fix: totp changes

supertokens · Oct 5, 2023 · 5c8a0eb · 5c8a0eb
1 parent f76d69b
commit 5c8a0eb
Show file tree

Hide file tree

Showing 11 changed files with 274 additions and 52 deletions.
diff --git a/lib/build/recipe/totp/api/implementation.js b/lib/build/recipe/totp/api/implementation.js
@@ -20,41 +20,21 @@ var __importDefault =
     };
 Object.defineProperty(exports, "__esModule", { value: true });
 const recipe_1 = __importDefault(require("../recipe"));
-const error_1 = __importDefault(require("../../session/error"));
 // import { MfaClaim, completeFactorInSession } from '../../mfa';
 function getAPIImplementation() {
     return {
         createDevicePOST: async function ({ session, options, deviceName, userContext }) {
+            // TODO: validate claims to check if createDevice can be allowed
             let userIdentifierInfo = undefined;
             const emailOrPhoneInfo = await recipe_1.default
                 .getInstanceOrThrowError()
                 .getUserIdentifierInfoForUserId(session.getUserId(), userContext);
             if (emailOrPhoneInfo.status === "OK") {
                 userIdentifierInfo = emailOrPhoneInfo.info;
-            } else if (emailOrPhoneInfo.status === "UNKNOWN_USER_ID_ERROR") {
-                throw new error_1.default({
-                    type: error_1.default.UNAUTHORISED,
-                    message: "Unknown User ID provided",
-                });
-            }
-            const listDevicesResponse = await options.recipeImplementation.listDevices({
-                userId: session.getUserId(),
-                userContext,
-            });
-            const devices = listDevicesResponse.devices;
-            const verifiedDeviceCount = devices.filter((device) => device.verified).length;
-            if (verifiedDeviceCount > 0) {
-                // TODO: We need to assert that all factors have been completed
-                // before actually creating the device.
-                // await session.assertClaims(MfaClaim.validators.hasCompletedAllFactors(), userContext);
-            }
-            if (deviceName === undefined) {
-                // We need to set the device name:
-                deviceName = `TOTP Device ${devices.length + 1}`; // Assuming no one creates a device in the same format
             }
             const args = { deviceName, userId: session.getUserId(), userIdentifierInfo, userContext };
             let response = await options.recipeImplementation.createDevice(args);
-            return Object.assign(Object.assign({}, response), { deviceName });
+            return Object.assign({}, response);
         },
         verifyCodePOST: async function ({ session, options, totp, userContext }) {
             const args = { userId: session.getUserId(), totp, tenantId: session.getTenantId(), userContext };

diff --git a/lib/build/recipe/totp/index.d.ts b/lib/build/recipe/totp/index.d.ts
@@ -6,7 +6,7 @@ export default class Wrapper {
     static Error: typeof SuperTokensError;
     static createDevice(input: {
         userId: string;
-        deviceName: string;
+        deviceName?: string;
         skew?: number;
         period?: number;
         userContext?: any;
@@ -17,6 +17,7 @@ export default class Wrapper {
               secret: string;
               userIdentifier?: string | undefined;
               qrCodeString: string;
+              deviceName: string;
           }
         | {
               status: "DEVICE_ALREADY_EXISTS_ERROR";

diff --git a/lib/build/recipe/totp/recipeImplementation.js b/lib/build/recipe/totp/recipeImplementation.js
@@ -45,6 +45,7 @@ function getRecipeInterface(querier, config) {
                 issuerName,
                 userIdentifier,
                 secret: response.secret,
+                deviceName: response.deviceName,
                 qrCodeString: encodeURI(
                     `otpauth://totp/${issuerName}${userIdentifier !== undefined ? ":" + userIdentifier : ""}` +
                         `?secret=${response.secret}&issuer=${issuerName}`

diff --git a/lib/build/recipe/totp/types.d.ts b/lib/build/recipe/totp/types.d.ts
@@ -32,7 +32,7 @@ export declare type TypeNormalisedInput = {
 export declare type RecipeInterface = {
     createDevice: (input: {
         userId: string;
-        deviceName: string;
+        deviceName?: string;
         skew?: number;
         period?: number;
         userIdentifierInfo?: string;
@@ -44,6 +44,7 @@ export declare type RecipeInterface = {
               secret: string;
               userIdentifier?: string;
               qrCodeString: string;
+              deviceName: string;
           }
         | {
               status: "DEVICE_ALREADY_EXISTS_ERROR";

diff --git a/lib/ts/recipe/totp/api/implementation.ts b/lib/ts/recipe/totp/api/implementation.ts
@@ -15,47 +15,26 @@
 
 import { APIInterface } from "../types";
 import TotpRecipe from "../recipe";
-import SessionError from "../../session/error";
 // import { MfaClaim, completeFactorInSession } from '../../mfa';
 
 export default function getAPIImplementation(): APIInterface {
     return {
         createDevicePOST: async function ({ session, options, deviceName, userContext }) {
+            // TODO: validate claims to check if createDevice can be allowed
+
             let userIdentifierInfo: string | undefined = undefined;
+
             const emailOrPhoneInfo = await TotpRecipe.getInstanceOrThrowError().getUserIdentifierInfoForUserId(
                 session.getUserId(),
                 userContext
             );
             if (emailOrPhoneInfo.status === "OK") {
                 userIdentifierInfo = emailOrPhoneInfo.info;
-            } else if (emailOrPhoneInfo.status === "UNKNOWN_USER_ID_ERROR") {
-                throw new SessionError({
-                    type: SessionError.UNAUTHORISED,
-                    message: "Unknown User ID provided",
-                });
-            }
-
-            const listDevicesResponse = await options.recipeImplementation.listDevices({
-                userId: session.getUserId(),
-                userContext,
-            });
-            const devices = listDevicesResponse.devices;
-            const verifiedDeviceCount = devices.filter((device) => device.verified).length;
-
-            if (verifiedDeviceCount > 0) {
-                // TODO: We need to assert that all factors have been completed
-                // before actually creating the device.
-                // await session.assertClaims(MfaClaim.validators.hasCompletedAllFactors(), userContext);
-            }
-
-            if (deviceName === undefined) {
-                // We need to set the device name:
-                deviceName = `TOTP Device ${devices.length + 1}`; // Assuming no one creates a device in the same format
             }
 
             const args = { deviceName, userId: session.getUserId(), userIdentifierInfo, userContext };
             let response = await options.recipeImplementation.createDevice(args);
-            return { ...response, deviceName };
+            return { ...response };
         },
 
         verifyCodePOST: async function ({ session, options, totp, userContext }) {

diff --git a/lib/ts/recipe/totp/index.ts b/lib/ts/recipe/totp/index.ts
@@ -23,7 +23,7 @@ export default class Wrapper {
 
     static createDevice(input: {
         userId: string;
-        deviceName: string;
+        deviceName?: string;
         skew?: number;
         period?: number;
         userContext?: any;

diff --git a/lib/ts/recipe/totp/recipeImplementation.ts b/lib/ts/recipe/totp/recipeImplementation.ts
@@ -46,6 +46,7 @@ export default function getRecipeInterface(querier: Querier, config: TypeNormali
                 issuerName,
                 userIdentifier,
                 secret: response.secret,
+                deviceName: response.deviceName,
                 qrCodeString: encodeURI(
                     `otpauth://totp/${issuerName}${userIdentifier !== undefined ? ":" + userIdentifier : ""}` +
                         `?secret=${response.secret}&issuer=${issuerName}`

diff --git a/lib/ts/recipe/totp/types.ts b/lib/ts/recipe/totp/types.ts
@@ -49,13 +49,20 @@ export type TypeNormalisedInput = {
 export type RecipeInterface = {
     createDevice: (input: {
         userId: string;
-        deviceName: string;
+        deviceName?: string;
         skew?: number;
         period?: number;
         userIdentifierInfo?: string;
         userContext: any;
     }) => Promise<
-        | { status: "OK"; issuerName: string; secret: string; userIdentifier?: string; qrCodeString: string }
+        | {
+              status: "OK";
+              issuerName: string;
+              secret: string;
+              userIdentifier?: string;
+              qrCodeString: string;
+              deviceName: string;
+          }
         | { status: "DEVICE_ALREADY_EXISTS_ERROR" }
     >;
     verifyCode: (input: {

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -79,6 +79,7 @@
         "next": "11.1.3",
         "next-test-api-route-handler": "^3.1.8",
         "nock": "11.7.0",
+        "otplib": "^12.0.1",
         "prettier": "2.0.5",
         "pretty-quick": "^3.1.1",
         "react": "^17.0.2",