mirror of
https://github.com/bitwarden/server.git
synced 2024-12-23 17:07:42 +01:00
Added device identifier, APIs for updating token by identifier, Device creation/update upon signin.
This commit is contained in:
parent
8a34692e7c
commit
37ec1de7a3
@ -27,7 +27,7 @@ namespace Bit.Api.Controllers
|
||||
[AllowAnonymous]
|
||||
public async Task<AuthTokenResponseModel> PostToken([FromBody]AuthTokenRequestModel model)
|
||||
{
|
||||
var result = await _signInManager.PasswordSignInAsync(model.Email.ToLower(), model.MasterPasswordHash);
|
||||
var result = await _signInManager.PasswordSignInAsync(model.Email.ToLower(), model.MasterPasswordHash, model.Device?.ToDevice());
|
||||
if(result == JwtBearerSignInResult.Success)
|
||||
{
|
||||
return new AuthTokenResponseModel(result.Token, result.User);
|
||||
|
@ -40,6 +40,19 @@ namespace Bit.Api.Controllers
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpGet("identifier/{identifier}")]
|
||||
public async Task<DeviceResponseModel> GetByIdentifier(string identifier)
|
||||
{
|
||||
var device = await _deviceRepository.GetByIdentifierAsync(identifier, new Guid(_userManager.GetUserId(User)));
|
||||
if(device == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
var response = new DeviceResponseModel(device);
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpGet("")]
|
||||
public async Task<ListResponseModel<DeviceResponseModel>> Get()
|
||||
{
|
||||
@ -73,6 +86,21 @@ namespace Bit.Api.Controllers
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpPut("identifier/{identifier}/token")]
|
||||
public async Task<DeviceResponseModel> PutToken(string identifier, [FromBody]DeviceTokenRequestModel model)
|
||||
{
|
||||
var device = await _deviceRepository.GetByIdentifierAsync(identifier, new Guid(_userManager.GetUserId(User)));
|
||||
if(device == null)
|
||||
{
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
||||
await _deviceRepository.ReplaceAsync(model.ToDevice(device));
|
||||
|
||||
var response = new DeviceResponseModel(device);
|
||||
return response;
|
||||
}
|
||||
|
||||
[HttpDelete("{id}")]
|
||||
public async Task Delete(string id)
|
||||
{
|
||||
|
@ -10,5 +10,6 @@ namespace Bit.Api.Models
|
||||
public string Email { get; set; }
|
||||
[Required]
|
||||
public string MasterPasswordHash { get; set; }
|
||||
public DeviceRequestModel Device { get; set; }
|
||||
}
|
||||
}
|
||||
|
@ -13,6 +13,9 @@ namespace Bit.Api.Models
|
||||
[Required]
|
||||
[StringLength(50)]
|
||||
public string Name { get; set; }
|
||||
[Required]
|
||||
[StringLength(50)]
|
||||
public string Identifier { get; set; }
|
||||
[StringLength(255)]
|
||||
public string PushToken { get; set; }
|
||||
|
||||
@ -27,10 +30,23 @@ namespace Bit.Api.Models
|
||||
public Device ToDevice(Device existingDevice)
|
||||
{
|
||||
existingDevice.Name = Name;
|
||||
existingDevice.Identifier = Identifier;
|
||||
existingDevice.PushToken = PushToken;
|
||||
existingDevice.Type = Type.Value;
|
||||
|
||||
return existingDevice;
|
||||
}
|
||||
}
|
||||
|
||||
public class DeviceTokenRequestModel
|
||||
{
|
||||
[StringLength(255)]
|
||||
public string PushToken { get; set; }
|
||||
|
||||
public Device ToDevice(Device existingDevice)
|
||||
{
|
||||
existingDevice.PushToken = PushToken;
|
||||
return existingDevice;
|
||||
}
|
||||
}
|
||||
}
|
@ -17,12 +17,14 @@ namespace Bit.Api.Models
|
||||
Id = device.Id.ToString();
|
||||
Name = device.Name;
|
||||
Type = device.Type;
|
||||
Identifier = device.Identifier;
|
||||
CreationDate = device.CreationDate;
|
||||
}
|
||||
|
||||
public string Id { get; set; }
|
||||
public string Name { get; set; }
|
||||
public DeviceType Type { get; set; }
|
||||
public string Identifier { get; set; }
|
||||
public DateTime CreationDate { get; set; }
|
||||
}
|
||||
}
|
||||
|
@ -9,6 +9,7 @@ namespace Bit.Core.Domains
|
||||
public Guid UserId { get; set; }
|
||||
public string Name { get; set; }
|
||||
public Enums.DeviceType Type { get; set; }
|
||||
public string Identifier { get; set; }
|
||||
public string PushToken { get; set; }
|
||||
public DateTime CreationDate { get; internal set; } = DateTime.UtcNow;
|
||||
public DateTime RevisionDate { get; internal set; } = DateTime.UtcNow;
|
||||
|
@ -9,11 +9,14 @@ using Microsoft.Extensions.Options;
|
||||
using Bit.Core.Domains;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using Bit.Core.Repositories;
|
||||
|
||||
namespace Bit.Core.Identity
|
||||
{
|
||||
public class JwtBearerSignInManager
|
||||
{
|
||||
private readonly IDeviceRepository _deviceRepository;
|
||||
|
||||
public JwtBearerSignInManager(
|
||||
UserManager<User> userManager,
|
||||
IHttpContextAccessor contextAccessor,
|
||||
@ -21,7 +24,8 @@ namespace Bit.Core.Identity
|
||||
IOptions<IdentityOptions> optionsAccessor,
|
||||
IOptions<JwtBearerIdentityOptions> jwtIdentityOptionsAccessor,
|
||||
IOptions<JwtBearerOptions> jwtOptionsAccessor,
|
||||
ILogger<JwtBearerSignInManager> logger)
|
||||
ILogger<JwtBearerSignInManager> logger,
|
||||
IDeviceRepository deviceRepository)
|
||||
{
|
||||
UserManager = userManager;
|
||||
Context = contextAccessor.HttpContext;
|
||||
@ -29,6 +33,7 @@ namespace Bit.Core.Identity
|
||||
IdentityOptions = optionsAccessor?.Value ?? new IdentityOptions();
|
||||
JwtIdentityOptions = jwtIdentityOptionsAccessor?.Value ?? new JwtBearerIdentityOptions();
|
||||
JwtBearerOptions = jwtOptionsAccessor?.Value ?? new JwtBearerOptions();
|
||||
_deviceRepository = deviceRepository;
|
||||
}
|
||||
|
||||
internal UserManager<User> UserManager { get; set; }
|
||||
@ -54,7 +59,7 @@ namespace Bit.Core.Identity
|
||||
return Task.FromResult(false);
|
||||
}
|
||||
|
||||
public async Task<JwtBearerSignInResult> PasswordSignInAsync(User user, string password)
|
||||
public async Task<JwtBearerSignInResult> PasswordSignInAsync(User user, string password, Device device = null)
|
||||
{
|
||||
if(user == null)
|
||||
{
|
||||
@ -63,13 +68,23 @@ namespace Bit.Core.Identity
|
||||
|
||||
if(await UserManager.CheckPasswordAsync(user, password))
|
||||
{
|
||||
return await SignInOrTwoFactorAsync(user);
|
||||
var result = await SignInOrTwoFactorAsync(user);
|
||||
if(result.Succeeded && device != null)
|
||||
{
|
||||
var existingDevice = await _deviceRepository.GetByIdentifierAsync(device.Identifier, user.Id);
|
||||
if(existingDevice == null)
|
||||
{
|
||||
await _deviceRepository.CreateAsync(device);
|
||||
}
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
return JwtBearerSignInResult.Failed;
|
||||
}
|
||||
|
||||
public async Task<JwtBearerSignInResult> PasswordSignInAsync(string userName, string password)
|
||||
public async Task<JwtBearerSignInResult> PasswordSignInAsync(string userName, string password, Device device = null)
|
||||
{
|
||||
var user = await UserManager.FindByNameAsync(userName);
|
||||
if(user == null)
|
||||
@ -77,7 +92,7 @@ namespace Bit.Core.Identity
|
||||
return JwtBearerSignInResult.Failed;
|
||||
}
|
||||
|
||||
return await PasswordSignInAsync(user, password);
|
||||
return await PasswordSignInAsync(user, password, device);
|
||||
}
|
||||
|
||||
public async Task<JwtBearerSignInResult> TwoFactorSignInAsync(User user, string provider, string code)
|
||||
|
@ -8,6 +8,7 @@ namespace Bit.Core.Repositories
|
||||
public interface IDeviceRepository : IRepository<Device, Guid>
|
||||
{
|
||||
Task<Device> GetByIdAsync(Guid id, Guid userId);
|
||||
Task<Device> GetByIdentifierAsync(string identifier, Guid userId);
|
||||
Task<ICollection<Device>> GetManyByUserIdAsync(Guid userId);
|
||||
}
|
||||
}
|
||||
|
@ -30,6 +30,23 @@ namespace Bit.Core.Repositories.SqlServer
|
||||
return device;
|
||||
}
|
||||
|
||||
public async Task<Device> GetByIdentifierAsync(string identifier, Guid userId)
|
||||
{
|
||||
using(var connection = new SqlConnection(ConnectionString))
|
||||
{
|
||||
var results = await connection.QueryAsync<Device>(
|
||||
$"[{Schema}].[{Table}_ReadByIdentifierUserId]",
|
||||
new
|
||||
{
|
||||
UserId = userId,
|
||||
Identifier = identifier
|
||||
},
|
||||
commandType: CommandType.StoredProcedure);
|
||||
|
||||
return results.FirstOrDefault();
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<ICollection<Device>> GetManyByUserIdAsync(Guid userId)
|
||||
{
|
||||
using(var connection = new SqlConnection(ConnectionString))
|
||||
|
@ -90,6 +90,7 @@
|
||||
<Build Include="dbo\Stored Procedures\Device_ReadById.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Device_ReadByUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Device_DeleteById.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Device_ReadByIdentifierUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\Cipher_ReadByUserId.sql" />
|
||||
<Build Include="dbo\Stored Procedures\User_UpdateEmailPassword.sql" />
|
||||
</ItemGroup>
|
||||
|
@ -0,0 +1,15 @@
|
||||
CREATE PROCEDURE [dbo].[Device_ReadByIdentifierUserId]
|
||||
@UserId UNIQUEIDENTIFIER,
|
||||
@Identifier NVARCHAR(50)
|
||||
AS
|
||||
BEGIN
|
||||
SET NOCOUNT ON
|
||||
|
||||
SELECT
|
||||
*
|
||||
FROM
|
||||
[dbo].[DeviceView]
|
||||
WHERE
|
||||
[UserId] = @UserId
|
||||
AND [Identifier] = @Identifier
|
||||
END
|
@ -3,6 +3,7 @@
|
||||
[UserId] UNIQUEIDENTIFIER NOT NULL,
|
||||
[Name] NVARCHAR (50) NOT NULL,
|
||||
[Type] SMALLINT NOT NULL,
|
||||
[Identifier] NVARCHAR (50) NOT NULL,
|
||||
[PushToken] NVARCHAR (255) NULL,
|
||||
[CreationDate] DATETIME2 (7) NOT NULL,
|
||||
[RevisionDate] DATETIME2 (7) NOT NULL,
|
||||
@ -15,3 +16,8 @@ GO
|
||||
CREATE NONCLUSTERED INDEX [IX_Device_UserId]
|
||||
ON [dbo].[Device]([UserId] ASC);
|
||||
|
||||
|
||||
GO
|
||||
CREATE UNIQUE NONCLUSTERED INDEX [UX_Device_UserId_Identifier]
|
||||
ON [dbo].[Device]([UserId] ASC, [Identifier] ASC);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user