fix: no 2FA needed if using passkey auth #35

+1 -56

2 changed files

Diff round #0

expand all

unified split

crates

tranquil-pds

src

api

repo

record

utils.rs

oauth

endpoints

authorize.rs

+1 -1

crates/tranquil-pds/src/api/repo/record/utils.rs

··· 370 370 commit_event, 371 371 }; 372 372 373 - let result = state 373 + let _result = state 374 374 .repo_repo 375 375 .apply_commit(input) 376 376 .await

-55

crates/tranquil-pds/src/oauth/endpoints/authorize.rs

··· 2692 2692 2693 2693 tracing::info!(did = %did, "Passkey authentication successful"); 2694 2694 2695 - let has_totp = crate::api::server::has_totp_enabled(&state, &did).await; 2696 - if has_totp { 2697 - return Json(serde_json::json!({ 2698 - "needs_totp": true 2699 - })) 2700 - .into_response(); 2701 - } 2702 - 2703 - let user = state.user_repo.get_2fa_status_by_did(&did).await; 2704 - 2705 - if let Ok(Some(user)) = user 2706 - && user.two_factor_enabled 2707 - { 2708 - let _ = state 2709 - .oauth_repo 2710 - .delete_2fa_challenge_by_request_uri(&passkey_finish_request_id) 2711 - .await; 2712 - match state 2713 - .oauth_repo 2714 - .create_2fa_challenge(&did, &passkey_finish_request_id) 2715 - .await 2716 - { 2717 - Ok(challenge) => { 2718 - let hostname = &tranquil_config::get().server.hostname; 2719 - if let Err(e) = enqueue_2fa_code( 2720 - state.user_repo.as_ref(), 2721 - state.infra_repo.as_ref(), 2722 - user.id, 2723 - &challenge.code, 2724 - hostname, 2725 - ) 2726 - .await 2727 - { 2728 - tracing::warn!(did = %did, error = %e, "Failed to enqueue 2FA notification"); 2729 - } 2730 - let channel_name = user.preferred_comms_channel.display_name(); 2731 - return Json(serde_json::json!({ 2732 - "needs_2fa": true, 2733 - "channel": channel_name 2734 - })) 2735 - .into_response(); 2736 - } 2737 - Err(_) => { 2738 - return ( 2739 - StatusCode::INTERNAL_SERVER_ERROR, 2740 - Json(serde_json::json!({ 2741 - "error": "server_error", 2742 - "error_description": "An error occurred." 2743 - })), 2744 - ) 2745 - .into_response(); 2746 - } 2747 - } 2748 - } 2749 - 2750 2695 let device_id = extract_device_cookie(&headers); 2751 2696 let requested_scope_str = request_data 2752 2697 .parameters

History

1 round 1 comment

lewis.moe submitted #0 5d

1 commit

expand

58ec461b

fix: no 2fa needed if passkey

expand 1 comment

oppi.li 5d

lgtm!

pull request successfully merged