Skip to content
This repository has been archived by the owner on Jul 12, 2023. It is now read-only.

Reduce verification code save to 2 SQL statements. #360

Merged
merged 1 commit into from
Aug 25, 2020
Merged

Reduce verification code save to 2 SQL statements. #360

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions pkg/controller/codestatus/logic.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,14 +64,14 @@ func (c *Controller) CheckCodeStatus(r *http.Request, uuid string) (*database.Ve
}

// The current user must have issued the code or be a realm admin.
if user != nil && !(code.IssuingUser != nil && code.IssuingUser.Email == user.Email || user.CanAdminRealm(realm.ID)) {
if user != nil && !(code.IssuingUserID == user.ID || user.CanAdminRealm(realm.ID)) {
logger.Errorw("failed to check otp code status", "error", "user email does not match issuing user")
return nil, http.StatusUnauthorized,
api.Errorf("failed to check otp code status: user does not match issuing user").WithCode(api.ErrVerifyCodeUserUnauth)
}

// The current app must have issued the code or be a realm admin.
if authApp != nil && !(code.IssuingApp.ID == authApp.ID || authApp.IsAdminType()) {
if authApp != nil && !(code.IssuingAppID == authApp.ID || authApp.IsAdminType()) {
logger.Errorw("failed to check otp code status", "error", "auth app does not match issuing app")
return nil, http.StatusUnauthorized,
api.Errorf("failed to check otp code status: auth app does not match issuing app").WithCode(api.ErrVerifyCodeUserUnauth)
Expand Down
6 changes: 2 additions & 4 deletions pkg/database/vercode.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,10 +58,8 @@ type VerificationCode struct {
SymptomDate *time.Time
ExpiresAt time.Time
LongExpiresAt time.Time
IssuingUserID int
IssuingUser *User
IssuingAppID int
IssuingApp *AuthorizedApp
IssuingUserID uint
IssuingAppID uint
}

// TableName sets the VerificationCode table name
Expand Down
14 changes: 12 additions & 2 deletions pkg/otp/code.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,16 @@ func (o *Request) Issue(ctx context.Context, retryCount uint) (string, string, s
continue
}
}

issuingUserID := uint(0)
if o.IssuingUser != nil {
issuingUserID = o.IssuingUser.ID
}
issuingAppID := uint(0)
if o.IssuingApp != nil {
issuingAppID = o.IssuingApp.ID
}

verificationCode = database.VerificationCode{
RealmID: o.RealmID,
Code: code,
Expand All @@ -119,8 +129,8 @@ func (o *Request) Issue(ctx context.Context, retryCount uint) (string, string, s
SymptomDate: o.SymptomDate,
ExpiresAt: o.ShortExpiresAt,
LongExpiresAt: o.LongExpiresAt,
IssuingUser: o.IssuingUser,
IssuingApp: o.IssuingApp,
IssuingUserID: issuingUserID,
IssuingAppID: issuingAppID,
}
// If a verification code already exists, it will fail to save, and we retry.
if err := o.DB.SaveVerificationCode(&verificationCode, o.MaxSymptomAge); err != nil {
Expand Down