darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-04 10:21:14 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add webauthn as an auth type.

Browse Source 
Both in our models and as a migration to add it to auth_types
table.

Make sure that if we downgrade, we first clean up the data.
This commit is contained in:
Pea Tyczynska
2021-05-12 15:58:13 +01:00
parent ef3d6aded4
commit 098c6f031b
3 changed files with 45 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/models.py
View File

@@ -61,7 +61,8 @@ TEMPLATE_PROCESS_TYPE = [NORMAL, PRIORITY]
SMS_AUTH_TYPE = 'sms_auth' SMS_AUTH_TYPE = 'sms_auth'
EMAIL_AUTH_TYPE = 'email_auth' EMAIL_AUTH_TYPE = 'email_auth'
USER_AUTH_TYPE = [SMS_AUTH_TYPE, EMAIL_AUTH_TYPE] WEBAUTHN_AUTH_TYPE = 'webauthn_auth'
USER_AUTH_TYPE = [SMS_AUTH_TYPE, EMAIL_AUTH_TYPE, WEBAUTHN_AUTH_TYPE]
DELIVERY_STATUS_CALLBACK_TYPE = 'delivery_status' DELIVERY_STATUS_CALLBACK_TYPE = 'delivery_status'
COMPLAINT_CALLBACK_TYPE = 'complaint' COMPLAINT_CALLBACK_TYPE = 'complaint'
@@ -124,7 +125,7 @@ class User(db.Model):
) )
# either email auth or a mobile number must be provided # either email auth or a mobile number must be provided
CheckConstraint("auth_type = 'email_auth' or mobile_number is not null") CheckConstraint("auth_type in ('email_auth', 'webauthn_auth') or mobile_number is not null")
services = db.relationship( services = db.relationship(
'Service', 'Service',

4
app/user/rest.py
View File

@@ -75,9 +75,9 @@ def handle_integrity_error(exc):
""" """
Handle integrity errors caused by the auth type/mobile number check constraint Handle integrity errors caused by the auth type/mobile number check constraint
""" """
if 'ck_users_mobile_or_email_auth' in str(exc): if 'ck_user_has_mobile_or_other_auth' in str(exc):
# we don't expect this to trip, so still log error # we don't expect this to trip, so still log error
current_app.logger.exception('Check constraint ck_users_mobile_or_email_auth triggered') current_app.logger.exception('Check constraint ck_user_has_mobile_or_other_auth triggered')
return jsonify(result='error', message='Mobile number must be set if auth_type is set to sms_auth'), 400 return jsonify(result='error', message='Mobile number must be set if auth_type is set to sms_auth'), 400
raise exc raise exc

40
migrations/versions/0356_add_webautn_auth_type.py Normal file
View File

@@ -0,0 +1,40 @@
"""
Revision ID: 0356_add_webautn_auth_type
Revises: 0355_add_webauthn_table
Create Date: 2021-05-13 12:42:45.190269
"""
from alembic import op
revision = '0356_add_webautn_auth_type'
down_revision = '0355_add_webauthn_table'
def upgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.execute("INSERT INTO auth_type VALUES ('webauthn_auth')")
op.drop_constraint('ck_users_mobile_or_email_auth', 'users', type_=None, schema=None)
op.create_check_constraint(
'ck_user_has_mobile_or_other_auth',
'users',
"auth_type in ('email_auth', 'webauthn_auth') or mobile_number is not null"
)
# ### end Alembic commands ###
def downgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.execute("UPDATE users SET auth_type = 'sms_auth' WHERE auth_type = 'webauthn_auth'")
op.execute("UPDATE invited_users SET auth_type = 'sms_auth' WHERE auth_type = 'webauthn_auth'")
op.drop_constraint('ck_user_has_mobile_or_other_auth', 'users', type_=None, schema=None)
op.create_check_constraint(
'ck_users_mobile_or_email_auth',
'users',
"auth_type = 'email_auth' or mobile_number is not null"
)
op.execute("DELETE FROM auth_type WHERE name = 'webauthn_auth'")
# ### end Alembic commands ###