Skip to content

Commit

Permalink
Merge pull request #39 from sdslabs/restructure-settings
Browse files Browse the repository at this point in the history
restructure settings flow
  • Loading branch information
pratham1729 authored Sep 5, 2023
2 parents 205a75e + fb79eb7 commit 986292c
Show file tree
Hide file tree
Showing 9 changed files with 250 additions and 128 deletions.
5 changes: 4 additions & 1 deletion api/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,10 @@ func Start() {
r.POST("/recovery", HandlePostRecoveryFlow)

r.GET("/settings", HandleGetSettingsFlow)
r.POST("/settings", HandlePostSettingsFlow)
r.POST("/updateprofile", HandleUpdateProfile)
r.POST("/changepassword", HandleChangePassword)
r.POST("/toggletotp", HandleToggleTOTP)

r.GET("/verification", HandleGetVerificationFlow)
r.POST("/verification", HandlePostVerificationFlow)

Expand Down
4 changes: 2 additions & 2 deletions api/mfa.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ func HandleGetMFAFlow(c *gin.Context) {
return
}

c.SetCookie("mfa", flow_cookie, 3600, "/", config.NymeriaConfig.URL.Domain, false, true)
c.SetCookie("mfa", flow_cookie, 3600, "/", config.NymeriaConfig.URL.Domain, true, true)

c.JSON(http.StatusOK, gin.H{
"flowID": flowID,
Expand Down Expand Up @@ -62,7 +62,7 @@ func HandlePostMFAFlow(c *gin.Context) {
return
}

c.SetCookie("sdslabs_session", session, 3600, "/", config.NymeriaConfig.URL.Domain, false, true)
c.SetCookie("sdslabs_session", session, 3600, "/", config.NymeriaConfig.URL.Domain, true, true)
c.JSON(http.StatusOK, gin.H{
"status": "MFA Successful",
"user": identity,
Expand Down
2 changes: 1 addition & 1 deletion api/recovery.go
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ func HandlePostRecoveryFlow(c *gin.Context) {
return
}

session, err := recovery.SubmitRecoveryFlowWrapper(cookie, t.FlowID, t.CsrfToken, t.Email, t.Method)
session, err := recovery.SubmitRecoveryFlowWrapper(cookie, t.FlowID, t.CsrfToken, t.Code, t.Method)

if err != nil {
log.ErrorLogger("POST Recovery flow failed", err)
Expand Down
122 changes: 118 additions & 4 deletions api/settings.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ func HandleGetSettingsFlow(c *gin.Context) {

flow, flow_cookie, err := settings.InitializeSettingsFlowWrapper(session_cookie)

c.SetCookie("settings_flow", flow_cookie, 3600, "/", config.NymeriaConfig.URL.Domain, false, true)
c.SetCookie("settings_flow", flow_cookie, 3600, "/", config.NymeriaConfig.URL.Domain, true, true)

flowID := flow.GetId()

Expand Down Expand Up @@ -75,8 +75,8 @@ func HandleGetSettingsFlow(c *gin.Context) {
})
}

func HandlePostSettingsFlow(c *gin.Context) {
var req_body settings.SubmitSettingsAPIBody
func HandleUpdateProfile(c *gin.Context) {
var req_body settings.UpdateProfileAPIBody
err := c.BindJSON(&req_body)

traitsinterface := map[string]interface{}{
Expand Down Expand Up @@ -125,7 +125,121 @@ func HandlePostSettingsFlow(c *gin.Context) {
return
}

msg, err := settings.SubmitSettingsFlowWrapper(flow_cookie, session_cookie, req_body.FlowID, req_body.CsrfToken, req_body.Method, req_body.TOTPCode, req_body.TOTPUnlink, req_body.Password, traitsinterface)
msg, err := settings.SubmitSettingsFlowProfileMethod(flow_cookie, session_cookie, req_body.FlowID, req_body.CsrfToken, req_body.Method, traitsinterface)

if err != nil {
log.ErrorLogger("Kratos post settings flow failed", err)

errCode, _ := strconv.Atoi((strings.Split(err.Error(), " "))[0])
c.JSON(errCode, gin.H{
"error": err.Error(),
"message": "Kratos post settings flow failed",
})
return
}

c.JSON(http.StatusOK, gin.H{
"status": msg,
})
}

func HandleChangePassword(c *gin.Context) {
var req_body settings.ChangePasswordAPIBody
err := c.BindJSON(&req_body)

if err != nil {
log.ErrorLogger("Unable to process json body", err)

errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
c.JSON(errCode, gin.H{
"error": err.Error(),
"message": "Unable to process json body",
})
return
}

flow_cookie, err := c.Cookie("settings_flow")
if err != nil {
log.ErrorLogger("Flow Cookie not found", err)

errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
c.JSON(errCode, gin.H{
"error": err.Error(),
"message": "Cookie not found",
})
return
}

session_cookie, err := c.Cookie("sdslabs_session")
if err != nil {
log.ErrorLogger("Session Cookie not found", err)

errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
c.JSON(errCode, gin.H{
"error": err.Error(),
"message": "Cookie not found",
})
return
}

msg, err := settings.SubmitSettingsFlowPasswordMethod(flow_cookie, session_cookie, req_body.FlowID, req_body.CsrfToken, req_body.Method, req_body.Password)

if err != nil {
log.ErrorLogger("Kratos post settings flow failed", err)

errCode, _ := strconv.Atoi((strings.Split(err.Error(), " "))[0])
c.JSON(errCode, gin.H{
"error": err.Error(),
"message": "Kratos post settings flow failed",
})
return
}

c.JSON(http.StatusOK, gin.H{
"status": msg,
})
}

func HandleToggleTOTP(c *gin.Context) {
var req_body settings.ToggleTOTPAPIBody
err := c.BindJSON(&req_body)

if err != nil {
log.ErrorLogger("Unable to process json body", err)

errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
c.JSON(errCode, gin.H{
"error": err.Error(),
"message": "Unable to process json body",
})
return
}

flow_cookie, err := c.Cookie("settings_flow")
if err != nil {
log.ErrorLogger("Flow Cookie not found", err)

errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
c.JSON(errCode, gin.H{
"error": err.Error(),
"message": "Cookie not found",
})
return
}

session_cookie, err := c.Cookie("sdslabs_session")
if err != nil {
log.ErrorLogger("Session Cookie not found", err)

errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
c.JSON(errCode, gin.H{
"error": err.Error(),
"message": "Cookie not found",
})
return
}

msg, err := settings.SubmitSettingsFlowTOTPMethod(flow_cookie, session_cookie, req_body.FlowID, req_body.CsrfToken, req_body.Method, req_body.TOTPCode, req_body.TOTPUnlink)

if err != nil {
log.ErrorLogger("Kratos post settings flow failed", err)
Expand Down
7 changes: 2 additions & 5 deletions pkg/controller/admin/identity.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,12 @@ func CreateIdentity(c *gin.Context) {
id, _ := strconv.Atoi(c.PostForm("id"))
verified, _ := strconv.Atoi(c.PostForm("verified"))
active, _ := strconv.ParseBool(c.PostForm("active"))
totp_enabled, _ := strconv.ParseBool(c.PostForm("totp_enabled"))
adminCreateIdentityBody := *client.NewAdminCreateIdentityBody(
"default",
map[string]interface{}{
"id": id,
"name": c.PostForm("name"),
"username": c.PostForm("username"),
"email": c.PostForm("email"),
"phone_number": c.PostForm("phone_number"),
"password": c.PostForm("password"),
Expand All @@ -40,10 +40,7 @@ func CreateIdentity(c *gin.Context) {
"verified": verified,
"role": c.PostForm("role"),
"created_at": c.PostForm("created_at"),
"github_id": c.PostForm("github_id"),
"dribble_id": c.PostForm("dribble_id"),
"totp_enabled": false,
"totp_url": "",
"totp_enabled": totp_enabled,
},
) // AdminCreateIdentityBody | (optional)

Expand Down
8 changes: 4 additions & 4 deletions pkg/wrapper/kratos/recovery/recovery.go
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,13 @@ func InitializeRecoveryFlowWrapper() (string, string, string, error) {
return setCookie, resp.Id, csrf_token, nil
}

func SubmitRecoveryFlowWrapper(cookie string, flowID string, csrfToken string, email string, method string) (string, error) {
func SubmitRecoveryFlowWrapper(cookie string, flowID string, csrfToken string, code string, method string) (string, error) {

submitFlowBody := client.SubmitSelfServiceRecoveryFlowBody{
SubmitSelfServiceRecoveryFlowWithLinkMethodBody: client.NewSubmitSelfServiceRecoveryFlowWithLinkMethodBody(email, method),
SubmitSelfServiceRecoveryFlowWithCodeMethodBody: client.NewSubmitSelfServiceRecoveryFlowWithCodeMethodBody(method),
}

submitFlowBody.SubmitSelfServiceRecoveryFlowWithLinkMethodBody.SetCsrfToken(csrfToken)
submitFlowBody.SubmitSelfServiceRecoveryFlowWithCodeMethodBody.SetCode(code)
submitFlowBody.SubmitSelfServiceRecoveryFlowWithCodeMethodBody.SetCsrfToken(csrfToken)

apiClient := client.NewAPIClient(config.KratosClientConfig)
_, r, err := apiClient.V0alpha2Api.SubmitSelfServiceRecoveryFlow(context.Background()).Flow(flowID).SubmitSelfServiceRecoveryFlowBody(submitFlowBody).Cookie(cookie).Execute()
Expand Down
2 changes: 1 addition & 1 deletion pkg/wrapper/kratos/recovery/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,6 @@ package recovery
type SubmitRecoveryAPIBody struct {
CsrfToken string `json:"csrf_token"`
FlowID string `json:"flowID"`
Email string `json:"email"`
Code string `json:"code"`
Method string `json:"method"`
}
Loading

0 comments on commit 986292c

Please sign in to comment.