CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-09-28 23:41:23 +12:00
Code Issues Projects Releases Wiki Activity

fix: some fixes

Browse source
This commit is contained in:
Torsten Dittmann 2023-12-07 10:05:37 +01:00
parent 28fb6a0c16
commit 83c411e5fd
9 changed files with 47 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.env
View file

@ -78,7 +78,7 @@ _APP_MAINTENANCE_RETENTION_ABUSE=86400
_APP_MAINTENANCE_RETENTION_AUDIT=1209600
_APP_USAGE_AGGREGATION_INTERVAL=5
_APP_MAINTENANCE_RETENTION_USAGE_HOURLY=8640000
_APP_USAGE_STATS=enabled
_APP_USAGE_STATS=disabled
_APP_LOGGING_PROVIDER=
_APP_LOGGING_CONFIG=
_APP_GRAPHQL_MAX_BATCH_SIZE=10

2
app/config/specs/open-api3-latest-client.json
View file

File diff suppressed because one or more lines are too long

2
app/config/specs/open-api3-latest-console.json
View file

File diff suppressed because one or more lines are too long

2
app/config/specs/open-api3-latest-server.json
View file

File diff suppressed because one or more lines are too long

2
app/config/specs/swagger2-latest-client.json
View file

File diff suppressed because one or more lines are too long

2
app/config/specs/swagger2-latest-console.json
View file

File diff suppressed because one or more lines are too long

2
app/config/specs/swagger2-latest-server.json
View file

File diff suppressed because one or more lines are too long

17
app/controllers/api/account.php
View file

@ -2571,7 +2571,7 @@ App::get('/v1/account/mfa/providers')
->label('usage.metric', 'users.{scope}.requests.read')
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT])
->label('sdk.namespace', 'account')
->label('sdk.method', 'get')
->label('sdk.method', 'listProviders')
->label('sdk.description', '/docs/references/account/get.md')
->label('sdk.response.code', Response::STATUS_CODE_OK)
->label('sdk.response.type', Response::CONTENT_TYPE_JSON)
@ -2602,11 +2602,11 @@ App::post('/v1/account/mfa/:provider')
->label('usage.metric', 'users.{scope}.requests.update')
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT])
->label('sdk.namespace', 'account')
->label('sdk.method', 'updateMFA')
->label('sdk.method', 'addAuthenticator')
->label('sdk.description', '/docs/references/account/update-mfa.md')
->label('sdk.response.code', Response::STATUS_CODE_OK)
->label('sdk.response.type', Response::CONTENT_TYPE_JSON)
->label('sdk.response.model', Response::MODEL_USER)
->label('sdk.response.model', Response::MODEL_MFA_PROVIDER)
->label('sdk.offline.model', '/account')
->label('sdk.offline.key', 'current')
->param('provider', null, new WhiteList(['totp']), 'Provider.')
@ -2665,7 +2665,7 @@ App::put('/v1/account/mfa/:provider')
->label('usage.metric', 'users.{scope}.requests.update')
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_JWT])
->label('sdk.namespace', 'account')
->label('sdk.method', 'updateMFA')
->label('sdk.method', 'verifyAuthenticator')
->label('sdk.description', '/docs/references/account/update-mfa.md')
->label('sdk.response.code', Response::STATUS_CODE_OK)
->label('sdk.response.type', Response::CONTENT_TYPE_JSON)
@ -2818,7 +2818,7 @@ App::put('/v1/account/mfa/challenge')
->label('sdk.method', 'updateChallenge')
->label('sdk.description', '/docs/references/account/update-challenge.md')
->label('sdk.response.code', Response::STATUS_CODE_NOCONTENT)
->label('sdk.response.model', Response::MODEL_NONE)
->label('sdk.response.model', Response::MODEL_SESSION)
->label('abuse-limit', 10)
->label('abuse-key', 'userId:{param-userId}')
->param('challengeId', '', new Text(256), 'Valid verification token.')
@ -2836,7 +2836,8 @@ App::put('/v1/account/mfa/challenge')
throw new Exception(Exception::USER_INVALID_TOKEN);
}
$success = match ($challenge->getAttribute('provider')) {
$provider = $challenge->getAttribute('provider');
$success = match ($provider) {
'totp' => Challenge\TOTP::challenge($challenge, $user, $otp),
'phone' => Challenge\Phone::challenge($challenge, $user, $otp),
'email' => Challenge\Email::challenge($challenge, $user, $otp),
@ -2854,7 +2855,7 @@ App::put('/v1/account/mfa/challenge')
$sessionId = Auth::sessionVerify($user->getAttribute('sessions', []), Auth::$secret, $authDuration);
$session = $dbForProject->getDocument('sessions', $sessionId);
$dbForProject->updateDocument('sessions', $sessionId, $session->setAttribute('factors', $session->getAttribute('factors', 1) + 1));
$dbForProject->updateDocument('sessions', $sessionId, $session->setAttribute('factors', $provider, Document::SET_TYPE_APPEND));
$response->noContent();
$response->dynamic($session, Response::MODEL_SESSION);
});

5
app/controllers/general.php
View file

@ -375,8 +375,9 @@ App::init()
throw new AppwriteException(AppwriteException::USER_PASSWORD_RESET_REQUIRED);
}
if ($mode !== APP_MODE_ADMIN) {
$minFactors = $project->getAttribute('minFactors') ?? 1;
if ($mode !== APP_MODE_ADMIN && $project->getId() !== 'console') {
$minFactors = $project->getAttribute('minFactors') ?? 2;
var_dump($minFactors);
if (!in_array('mfa', $route->getGroups())) {
if ($session && \count($session->getAttribute('factors')) < $minFactors) {
throw new AppwriteException(AppwriteException::USER_MORE_FACTORS_REQUIRED);