feat: Make TOTP a paid feature and report stats

ee/src/main/java/io/supertokens/ee/EEFeatureFlag.java

@@ -6,10 +6,8 @@
 import com.auth0.jwt.exceptions.JWTVerificationException;
 import com.auth0.jwt.interfaces.DecodedJWT;
 import com.auth0.jwt.interfaces.RSAKeyProvider;
-import com.google.gson.JsonArray;
-import com.google.gson.JsonObject;
-import com.google.gson.JsonParser;
-import com.google.gson.JsonPrimitive;
+import com.google.gson.*;
+import io.supertokens.ActiveUsers;
 import io.supertokens.Main;
 import io.supertokens.ProcessState;
 import io.supertokens.cronjobs.Cronjobs;
@@ -21,6 +19,7 @@
 import io.supertokens.httpRequest.HttpRequest;
 import io.supertokens.httpRequest.HttpResponseException;
 import io.supertokens.output.Logging;
+import io.supertokens.pluginInterface.ActiveUsersStorage;
 import io.supertokens.pluginInterface.KeyValueInfo;
 import io.supertokens.pluginInterface.Storage;
 import io.supertokens.pluginInterface.exceptions.StorageQueryException;
@@ -144,15 +143,50 @@ public Boolean getIsLicenseKeyPresent() {
 
     @Override
     public JsonObject getPaidFeatureStats() throws StorageQueryException {
-        JsonObject result = new JsonObject();
+        JsonObject usageStats = new JsonObject();
         EE_FEATURES[] features = getEnabledEEFeaturesFromDbOrCache();
-        if (Arrays.stream(features).anyMatch(t -> t == EE_FEATURES.DASHBOARD_LOGIN)) {
-            JsonObject stats = new JsonObject();
-            int userCount = StorageLayer.getDashboardStorage(main).getAllDashboardUsers().length;
-            stats.addProperty("user_count", userCount);
-            result.add(EE_FEATURES.DASHBOARD_LOGIN.toString(), stats);
+        ActiveUsersStorage activeUsersStorage = StorageLayer.getActiveUsersStorage(main);
+
+        for (EE_FEATURES feature : features) {
+            if (feature == EE_FEATURES.DASHBOARD_LOGIN) {
+                JsonObject stats = new JsonObject();
+                int userCount = StorageLayer.getDashboardStorage(main).getAllDashboardUsers().length;
+                stats.addProperty("user_count", userCount);
+                usageStats.add(EE_FEATURES.DASHBOARD_LOGIN.toString(), stats);
+            }
+            if (feature == EE_FEATURES.TOTP) {
+                JsonObject totpStats = new JsonObject();
+                JsonArray totpMauArr = new JsonArray();
+
+                for (int i = 0; i < 30; i++) {
+                    long now = System.currentTimeMillis();
+                    long today = now - (now % (24 * 60 * 60 * 1000L));
+                    long timestamp = today - (i * 24 * 60 * 60 * 1000L);
+
+                    int totpMau = activeUsersStorage.countUsersEnabledTotpAndActiveSince(timestamp);
+                    totpMauArr.add(new JsonPrimitive(totpMau));
+                }
+
+                totpStats.add("maus", totpMauArr);
+
+                int totpTotalUsers = activeUsersStorage.countUsersEnabledTotp();
+                totpStats.addProperty("total_users", totpTotalUsers);
+                usageStats.add(EE_FEATURES.TOTP.toString(), totpStats);
+            }
+        }
+
+        JsonArray mauArr = new JsonArray();
+        for (int i = 0; i < 30; i++) {
+            long now = System.currentTimeMillis();
+            long today = now - (now % (24 * 60 * 60 * 1000L));
+            long timestamp = today - (i * 24 * 60 * 60 * 1000L);
+
+            int mau = activeUsersStorage.countUsersActiveSince(timestamp);
+            mauArr.add(new JsonPrimitive(mau));
         }
-        return result;
+
+        usageStats.add("maus", mauArr);
+        return usageStats;
     }
 
     private EE_FEATURES[] verifyLicenseKey(String licenseKey)

src/main/java/io/supertokens/featureflag/EE_FEATURES.java

@@ -17,7 +17,8 @@
 package io.supertokens.featureflag;
 
 public enum EE_FEATURES {
-    ACCOUNT_LINKING("account_linking"), MULTI_TENANCY("multi_tenancy"), TEST("test"), DASHBOARD_LOGIN("dashboard_login");
+    ACCOUNT_LINKING("account_linking"), MULTI_TENANCY("multi_tenancy"), TEST("test"), DASHBOARD_LOGIN("dashboard_login"),
+    TOTP("totp");
 
     private final String name;
 

src/main/java/io/supertokens/inmemorydb/Start.java

@@ -460,6 +460,24 @@ public int countUsersActiveSince(long time) throws StorageQueryException {
         }
     }
 
+    @Override
+    public int countUsersEnabledTotp() throws StorageQueryException {
+        try {
+            return ActiveUsersQueries.countUsersEnabledTotp(this);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
+
+    @Override
+    public int countUsersEnabledTotpAndActiveSince(long time) throws StorageQueryException {
+        try {
+            return ActiveUsersQueries.countUsersEnabledTotpAndActiveSince(this, time);
+        } catch (SQLException e) {
+            throw new StorageQueryException(e);
+        }
+    }
+
     @Override
     public SessionInfo getSessionInfo_Transaction(TransactionConnection con, String sessionHandle)
             throws StorageQueryException {

src/main/java/io/supertokens/inmemorydb/queries/ActiveUsersQueries.java

@@ -28,6 +28,31 @@ public static int countUsersActiveSince(Start start, long sinceTime) throws SQLE
         });
     }
 
+    public static int countUsersEnabledTotp(Start start) throws SQLException, StorageQueryException {
+        String QUERY = "SELECT COUNT(*) as total FROM " + Config.getConfig(start).getTotpUsersTable();
+
+        return execute(start, QUERY, null, result -> {
+            if (result.next()) {
+                return result.getInt("total");
+            }
+            return 0;
+        });
+    }
+
+    public static int countUsersEnabledTotpAndActiveSince(Start start, long sinceTime) throws SQLException, StorageQueryException {
+        String QUERY = "SELECT COUNT(*) as total FROM " + Config.getConfig(start).getTotpUsersTable() + " AS totp_users "
+                + "INNER JOIN " + Config.getConfig(start).getUserLastActiveTable() + " AS user_last_active "
+                + "ON totp_users.user_id = user_last_active.user_id "
+                + "WHERE user_last_active.last_active_time >= ?";
+
+        return execute(start, QUERY, pst -> pst.setLong(1, sinceTime), result -> {
+            if (result.next()) {
+                return result.getInt("total");
+            }
+            return 0;
+        });
+    }
+
     public static int updateUserLastActive(Start start, String userId) throws SQLException, StorageQueryException {
         String QUERY = "INSERT INTO " + Config.getConfig(start).getUserLastActiveTable()
                 + "(user_id, last_active_time) VALUES(?, ?) ON CONFLICT(user_id) DO UPDATE SET last_active_time = ?";

src/main/java/io/supertokens/webserver/api/totp/CreateOrUpdateTotpDeviceAPI.java

@@ -4,15 +4,16 @@
 import java.security.NoSuchAlgorithmException;
 
 import com.google.gson.JsonObject;
-
 import io.supertokens.Main;
 import io.supertokens.pluginInterface.RECIPE_ID;
 import io.supertokens.pluginInterface.exceptions.StorageQueryException;
 import io.supertokens.pluginInterface.totp.TOTPDevice;
 import io.supertokens.pluginInterface.totp.exception.DeviceAlreadyExistsException;
 import io.supertokens.pluginInterface.totp.exception.TotpNotEnabledException;
 import io.supertokens.pluginInterface.totp.exception.UnknownDeviceException;
+import io.supertokens.pluginInterface.useridmapping.UserIdMapping;
 import io.supertokens.totp.Totp;
+import io.supertokens.useridmapping.UserIdType;
 import io.supertokens.webserver.InputParser;
 import io.supertokens.webserver.WebserverAPI;
 import jakarta.servlet.ServletException;
@@ -59,6 +60,13 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
         JsonObject result = new JsonObject();
 
         try {
+            // This step is required only because user_last_active table stores supertokens internal user id.
+            // While sending the usage stats we do a join, so totp tables also must use internal user id.
+            UserIdMapping userIdMapping = io.supertokens.useridmapping.UserIdMapping.getUserIdMapping(super.main, userId, UserIdType.ANY);
+            if (userIdMapping != null) {
+                userId = userIdMapping.superTokensUserId;
+            }
+
             TOTPDevice device = Totp.registerDevice(main, userId, deviceName, skew, period);
 
             result.addProperty("status", "OK");
@@ -93,6 +101,13 @@ protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws IO
         JsonObject result = new JsonObject();
 
         try {
+            // This step is required only because user_last_active table stores supertokens internal user id.
+            // While sending the usage stats we do a join, so totp tables also must use internal user id.
+            UserIdMapping userIdMapping = io.supertokens.useridmapping.UserIdMapping.getUserIdMapping(super.main, userId, UserIdType.ANY);
+            if (userIdMapping != null) {
+                userId = userIdMapping.superTokensUserId;
+            }
+
             Totp.updateDeviceName(main, userId, existingDeviceName, newDeviceName);
 
             result.addProperty("status", "OK");

src/main/java/io/supertokens/webserver/api/totp/GetTotpDevicesAPI.java

@@ -10,7 +10,9 @@
 import io.supertokens.pluginInterface.exceptions.StorageQueryException;
 import io.supertokens.pluginInterface.totp.TOTPDevice;
 import io.supertokens.pluginInterface.totp.exception.TotpNotEnabledException;
+import io.supertokens.pluginInterface.useridmapping.UserIdMapping;
 import io.supertokens.totp.Totp;
+import io.supertokens.useridmapping.UserIdType;
 import io.supertokens.webserver.InputParser;
 import io.supertokens.webserver.WebserverAPI;
 import jakarta.servlet.ServletException;
@@ -40,6 +42,13 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IO
         JsonObject result = new JsonObject();
 
         try {
+            // This step is required only because user_last_active table stores supertokens internal user id.
+            // While sending the usage stats we do a join, so totp tables also must use internal user id.
+            UserIdMapping userIdMapping = io.supertokens.useridmapping.UserIdMapping.getUserIdMapping(super.main, userId, UserIdType.ANY);
+            if (userIdMapping != null) {
+                userId = userIdMapping.superTokensUserId;
+            }
+
             TOTPDevice[] devices = Totp.getDevices(main, userId);
             JsonArray devicesArray = new JsonArray();
 

src/main/java/io/supertokens/webserver/api/totp/RemoveTotpDeviceAPI.java

@@ -10,7 +10,9 @@
 import io.supertokens.pluginInterface.exceptions.StorageTransactionLogicException;
 import io.supertokens.pluginInterface.totp.exception.TotpNotEnabledException;
 import io.supertokens.pluginInterface.totp.exception.UnknownDeviceException;
+import io.supertokens.pluginInterface.useridmapping.UserIdMapping;
 import io.supertokens.totp.Totp;
+import io.supertokens.useridmapping.UserIdType;
 import io.supertokens.webserver.InputParser;
 import io.supertokens.webserver.WebserverAPI;
 import jakarta.servlet.ServletException;
@@ -46,6 +48,13 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
         JsonObject result = new JsonObject();
 
         try {
+            // This step is required only because user_last_active table stores supertokens internal user id.
+            // While sending the usage stats we do a join, so totp tables also must use internal user id.
+            UserIdMapping userIdMapping = io.supertokens.useridmapping.UserIdMapping.getUserIdMapping(super.main, userId, UserIdType.ANY);
+            if (userIdMapping != null) {
+                userId = userIdMapping.superTokensUserId;
+            }
+
             Totp.removeDevice(main, userId, deviceName);
 
             result.addProperty("status", "OK");

src/main/java/io/supertokens/webserver/api/totp/VerifyTotpAPI.java

@@ -9,9 +9,11 @@
 import io.supertokens.pluginInterface.exceptions.StorageQueryException;
 import io.supertokens.pluginInterface.exceptions.StorageTransactionLogicException;
 import io.supertokens.pluginInterface.totp.exception.TotpNotEnabledException;
+import io.supertokens.pluginInterface.useridmapping.UserIdMapping;
 import io.supertokens.totp.Totp;
 import io.supertokens.totp.exceptions.InvalidTotpException;
 import io.supertokens.totp.exceptions.LimitReachedException;
+import io.supertokens.useridmapping.UserIdType;
 import io.supertokens.webserver.InputParser;
 import io.supertokens.webserver.WebserverAPI;
 import jakarta.servlet.ServletException;
@@ -49,6 +51,13 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
         JsonObject result = new JsonObject();
 
         try {
+            // This step is required only because user_last_active table stores supertokens internal user id.
+            // While sending the usage stats we do a join, so totp tables also must use internal user id.
+            UserIdMapping userIdMapping = io.supertokens.useridmapping.UserIdMapping.getUserIdMapping(super.main, userId, UserIdType.ANY);
+            if (userIdMapping != null) {
+                userId = userIdMapping.superTokensUserId;
+            }
+
             Totp.verifyCode(main, userId, totp, allowUnverifiedDevices);
 
             result.addProperty("status", "OK");

src/main/java/io/supertokens/webserver/api/totp/VerifyTotpDeviceAPI.java

@@ -10,9 +10,11 @@
 import io.supertokens.pluginInterface.exceptions.StorageTransactionLogicException;
 import io.supertokens.pluginInterface.totp.exception.TotpNotEnabledException;
 import io.supertokens.pluginInterface.totp.exception.UnknownDeviceException;
+import io.supertokens.pluginInterface.useridmapping.UserIdMapping;
 import io.supertokens.totp.Totp;
 import io.supertokens.totp.exceptions.InvalidTotpException;
 import io.supertokens.totp.exceptions.LimitReachedException;
+import io.supertokens.useridmapping.UserIdType;
 import io.supertokens.webserver.InputParser;
 import io.supertokens.webserver.WebserverAPI;
 import jakarta.servlet.ServletException;
@@ -52,6 +54,13 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
         JsonObject result = new JsonObject();
 
         try {
+            // This step is required only because user_last_active table stores supertokens internal user id.
+            // While sending the usage stats we do a join, so totp tables also must use internal user id.
+            UserIdMapping userIdMapping = io.supertokens.useridmapping.UserIdMapping.getUserIdMapping(super.main, userId, UserIdType.ANY);
+            if (userIdMapping != null) {
+                userId = userIdMapping.superTokensUserId;
+            }
+
             boolean isNewlyVerified = Totp.verifyDevice(main, userId, deviceName, totp);
 
             result.addProperty("status", "OK");