bitwarden_rs/src/db/models/two_factor.rs

use diesel;
use diesel::prelude::*;
use serde_json::Value;

use crate::api::EmptyResult;
use crate::db::DbConn;
use crate::db::schema::twofactor;
use crate::error::MapResult;

use super::User;

#[derive(Debug, Identifiable, Queryable, Insertable, Associations)]
#[table_name = "twofactor"]
#[belongs_to(User, foreign_key = "user_uuid")]
#[primary_key(uuid)]
pub struct TwoFactor {
    pub uuid: String,
    pub user_uuid: String,
    pub atype: i32,
    pub enabled: bool,
    pub data: String,
}

#[allow(dead_code)]
#[derive(FromPrimitive)]
pub enum TwoFactorType {
    Authenticator = 0,
    Email = 1,
    Duo = 2,
    YubiKey = 3,
    U2f = 4,
    Remember = 5,
    OrganizationDuo = 6,

    // These are implementation details
    U2fRegisterChallenge = 1000,
    U2fLoginChallenge = 1001,
    EmailVerificationChallenge = 1002,

}

/// Local methods
impl TwoFactor {
    pub fn new(user_uuid: String, atype: TwoFactorType, data: String) -> Self {
        Self {
            uuid: crate::util::get_uuid(),
            user_uuid,
            atype: atype as i32,
            enabled: true,
            data,
        }
    }

    pub fn to_json(&self) -> Value {
        json!({
            "Enabled": self.enabled,
            "Key": "", // This key and value vary
            "Object": "twoFactorAuthenticator" // This value varies
        })
    }

    pub fn to_json_list(&self) -> Value {
        json!({
            "Enabled": self.enabled,
            "Type": self.atype,
            "Object": "twoFactorProvider"
        })
    }
}

/// Database methods
impl TwoFactor {
    pub fn save(&self, conn: &DbConn) -> EmptyResult {
        diesel::replace_into(twofactor::table)
            .values(self)
            .execute(&**conn)
            .map_res("Error saving twofactor")
    }

    pub fn delete(self, conn: &DbConn) -> EmptyResult {
        diesel::delete(twofactor::table.filter(twofactor::uuid.eq(self.uuid)))
            .execute(&**conn)
            .map_res("Error deleting twofactor")
    }

    pub fn find_by_user(user_uuid: &str, conn: &DbConn) -> Vec<Self> {
        twofactor::table
            .filter(twofactor::user_uuid.eq(user_uuid))
            .filter(twofactor::atype.lt(1000)) // Filter implementation types
            .load::<Self>(&**conn)
            .expect("Error loading twofactor")
    }

    pub fn find_by_user_and_type(user_uuid: &str, atype: i32, conn: &DbConn) -> Option<Self> {
        twofactor::table
            .filter(twofactor::user_uuid.eq(user_uuid))
            .filter(twofactor::atype.eq(atype))
            .first::<Self>(&**conn)
            .ok()
    }

    pub fn delete_all_by_user(user_uuid: &str, conn: &DbConn) -> EmptyResult {
        diesel::delete(twofactor::table.filter(twofactor::user_uuid.eq(user_uuid)))
            .execute(&**conn)
            .map_res("Error deleting twofactors")
    }
}
Add email code logic and move two_factor into separate modules 2019-08-03 18:47:52 +02:00			`use diesel;`
			`use diesel::prelude::*;`
Updated bw_rs to Rocket version 0.4-rc1 2018-10-10 20:40:39 +02:00			`use serde_json::Value;`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00
Add email code logic and move two_factor into separate modules 2019-08-03 18:47:52 +02:00			`use crate::api::EmptyResult;`
			`use crate::db::DbConn;`
			`use crate::db::schema::twofactor;`
			`use crate::error::MapResult;`

Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`use super::User;`

			`#[derive(Debug, Identifiable, Queryable, Insertable, Associations)]`
			`#[table_name = "twofactor"]`
			`#[belongs_to(User, foreign_key = "user_uuid")]`
			`#[primary_key(uuid)]`
			`pub struct TwoFactor {`
			`pub uuid: String,`
			`pub user_uuid: String,`
Rework migrations for MySQL 2019-05-20 21:12:41 +02:00			`pub atype: i32,`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`pub enabled: bool,`
			`pub data: String,`
			`}`

			`#[allow(dead_code)]`
Fixed some clippy lints and changed update_uuid_revision to only use one db query 2019-02-08 18:45:07 +01:00			`#[derive(FromPrimitive)]`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`pub enum TwoFactorType {`
			`Authenticator = 0,`
			`Email = 1,`
			`Duo = 2,`
			`YubiKey = 3,`
			`U2f = 4,`
			`Remember = 5,`
			`OrganizationDuo = 6,`

			`// These are implementation details`
			`U2fRegisterChallenge = 1000,`
			`U2fLoginChallenge = 1001,`
Add email code logic and move two_factor into separate modules 2019-08-03 18:47:52 +02:00			`EmailVerificationChallenge = 1002,`

Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`}`

			`/// Local methods`
			`impl TwoFactor {`
Rework migrations for MySQL 2019-05-20 21:12:41 +02:00			`pub fn new(user_uuid: String, atype: TwoFactorType, data: String) -> Self {`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`Self {`
Remove some required values during login, now uses default values 2018-12-07 14:32:40 +01:00			`uuid: crate::util::get_uuid(),`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`user_uuid,`
Rework migrations for MySQL 2019-05-20 21:12:41 +02:00			`atype: atype as i32,`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`enabled: true,`
			`data,`
			`}`
			`}`

Updated bw_rs to Rocket version 0.4-rc1 2018-10-10 20:40:39 +02:00			`pub fn to_json(&self) -> Value {`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`json!({`
			`"Enabled": self.enabled,`
			`"Key": "", // This key and value vary`
			`"Object": "twoFactorAuthenticator" // This value varies`
			`})`
			`}`

Updated bw_rs to Rocket version 0.4-rc1 2018-10-10 20:40:39 +02:00			`pub fn to_json_list(&self) -> Value {`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`json!({`
			`"Enabled": self.enabled,`
Rework migrations for MySQL 2019-05-20 21:12:41 +02:00			`"Type": self.atype,`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`"Object": "twoFactorProvider"`
			`})`
			`}`
			`}`

			`/// Database methods`
			`impl TwoFactor {`
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option. 2018-12-19 21:52:53 +01:00			`pub fn save(&self, conn: &DbConn) -> EmptyResult {`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`diesel::replace_into(twofactor::table)`
			`.values(self)`
			`.execute(&**conn)`
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option. 2018-12-19 21:52:53 +01:00			`.map_res("Error saving twofactor")`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`}`

Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option. 2018-12-19 21:52:53 +01:00			`pub fn delete(self, conn: &DbConn) -> EmptyResult {`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`diesel::delete(twofactor::table.filter(twofactor::uuid.eq(self.uuid)))`
			`.execute(&**conn)`
			`.map_res("Error deleting twofactor")`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`}`

			`pub fn find_by_user(user_uuid: &str, conn: &DbConn) -> Vec<Self> {`
			`twofactor::table`
			`.filter(twofactor::user_uuid.eq(user_uuid))`
Rework migrations for MySQL 2019-05-20 21:12:41 +02:00			`.filter(twofactor::atype.lt(1000)) // Filter implementation types`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`.load::<Self>(&**conn)`
			`.expect("Error loading twofactor")`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`}`

Rework migrations for MySQL 2019-05-20 21:12:41 +02:00			`pub fn find_by_user_and_type(user_uuid: &str, atype: i32, conn: &DbConn) -> Option<Self> {`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`twofactor::table`
			`.filter(twofactor::user_uuid.eq(user_uuid))`
Rework migrations for MySQL 2019-05-20 21:12:41 +02:00			`.filter(twofactor::atype.eq(atype))`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`.first::<Self>(&**conn)`
			`.ok()`
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device. 2018-07-12 21:46:50 +02:00			`}`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00
Implemented proper error handling, now we can do `user.save($conn)?;` and it works. In the future, maybe we can do the same with the `find_by_id` methods that return an Option. 2018-12-19 21:52:53 +01:00			`pub fn delete_all_by_user(user_uuid: &str, conn: &DbConn) -> EmptyResult {`
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00			`diesel::delete(twofactor::table.filter(twofactor::user_uuid.eq(user_uuid)))`
			`.execute(&**conn)`
			`.map_res("Error deleting twofactors")`
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token. 2018-12-18 18:52:58 +01:00			`}`
			`}`