mirror of
https://github.com/bitwarden/server.git
synced 2024-11-27 13:05:23 +01:00
02bea3c48d
* [SG-549] Commit Initial AuthRequest Repository (#2174) * Model Passwordless * Scaffold database for Passwordless * Implement SQL Repository * [SG-167] Base Passwordless API (#2185) * Implement Passwordless notifications * Implement Controller * Add documentation to BaseRequestValidator * Register AuthRequestRepo * Remove ExpirationDate from the AuthRequest table * [SG-407] Create job to delete expired requests (#2187) * chore: init * remove exp date * fix: log name * [SG-167] Added fingerprint phrase to response model. (#2233) * Remove FailedLoginAttempt logic * Block unknown devices * Add EF Support for passwordless * Got SignalR working for responses * Added delete job method to EF repo * Implement a GetMany API endpoint for AuthRequests * Ran dotnet format * Fix a merge issues * Redated migration scripts * tried sorting sqlproj * Remove FailedLoginAttempts from SQL * Groom Postgres script * Remove extra commas from migration script * Correct isSpent() * [SG-167] Adde identity validation for passwordless requests. Registered IAuthRepository. * [SG-167] Added origin of the request to response model * Use display name for device identifier in response * Add datetime conversions back to postgres migration script * [SG-655] Add anonymous endpoint for checking if a device & user combo match * [review] Consolidate error conditions Co-authored-by: Brandon Maharaj <107377945+BrandonM-Bitwarden@users.noreply.github.com> Co-authored-by: André Filipe da Silva Bispo <andrefsbispo@hotmail.com> Co-authored-by: André Bispo <abispo@bitwarden.com>
219 lines
4.9 KiB
Transact-SQL
219 lines
4.9 KiB
Transact-SQL
-- Create Auth Request table
|
|
IF OBJECT_ID('[dbo].[AuthRequest]') IS NOT NULL
|
|
BEGIN
|
|
DROP TABLE [dbo].[AuthRequest]
|
|
END
|
|
|
|
IF OBJECT_ID('[dbo].[AuthRequest]') IS NULL
|
|
BEGIN
|
|
CREATE TABLE [dbo].[AuthRequest] (
|
|
[Id] UNIQUEIDENTIFIER NOT NULL,
|
|
[UserId] UNIQUEIDENTIFIER NOT NULL,
|
|
[Type] SMALLINT NOT NULL,
|
|
[RequestDeviceIdentifier] NVARCHAR(50) NOT NULL,
|
|
[RequestDeviceType] SMALLINT NOT NULL,
|
|
[RequestIpAddress] VARCHAR(50) NOT NULL,
|
|
[RequestFingerprint] VARCHAR(MAX) NOT NULL,
|
|
[ResponseDeviceId] UNIQUEIDENTIFIER NULL,
|
|
[AccessCode] VARCHAR(25) NOT NULL,
|
|
[PublicKey] VARCHAR(MAX) NOT NULL,
|
|
[Key] VARCHAR(MAX) NULL,
|
|
[MasterPasswordHash] VARCHAR(MAX) NULL,
|
|
[CreationDate] DATETIME2 (7) NOT NULL,
|
|
[ResponseDate] DATETIME2 (7) NULL,
|
|
[AuthenticationDate] DATETIME2 (7) NULL,
|
|
CONSTRAINT [PK_AuthRequest] PRIMARY KEY CLUSTERED ([Id] ASC),
|
|
CONSTRAINT [FK_AuthRequest_User] FOREIGN KEY ([UserId]) REFERENCES [dbo].[User] ([Id]),
|
|
CONSTRAINT [FK_AuthRequest_ResponseDevice] FOREIGN KEY ([ResponseDeviceId]) REFERENCES [dbo].[Device] ([Id])
|
|
);
|
|
END
|
|
GO
|
|
|
|
-- Create View
|
|
IF EXISTS(SELECT * FROM sys.views WHERE [Name] = 'AuthRequestView')
|
|
BEGIN
|
|
DROP VIEW [dbo].[AuthRequestView]
|
|
END
|
|
GO
|
|
|
|
CREATE VIEW [dbo].[AuthRequestView]
|
|
AS
|
|
SELECT
|
|
*
|
|
FROM
|
|
[dbo].[AuthRequest]
|
|
GO
|
|
|
|
-- Auth Request CRUD sprocs
|
|
IF OBJECT_ID('[dbo].[AuthRequest_Create]') IS NOT NULL
|
|
BEGIN
|
|
DROP PROCEDURE [dbo].[AuthRequest_Create]
|
|
END
|
|
GO
|
|
|
|
CREATE PROCEDURE [dbo].[AuthRequest_Create]
|
|
@Id UNIQUEIDENTIFIER OUTPUT,
|
|
@UserId UNIQUEIDENTIFIER,
|
|
@Type TINYINT,
|
|
@RequestDeviceIdentifier NVARCHAR(50),
|
|
@RequestDeviceType TINYINT,
|
|
@RequestIpAddress VARCHAR(50),
|
|
@RequestFingerprint VARCHAR(MAX),
|
|
@ResponseDeviceId UNIQUEIDENTIFIER,
|
|
@AccessCode VARCHAR(25),
|
|
@PublicKey VARCHAR(MAX),
|
|
@Key VARCHAR(MAX),
|
|
@MasterPasswordHash VARCHAR(MAX),
|
|
@CreationDate DATETIME2(7),
|
|
@ResponseDate DATETIME2(7),
|
|
@AuthenticationDate DATETIME2(7)
|
|
AS
|
|
BEGIN
|
|
SET NOCOUNT ON
|
|
|
|
INSERT INTO [dbo].[AuthRequest]
|
|
(
|
|
[Id],
|
|
[UserId],
|
|
[Type],
|
|
[RequestDeviceIdentifier],
|
|
[RequestDeviceType],
|
|
[RequestIpAddress],
|
|
[RequestFingerprint],
|
|
[ResponseDeviceId],
|
|
[AccessCode],
|
|
[PublicKey],
|
|
[Key],
|
|
[MasterPasswordHash],
|
|
[CreationDate],
|
|
[ResponseDate],
|
|
[AuthenticationDate]
|
|
)
|
|
VALUES
|
|
(
|
|
@Id,
|
|
@UserId,
|
|
@Type,
|
|
@RequestDeviceIdentifier,
|
|
@RequestDeviceType,
|
|
@RequestIpAddress,
|
|
@RequestFingerprint,
|
|
@ResponseDeviceId,
|
|
@AccessCode,
|
|
@PublicKey,
|
|
@Key,
|
|
@MasterPasswordHash,
|
|
@CreationDate,
|
|
@ResponseDate,
|
|
@AuthenticationDate
|
|
)
|
|
END
|
|
GO
|
|
|
|
IF OBJECT_ID('[dbo].[AuthRequest_Update]') IS NOT NULL
|
|
BEGIN
|
|
DROP PROCEDURE [dbo].[AuthRequest_Update]
|
|
END
|
|
GO
|
|
|
|
CREATE PROCEDURE [dbo].[AuthRequest_Update]
|
|
@Id UNIQUEIDENTIFIER OUTPUT,
|
|
@ResponseDeviceId UNIQUEIDENTIFIER,
|
|
@Key VARCHAR(MAX),
|
|
@MasterPasswordHash VARCHAR(MAX),
|
|
@ResponseDate DATETIME2(7),
|
|
@AuthenticationDate DATETIME2(7)
|
|
AS
|
|
BEGIN
|
|
SET NOCOUNT ON
|
|
|
|
UPDATE
|
|
[dbo].[AuthRequest]
|
|
SET
|
|
[ResponseDeviceId] = @ResponseDeviceId,
|
|
[Key] = @Key,
|
|
[MasterPasswordHash] = @MasterPasswordHash,
|
|
[ResponseDate] = @ResponseDate,
|
|
[AuthenticationDate] = @AuthenticationDate
|
|
WHERE
|
|
[Id] = @Id
|
|
END
|
|
GO
|
|
|
|
IF OBJECT_ID('[dbo].[AuthRequest_ReadById]') IS NOT NULL
|
|
BEGIN
|
|
DROP PROCEDURE [dbo].[AuthRequest_ReadById]
|
|
END
|
|
GO
|
|
|
|
CREATE PROCEDURE [dbo].[AuthRequest_ReadById]
|
|
@Id UNIQUEIDENTIFIER
|
|
AS
|
|
BEGIN
|
|
SET NOCOUNT ON
|
|
|
|
SELECT
|
|
*
|
|
FROM
|
|
[dbo].[AuthRequestView]
|
|
WHERE
|
|
[Id] = @Id
|
|
END
|
|
GO
|
|
|
|
IF OBJECT_ID('[dbo].[AuthRequest_DeleteById]') IS NOT NULL
|
|
BEGIN
|
|
DROP PROCEDURE [dbo].[AuthRequest_DeleteById]
|
|
END
|
|
GO
|
|
|
|
CREATE PROCEDURE [dbo].[AuthRequest_DeleteById]
|
|
@Id UNIQUEIDENTIFIER
|
|
AS
|
|
BEGIN
|
|
SET NOCOUNT ON
|
|
|
|
DELETE
|
|
FROM
|
|
[dbo].[AuthRequest]
|
|
WHERE
|
|
[Id] = @Id
|
|
END
|
|
GO
|
|
|
|
IF OBJECT_ID('[dbo].[AuthRequest_DeleteIfExpired]') IS NOT NULL
|
|
BEGIN
|
|
DROP PROCEDURE [dbo].[AuthRequest_DeleteIfExpired]
|
|
END
|
|
GO
|
|
|
|
CREATE PROCEDURE [dbo].[AuthRequest_DeleteIfExpired]
|
|
AS
|
|
BEGIN
|
|
SET NOCOUNT OFF
|
|
DELETE FROM [dbo].[AuthRequest] WHERE [CreationDate] < DATEADD(minute, -15, GETUTCDATE());
|
|
END
|
|
GO
|
|
|
|
IF OBJECT_ID('[dbo].[AuthRequest_ReadByUserId]') IS NOT NULL
|
|
BEGIN
|
|
DROP PROCEDURE [dbo].[AuthRequest_ReadByUserId]
|
|
END
|
|
GO
|
|
|
|
CREATE PROCEDURE [dbo].[AuthRequest_ReadByUserId]
|
|
@UserId UNIQUEIDENTIFIER
|
|
AS
|
|
BEGIN
|
|
SET NOCOUNT ON
|
|
|
|
|
|
SELECT
|
|
*
|
|
FROM
|
|
[dbo].[AuthRequestView]
|
|
WHERE
|
|
[UserId] = @UserId
|
|
END
|
|
GO
|