♻️ Single table to store auth preferences

This commit is contained in:
LittleSheep 2024-10-13 12:36:51 +08:00
parent 9287e6c5cc
commit 39c3799d82
8 changed files with 69 additions and 33 deletions

12
.idea/workspace.xml generated
View File

@ -4,12 +4,14 @@
<option name="autoReloadType" value="ALL" /> <option name="autoReloadType" value="ALL" />
</component> </component>
<component name="ChangeListManager"> <component name="ChangeListManager">
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":sparkles: Account deletion"> <list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":sparkles: Auth config to limit auth steps">
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" /> <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/database/migrator.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/database/migrator.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/models/accounts.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/models/accounts.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/pkg/internal/models/accounts.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/models/accounts.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/models/auth.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/models/auth.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/pkg/internal/models/preferences.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/models/preferences.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/server/api/index.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/index.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/pkg/internal/server/api/index.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/index.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/server/api/preferences_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/preferences_api.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/pkg/internal/server/api/preferences_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/preferences_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/preferences.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/preferences.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/ticket.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/ticket.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/pkg/internal/services/ticket.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/ticket.go" afterDir="false" />
</list> </list>
<option name="SHOW_DIALOG" value="false" /> <option name="SHOW_DIALOG" value="false" />
@ -144,7 +146,7 @@
<entry key="branch"> <entry key="branch">
<value> <value>
<list> <list>
<option value="refactor/v2" /> <option value="master" />
</list> </list>
</value> </value>
</entry> </entry>
@ -157,7 +159,6 @@
</option> </option>
</component> </component>
<component name="VcsManagerConfiguration"> <component name="VcsManagerConfiguration">
<MESSAGE value=":sparkles: Bot token aka. API token" />
<MESSAGE value=":sparkles: Bots aka. automated accounts" /> <MESSAGE value=":sparkles: Bots aka. automated accounts" />
<MESSAGE value=":sparkles: Return affiliated to and automated by in userinfo grpc call" /> <MESSAGE value=":sparkles: Return affiliated to and automated by in userinfo grpc call" />
<MESSAGE value=":sparkles: Pagination bots api" /> <MESSAGE value=":sparkles: Pagination bots api" />
@ -182,7 +183,8 @@
<MESSAGE value=":bug: Fix daily sign random panic" /> <MESSAGE value=":bug: Fix daily sign random panic" />
<MESSAGE value=":sparkles: Realm avatar, banner and access policy" /> <MESSAGE value=":sparkles: Realm avatar, banner and access policy" />
<MESSAGE value=":sparkles: Account deletion" /> <MESSAGE value=":sparkles: Account deletion" />
<option name="LAST_COMMIT_MESSAGE" value=":sparkles: Account deletion" /> <MESSAGE value=":sparkles: Auth config to limit auth steps" />
<option name="LAST_COMMIT_MESSAGE" value=":sparkles: Auth config to limit auth steps" />
</component> </component>
<component name="VgoProject"> <component name="VgoProject">
<settings-migrated>true</settings-migrated> <settings-migrated>true</settings-migrated>

View File

@ -27,6 +27,7 @@ var AutoMaintainRange = []any{
&models.ApiKey{}, &models.ApiKey{},
&models.SignRecord{}, &models.SignRecord{},
&models.PreferenceNotification{}, &models.PreferenceNotification{},
&models.PreferenceAuth{},
&models.AbuseReport{}, &models.AbuseReport{},
} }

View File

@ -20,7 +20,6 @@ type Account struct {
ConfirmedAt *time.Time `json:"confirmed_at"` ConfirmedAt *time.Time `json:"confirmed_at"`
SuspendedAt *time.Time `json:"suspended_at"` SuspendedAt *time.Time `json:"suspended_at"`
PermNodes datatypes.JSONMap `json:"perm_nodes"` PermNodes datatypes.JSONMap `json:"perm_nodes"`
AuthConfig datatypes.JSONType[AuthConfig] `json:"auth_config"`
AutomatedBy *Account `json:"automated_by" gorm:"foreignKey:AutomatedID"` AutomatedBy *Account `json:"automated_by" gorm:"foreignKey:AutomatedID"`
AutomatedID *uint `json:"automated_id"` AutomatedID *uint `json:"automated_id"`

View File

@ -2,6 +2,14 @@ package models
import "gorm.io/datatypes" import "gorm.io/datatypes"
type PreferenceAuth struct {
BaseModel
Config datatypes.JSONType[AuthConfig] `json:"config"`
AccountID uint `json:"account_id"`
Account Account `json:"account"`
}
type PreferenceNotification struct { type PreferenceNotification struct {
BaseModel BaseModel

View File

@ -26,8 +26,8 @@ func MapAPIs(app *fiber.App, baseURL string) {
preferences := api.Group("/preferences").Name("Preferences API") preferences := api.Group("/preferences").Name("Preferences API")
{ {
preferences.Get("/auth", getAuthConfig) preferences.Get("/auth", getAuthPreference)
preferences.Put("/auth", updateAuthConfig) preferences.Put("/auth", updateAuthPreference)
preferences.Get("/notifications", getNotificationPreference) preferences.Get("/notifications", getNotificationPreference)
preferences.Put("/notifications", updateNotificationPreference) preferences.Put("/notifications", updateNotificationPreference)
} }

View File

@ -1,24 +1,27 @@
package api package api
import ( import (
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts" "git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
"git.solsynth.dev/hydrogen/passport/pkg/internal/services" "git.solsynth.dev/hydrogen/passport/pkg/internal/services"
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
"gorm.io/datatypes"
) )
func getAuthConfig(c *fiber.Ctx) error { func getAuthPreference(c *fiber.Ctx) error {
if err := exts.EnsureAuthenticated(c); err != nil { if err := exts.EnsureAuthenticated(c); err != nil {
return err return err
} }
user := c.Locals("user").(models.Account) user := c.Locals("user").(models.Account)
return c.JSON(user.AuthConfig) cfg, err := services.GetAuthPreference(user)
if err != nil {
return fiber.NewError(fiber.StatusNotFound, err.Error())
}
return c.JSON(cfg.Config)
} }
func updateAuthConfig(c *fiber.Ctx) error { func updateAuthPreference(c *fiber.Ctx) error {
if err := exts.EnsureAuthenticated(c); err != nil { if err := exts.EnsureAuthenticated(c); err != nil {
return err return err
} }
@ -29,15 +32,12 @@ func updateAuthConfig(c *fiber.Ctx) error {
return fiber.NewError(fiber.StatusBadRequest, err.Error()) return fiber.NewError(fiber.StatusBadRequest, err.Error())
} }
user.AuthConfig = datatypes.NewJSONType(data) cfg, err := services.UpdateAuthPreference(user, data)
if err != nil {
if err := database.C.Save(&user).Error; err != nil { return fiber.NewError(fiber.StatusBadRequest, err.Error())
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
} else {
services.InvalidAuthCacheWithUser(user.ID)
} }
return c.JSON(user.AuthConfig) return c.JSON(cfg.Config)
} }
func getNotificationPreference(c *fiber.Ctx) error { func getNotificationPreference(c *fiber.Ctx) error {

View File

@ -17,6 +17,31 @@ import (
"gorm.io/gorm" "gorm.io/gorm"
) )
func GetAuthPreference(account models.Account) (models.PreferenceAuth, error) {
var auth models.PreferenceAuth
if err := database.C.Where("account_id = ?", account.ID).First(&auth).Error; err != nil {
return auth, err
}
return auth, nil
}
func UpdateAuthPreference(account models.Account, config models.AuthConfig) (models.PreferenceAuth, error) {
var auth models.PreferenceAuth
var err error
if auth, err = GetAuthPreference(account); err != nil {
auth = models.PreferenceAuth{
AccountID: account.ID,
Config: datatypes.NewJSONType(config),
}
} else {
auth.Config = datatypes.NewJSONType(config)
}
err = database.C.Save(&auth).Error
return auth, err
}
func GetNotificationPreferenceCacheKey(accountId uint) string { func GetNotificationPreferenceCacheKey(accountId uint) string {
return fmt.Sprintf("notification-preference#%d", accountId) return fmt.Sprintf("notification-preference#%d", accountId)
} }

View File

@ -32,8 +32,8 @@ func DetectRisk(user models.Account, ip, ua string) int {
return 2 return 2
} }
// PickTicketAttempt is trying to pick up the ticket that haven't completed but created by a same client (identify by ip address). // PickTicketAttempt is trying to pick up the ticket that hasn't completed but created by a same client (identify by ip address).
// Then the client can continue their journey to get ticket actived. // Then the client can continue their journey to get ticket activated.
func PickTicketAttempt(user models.Account, ip string) (models.AuthTicket, error) { func PickTicketAttempt(user models.Account, ip string) (models.AuthTicket, error) {
var ticket models.AuthTicket var ticket models.AuthTicket
if err := database.C. if err := database.C.
@ -54,10 +54,11 @@ func NewTicket(user models.Account, ip, ua string) (models.AuthTicket, error) {
if count := CountUserFactor(user.ID); count <= 0 { if count := CountUserFactor(user.ID); count <= 0 {
return ticket, fmt.Errorf("specified user didn't enable sign in") return ticket, fmt.Errorf("specified user didn't enable sign in")
} else { } else {
cfg := user.AuthConfig.Data()
steps = min(steps, int(count)) steps = min(steps, int(count))
if cfg.MaximumAuthSteps >= 1 {
steps = min(steps, cfg.MaximumAuthSteps) cfg, err := GetAuthPreference(user)
if err == nil && cfg.Config.Data().MaximumAuthSteps >= 1 {
steps = min(steps, cfg.Config.Data().MaximumAuthSteps)
} }
} }