[SG-167] Implement Passwordless Authentication via Notifications (#2276)

* [SG-549] Commit Initial AuthRequest Repository (#2174) * Model Passwordless * Scaffold database for Passwordless * Implement SQL Repository * [SG-167] Base Passwordless API (#2185) * Implement Passwordless notifications * Implement Controller * Add documentation to BaseRequestValidator * Register AuthRequestRepo * Remove ExpirationDate from the AuthRequest table * [SG-407] Create job to delete expired requests (#2187) * chore: init * remove exp date * fix: log name * [SG-167] Added fingerprint phrase to response model. (#2233) * Remove FailedLoginAttempt logic * Block unknown devices * Add EF Support for passwordless * Got SignalR working for responses * Added delete job method to EF repo * Implement a GetMany API endpoint for AuthRequests * Ran dotnet format * Fix a merge issues * Redated migration scripts * tried sorting sqlproj * Remove FailedLoginAttempts from SQL * Groom Postgres script * Remove extra commas from migration script * Correct isSpent() * [SG-167] Adde identity validation for passwordless requests. Registered IAuthRepository. * [SG-167] Added origin of the request to response model * Use display name for device identifier in response * Add datetime conversions back to postgres migration script * [SG-655] Add anonymous endpoint for checking if a device & user combo match * [review] Consolidate error conditions Co-authored-by: Brandon Maharaj <107377945+BrandonM-Bitwarden@users.noreply.github.com> Co-authored-by: André Filipe da Silva Bispo <andrefsbispo@hotmail.com> Co-authored-by: André Bispo <abispo@bitwarden.com>
2025-07-04 09:32:48 -05:00 · 2022-09-26 13:21:13 -04:00
parent 7c3637c8ba
commit 02bea3c48d
56 changed files with 5853 additions and 61 deletions
--- a/src/Infrastructure.Dapper/Repositories/AuthRequestRepository.cs
+++ b/src/Infrastructure.Dapper/Repositories/AuthRequestRepository.cs
@ -0,0 +1,43 @@
+using System.Data;
+using System.Data.SqlClient;
+using Bit.Core.Entities;
+using Bit.Core.Repositories;
+using Bit.Core.Settings;
+using Dapper;
+
+namespace Bit.Infrastructure.Dapper.Repositories;
+
+public class AuthRequestRepository : Repository<AuthRequest, Guid>, IAuthRequestRepository
+{
+    public AuthRequestRepository(GlobalSettings globalSettings)
+        : this(globalSettings.SqlServer.ConnectionString, globalSettings.SqlServer.ReadOnlyConnectionString)
+    { }
+
+    public AuthRequestRepository(string connectionString, string readOnlyConnectionString)
+        : base(connectionString, readOnlyConnectionString)
+    { }
+
+    public async Task<int> DeleteExpiredAsync()
+    {
+        using (var connection = new SqlConnection(ConnectionString))
+        {
+            return await connection.ExecuteAsync(
+                $"[{Schema}].[AuthRequest_DeleteIfExpired]",
+                null,
+                commandType: CommandType.StoredProcedure);
+        }
+    }
+
+    public async Task<ICollection<AuthRequest>> GetManyByUserIdAsync(Guid userId)
+    {
+        using (var connection = new SqlConnection(ConnectionString))
+        {
+            var results = await connection.QueryAsync<AuthRequest>(
+                "[{Schema}].[AuthRequest_ReadByUserId]",
+                new { UserId = userId },
+                commandType: CommandType.StoredProcedure);
+
+            return results.ToList();
+        }
+    }
+}