Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: refactor TOTP MFA into separate methods #1698

Merged
merged 4 commits into from
Aug 2, 2024
Merged

fix: refactor TOTP MFA into separate methods #1698

merged 4 commits into from
Aug 2, 2024

Conversation

J0
Copy link
Contributor

@J0 J0 commented Jul 31, 2024
edited
Loading

What kind of change does this PR introduce?

Refactors TOTP, Challenge, Enroll, and Verify into separate branches for consistency with other methods and also readability.

Adds an additional check to ensure a user must own a factor in order to challenge it.

J0
J0 commented Jul 31, 2024
View reviewed changes
internal/api/mfa.go Outdated Show resolved Hide resolved
@coveralls
Copy link

coveralls commented Jul 31, 2024
edited
Loading

Pull Request Test Coverage Report for Build 10218908885

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 89 of 130 (68.46%) changed or added relevant lines in 1 file are covered.
  • 14 unchanged lines in 1 file lost coverage.
  • Overall coverage increased (+0.04%) to 58.264%
Changes Missing Coverage Covered Lines Changed/Added Lines %
internal/api/mfa.go 89 130 68.46%
Files with Coverage Reduction New Missed Lines %
internal/api/mfa.go 14 63.82%
Totals Coverage Status
Change from base Build 10183278557: 0.04%
Covered Lines: 9190
Relevant Lines: 15773
💛 - Coveralls

@J0 J0 changed the title fix: refactor TOTP enroll, challenge, verify into separate branches fix: refactor TOTP MFA into separate methods Jul 31, 2024
@J0 J0 marked this pull request as ready for review July 31, 2024 19:54
@J0 J0 requested a review from a team as a code owner July 31, 2024 19:54
kangmingtay
kangmingtay reviewed Jul 31, 2024
View reviewed changes
internal/api/mfa.go Show resolved Hide resolved
internal/api/mfa.go Outdated Show resolved Hide resolved
internal/api/mfa.go Outdated Show resolved Hide resolved
internal/api/mfa.go Show resolved Hide resolved
internal/api/mfa.go Outdated Show resolved Hide resolved
J0 and others added 2 commits August 1, 2024 15:28
@J0 @kangmingtay
fix: lowercase error message
d7a1127 
Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
@J0
fix: move code param out, add comment
fefd430
J0
J0 commented Aug 2, 2024
View reviewed changes
internal/api/mfa.go Show resolved Hide resolved
hf
hf approved these changes Aug 2, 2024
View reviewed changes
Copy link
Contributor

@hf hf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine.

@J0 J0 merged commit 250d92f into master Aug 2, 2024
2 checks passed
@J0 J0 deleted the j0/move_totp_mfa_to_dedicated_fn branch August 2, 2024 16:39
@github-actions github-actions bot mentioned this pull request Aug 1, 2024
Merged
J0 pushed a commit that referenced this pull request Aug 5, 2024
@github-actions
chore(master): release 2.158.1 (#1699)
499f6fc 
🤖 I have created a release *beep* *boop*
---


##
[2.158.1](v2.158.0...v2.158.1)
(2024-08-05)


### Bug Fixes

* add last_challenged_at field to mfa factors
([#1705](#1705))
([29cbeb7](29cbeb7))
* allow enabling sms hook without setting up sms provider
([#1704](#1704))
([575e88a](575e88a))
* drop the MFA_ENABLED config
([#1701](#1701))
([078c3a8](078c3a8))
* enforce uniqueness on verified phone numbers
([#1693](#1693))
([70446cc](70446cc))
* expose `X-Supabase-Api-Version` header in CORS
([#1612](#1612))
([6ccd814](6ccd814))
* include factor_id in query
([#1702](#1702))
([ac14e82](ac14e82))
* move is owned by check to load factor
([#1703](#1703))
([701a779](701a779))
* refactor TOTP MFA into separate methods
([#1698](#1698))
([250d92f](250d92f))
* remove check for content-length
([#1700](#1700))
([81b332d](81b332d))
* remove FindFactorsByUser
([#1707](#1707))
([af8e2dd](af8e2dd))
* update openapi spec for MFA (Phone)
([#1689](#1689))
([a3da4b8](a3da4b8))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
uxodb pushed a commit to uxodb/auth that referenced this pull request Nov 13, 2024
@J0 @kangmingtay
fix: refactor TOTP MFA into separate methods (supabase#1698)
53f7cdf 
## What kind of change does this PR introduce?

Refactors TOTP, Challenge, Enroll, and Verify into separate branches for
consistency with other methods and also readability.

Adds an additional check to ensure a user must own a factor in order to
challenge it.

---------

Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
uxodb pushed a commit to uxodb/auth that referenced this pull request Nov 13, 2024
@github-actions
chore(master): release 2.158.1 (supabase#1699)
a3655af 
🤖 I have created a release *beep* *boop*
---


##
[2.158.1](supabase/auth@v2.158.0...v2.158.1)
(2024-08-05)


### Bug Fixes

* add last_challenged_at field to mfa factors
([supabase#1705](supabase#1705))
([29cbeb7](supabase@29cbeb7))
* allow enabling sms hook without setting up sms provider
([supabase#1704](supabase#1704))
([575e88a](supabase@575e88a))
* drop the MFA_ENABLED config
([supabase#1701](supabase#1701))
([078c3a8](supabase@078c3a8))
* enforce uniqueness on verified phone numbers
([supabase#1693](supabase#1693))
([70446cc](supabase@70446cc))
* expose `X-Supabase-Api-Version` header in CORS
([supabase#1612](supabase#1612))
([6ccd814](supabase@6ccd814))
* include factor_id in query
([supabase#1702](supabase#1702))
([ac14e82](supabase@ac14e82))
* move is owned by check to load factor
([supabase#1703](supabase#1703))
([701a779](supabase@701a779))
* refactor TOTP MFA into separate methods
([supabase#1698](supabase#1698))
([250d92f](supabase@250d92f))
* remove check for content-length
([supabase#1700](supabase#1700))
([81b332d](supabase@81b332d))
* remove FindFactorsByUser
([supabase#1707](supabase#1707))
([af8e2dd](supabase@af8e2dd))
* update openapi spec for MFA (Phone)
([supabase#1689](supabase#1689))
([a3da4b8](supabase@a3da4b8))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 13, 2024
@J0 @kangmingtay @LashaJini
fix: refactor TOTP MFA into separate methods (supabase#1698)
4a60ed2 
## What kind of change does this PR introduce?

Refactors TOTP, Challenge, Enroll, and Verify into separate branches for
consistency with other methods and also readability.

Adds an additional check to ensure a user must own a factor in order to
challenge it.

---------

Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 13, 2024
@github-actions @LashaJini
chore(master): release 2.158.1 (supabase#1699)
8583c12 
🤖 I have created a release *beep* *boop*
---


##
[2.158.1](supabase/auth@v2.158.0...v2.158.1)
(2024-08-05)


### Bug Fixes

* add last_challenged_at field to mfa factors
([supabase#1705](supabase#1705))
([29cbeb7](supabase@29cbeb7))
* allow enabling sms hook without setting up sms provider
([supabase#1704](supabase#1704))
([575e88a](supabase@575e88a))
* drop the MFA_ENABLED config
([supabase#1701](supabase#1701))
([078c3a8](supabase@078c3a8))
* enforce uniqueness on verified phone numbers
([supabase#1693](supabase#1693))
([70446cc](supabase@70446cc))
* expose `X-Supabase-Api-Version` header in CORS
([supabase#1612](supabase#1612))
([6ccd814](supabase@6ccd814))
* include factor_id in query
([supabase#1702](supabase#1702))
([ac14e82](supabase@ac14e82))
* move is owned by check to load factor
([supabase#1703](supabase#1703))
([701a779](supabase@701a779))
* refactor TOTP MFA into separate methods
([supabase#1698](supabase#1698))
([250d92f](supabase@250d92f))
* remove check for content-length
([supabase#1700](supabase#1700))
([81b332d](supabase@81b332d))
* remove FindFactorsByUser
([supabase#1707](supabase#1707))
([af8e2dd](supabase@af8e2dd))
* update openapi spec for MFA (Phone)
([supabase#1689](supabase#1689))
([a3da4b8](supabase@a3da4b8))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 15, 2024
@J0 @kangmingtay @LashaJini
fix: refactor TOTP MFA into separate methods (supabase#1698)
0f61b6c 
## What kind of change does this PR introduce?

Refactors TOTP, Challenge, Enroll, and Verify into separate branches for
consistency with other methods and also readability.

Adds an additional check to ensure a user must own a factor in order to
challenge it.

---------

Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
LashaJini pushed a commit to LashaJini/auth that referenced this pull request Nov 15, 2024
@github-actions @LashaJini
chore(master): release 2.158.1 (supabase#1699)
dad9be7 
🤖 I have created a release *beep* *boop*
---


##
[2.158.1](supabase/auth@v2.158.0...v2.158.1)
(2024-08-05)


### Bug Fixes

* add last_challenged_at field to mfa factors
([supabase#1705](supabase#1705))
([29cbeb7](supabase@29cbeb7))
* allow enabling sms hook without setting up sms provider
([supabase#1704](supabase#1704))
([575e88a](supabase@575e88a))
* drop the MFA_ENABLED config
([supabase#1701](supabase#1701))
([078c3a8](supabase@078c3a8))
* enforce uniqueness on verified phone numbers
([supabase#1693](supabase#1693))
([70446cc](supabase@70446cc))
* expose `X-Supabase-Api-Version` header in CORS
([supabase#1612](supabase#1612))
([6ccd814](supabase@6ccd814))
* include factor_id in query
([supabase#1702](supabase#1702))
([ac14e82](supabase@ac14e82))
* move is owned by check to load factor
([supabase#1703](supabase#1703))
([701a779](supabase@701a779))
* refactor TOTP MFA into separate methods
([supabase#1698](supabase#1698))
([250d92f](supabase@250d92f))
* remove check for content-length
([supabase#1700](supabase#1700))
([81b332d](supabase@81b332d))
* remove FindFactorsByUser
([supabase#1707](supabase#1707))
([af8e2dd](supabase@af8e2dd))
* update openapi spec for MFA (Phone)
([supabase#1689](supabase#1689))
([a3da4b8](supabase@a3da4b8))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kangmingtay kangmingtay kangmingtay left review comments

@hf hf hf approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@J0 @coveralls @hf @kangmingtay