: return absolute asset urls (#3676) 2022-05-20 10:30:12 +02:00
auth_request_test.go feat(oidc): id token for device authorization (#7088) 2023-12-20 13:21:08 +01:00
auth_request.go feat: password age policy (#8132) 2024-06-18 11:27:44 +00:00
authn_key.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
browser_info.go fix: correctly set user agent / fingerprint id on user sessions (#8231) 2024-07-03 09:43:34 +02:00
bucket.go feat: asset storage (#1696) 2021-05-03 10:15:50 +02:00
custom_login_text.go feat: password age policy (#8132) 2024-06-18 11:27:44 +00:00
custom_message_text.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
custom_text.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
device_auth_test.go feat(oidc): id token for device authorization (#7088) 2023-12-20 13:21:08 +01:00
device_auth.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
deviceauthstate_string.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
execution.go feat: add action v2 execution on requests and responses (#7637) 2024-05-04 11:55:57 +02:00
expiration.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
factors.go feat: enable otp email and sms (#6260) 2023-07-28 07:39:30 +02:00
feature.go fix: add action v2 execution to features (#7597) 2024-04-09 20:21:21 +03:00
flow.go feat: add executions for actions v2 (#7433) 2024-02-26 12:49:43 +02:00
human_address.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
human_email_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_email.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_otp.go fix: import totp in add human user with secret (#7936) 2024-05-14 09:20:31 +02:00
human_password.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
human_phone_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_phone.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_profile.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_test.go fix: set displayname correctly in EnsureDisplayName (#5702) 2023-04-17 06:26:40 +00:00
human_web_auth_n.go fix: provide domain in session, passkey and u2f (#6097) 2023-06-27 14:36:07 +02:00
human.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
idp_config.go feat(login): use new IDP templates (#5315) 2023-02-28 21:20:58 +01:00
idp.go feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
instance_domain.go feat: add random string to generated domain (#3634) 2022-05-16 11:26:24 +02:00
instance.go fix: instance remove (#4602) 2022-10-26 13:06:48 +00:00
key_pair.go feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
language.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
machine_key.go fix: add expiration date information to service users keys (#7497) 2024-03-13 18:21:19 +00:00
machine.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
member.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
metadata.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
mfa.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
next_step.go fix: allow login with user created through v2 api without password (#8291) 2024-07-17 06:43:07 +02:00
notification.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
object.go feat(api): feature flags (#7356) 2024-02-28 10:55:54 +02:00
oidc_code_challenge.go fix: move v2 pkgs (#1331) 2021-02-23 15:13:04 +01:00
oidc_error_reason_test.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
oidc_error_reason.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
oidc_mapping_field.go fix: move v2 pkgs (#1331) 2021-02-23 15:13:04 +01:00
oidc_session.go feat(api): add OIDC session service (#6157) 2023-07-10 13:27:00 +00:00
oidc_settings.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
oidcresponsemode_enumer.go fix(oidc): store requested response_mode (#8145) 2024-06-17 09:50:12 +00:00
org_domain_test.go fix: allow unicode characters in org domains (#6675) 2023-10-11 09:55:01 +02:00
org_domain.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org.go feat(eventstore): add search table (#8191) 2024-07-03 15:00:56 +00:00
permission.go fix: allow other users to set up MFAs (#7914) 2024-05-07 05:38:26 +00:00
policy_domain.go feat: restrict smtp sender address (#3637) 2022-05-16 14:08:47 +00:00
policy_label_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
policy_label.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
policy_login_test.go feat: add default redirect uri and handling of unknown usernames (#3616) 2022-05-16 13:39:09 +00:00
policy_login.go fix(login): correct rendering of idps (#7151) 2024-01-05 14:35:51 +00:00
policy_mail_template.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
policy_password_age.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
policy_password_complexity.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
policy_password_lockout.go feat: provide option to limit (T)OTP checks (#7693) 2024-04-10 09:14:55 +00:00
policy_privacy.go feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
policy.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
project_grant_member.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
project_grant.go perf(command): user grant pre-condition check using the search table (#8230) 2024-07-04 16:18:43 +00:00
project_role.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
project.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
provider.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
refresh_token.go fix(oidc): return bad request for base64 errors (#7730) 2024-04-09 08:42:59 +02:00
request.go fix(oidc): store requested response_mode (#8145) 2024-06-17 09:50:12 +00:00
roles.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
search_method.go fix: todos (#1346) 2021-03-01 08:48:50 +01:00
secret_generator.go feat: add secret generators for OTP (#6262) 2023-07-26 11:00:41 +00:00
session.go feat(api): add otp (sms and email) checks in session api (#6422) 2023-08-24 09:41:52 +00:00
sms.go feat: Default configs sms provider (#3187) 2022-02-21 12:22:20 +00:00
smtp.go feat: SMTP Templates (#6932) 2024-04-11 09:16:10 +02:00
target.go feat: add action v2 execution on requests and responses (#7637) 2024-05-04 11:55:57 +02:00
token_test.go feat(oidc): organization roles scope (#8120) 2024-06-14 10:00:43 +02:00
token.go feat(oidc): organization roles scope (#8120) 2024-06-14 10:00:43 +02:00
tokenreason_enumer.go feat(oidc): token exchange impersonation (#7516) 2024-03-20 10:18:46 +00:00
url_template_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
url_template.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_agent_test.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
user_agent.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
user_grant.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
user_idp_link.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
user_schema.go feat: implement user schema management (#7416) 2024-03-12 13:50:13 +00:00
user_v2_passkey_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_v2_passkey.go feat(v2): register user u2f (#6020) 2023-06-15 05:32:40 +00:00
user.go fix(oidc): IDP and passwordless user auth methods (#7998) 2024-05-28 08:59:49 +00:00