totp: new crate, sql migration + queries, enable totp page, save secret in database

2023-04-25 23:37:24 +02:00 · 2023-04-25 23:37:24 +02:00 · 233e26520c
commit 233e26520c
parent cb46556717
26 changed files with 1116 additions and 364 deletions
--- a/crates/database/queries/users/get_all.sql
+++ b/crates/database/queries/users/get_all.sql
@ -9,7 +9,9 @@ select id,
       password_recover,
       paper_key,
       is_archived as "is_archived: bool",
-       timezone
+       timezone,
+       totp_secret,
+       totp_backup
 from users

 order by created_at desc
--- a/crates/database/queries/users/get_initial_admin.sql
+++ b/crates/database/queries/users/get_initial_admin.sql
@ -9,7 +9,9 @@ select u.id,
       u.password_recover,
       u.paper_key,
       u.is_archived as "is_archived: bool",
-       u.timezone
+       u.timezone,
+       u.totp_secret,
+       u.totp_backup
 from users u

         inner join settings s on u.id = s.first_admin
--- a/crates/database/queries/users/get_one_by_email.sql
+++ b/crates/database/queries/users/get_one_by_email.sql
@ -9,7 +9,9 @@ select id,
       password_recover,
       paper_key,
       is_archived as "is_archived: bool",
-       timezone
+       timezone,
+       totp_secret,
+       totp_backup
 from users

 where email is (?)
--- a/crates/database/queries/users/get_one_by_id.sql
+++ b/crates/database/queries/users/get_one_by_id.sql
@ -9,7 +9,9 @@ select id,
       password_recover,
       paper_key,
       is_archived as "is_archived: bool",
-       timezone
+       timezone,
+       totp_secret,
+       totp_backup
 from users

 where id is (?)
--- a/crates/database/queries/users/get_one_by_username.sql
+++ b/crates/database/queries/users/get_one_by_username.sql
@ -9,7 +9,9 @@ select id,
       password_recover,
       paper_key,
       is_archived as "is_archived: bool",
-       timezone
+       timezone,
+       totp_secret,
+       totp_backup
 from users

 where username is (?)
--- a/crates/database/queries/users/get_one_from_authorization_code.sql
+++ b/crates/database/queries/users/get_one_from_authorization_code.sql
@ -9,7 +9,9 @@ select u.id,
       u.password_recover,
       u.paper_key,
       u.is_archived as "is_archived: bool",
-       u.timezone
+       u.timezone,
+       u.totp_secret,
+       u.totp_backup
 from users u

         inner join authorization_codes ac on u.id = ac.user
--- a/crates/database/queries/users/get_one_from_password_reset_token.sql
+++ b/crates/database/queries/users/get_one_from_password_reset_token.sql
@ -9,7 +9,9 @@ select id,
       password_recover,
       paper_key,
       is_archived as "is_archived: bool",
-       timezone
+       timezone,
+       totp_secret,
+       totp_backup
 from users

 where password_recover is (?)
--- a/crates/database/queries/users/get_one_from_refresh_token.sql
+++ b/crates/database/queries/users/get_one_from_refresh_token.sql
@ -9,7 +9,9 @@ select u.id,
       u.password_recover,
       u.paper_key,
       u.is_archived as "is_archived: bool",
-       u.timezone
+       u.timezone,
+       u.totp_secret,
+       u.totp_backup
 from users u

         inner join refresh_tokens rt on u.id = rt.user
--- a/crates/database/queries/users/set_totp_backup.sql
+++ b/crates/database/queries/users/set_totp_backup.sql
@ -0,0 +1,5 @@
+update users
+
+set totp_backup = ?
+
+where id is ?
--- a/crates/database/queries/users/set_totp_secret.sql
+++ b/crates/database/queries/users/set_totp_secret.sql
@ -0,0 +1,5 @@
+update users
+
+set totp_secret = ?
+
+where id is ?