Auth/pm 2996/add auth request data to devices response model (#5152)

fix(auth): [PM-2996] Add Pending Auth Request Data to Devices Response - New stored procedure to fetch the appropriate data. - Updated devices controller to respond with the new data. - Tests written at the controller and repository level. Resolves PM-2996
2025-07-15 22:57:44 -05:00 · 2025-01-07 15:52:53 -05:00
parent 5ae232e336
commit cc96e35072
21 changed files with 620 additions and 30 deletions
--- a/src/Infrastructure.Dapper/Repositories/DeviceRepository.cs
+++ b/src/Infrastructure.Dapper/Repositories/DeviceRepository.cs
@ -1,4 +1,5 @@
 using System.Data;
+using Bit.Core.Auth.Models.Data;
 using Bit.Core.Entities;
 using Bit.Core.Repositories;
 using Bit.Core.Settings;
@ -11,9 +12,13 @@ namespace Bit.Infrastructure.Dapper.Repositories;

 public class DeviceRepository : Repository<Device, Guid>, IDeviceRepository
 {
+    private readonly IGlobalSettings _globalSettings;
+
    public DeviceRepository(GlobalSettings globalSettings)
        : this(globalSettings.SqlServer.ConnectionString, globalSettings.SqlServer.ReadOnlyConnectionString)
-    { }
+    {
+        _globalSettings = globalSettings;
+    }

    public DeviceRepository(string connectionString, string readOnlyConnectionString)
        : base(connectionString, readOnlyConnectionString)
@ -76,6 +81,24 @@ public class DeviceRepository : Repository<Device, Guid>, IDeviceRepository
        }
    }

+    public async Task<ICollection<DeviceAuthDetails>> GetManyByUserIdWithDeviceAuth(Guid userId)
+    {
+        var expirationMinutes = _globalSettings.PasswordlessAuth.UserRequestExpiration.TotalMinutes;
+        using (var connection = new SqlConnection(ConnectionString))
+        {
+            var results = await connection.QueryAsync<DeviceAuthDetails>(
+                $"[{Schema}].[{Table}_ReadActiveWithPendingAuthRequestsByUserId]",
+                new
+                {
+                    UserId = userId,
+                    ExpirationMinutes = expirationMinutes
+                },
+                commandType: CommandType.StoredProcedure);
+
+            return results.ToList();
+        }
+    }
+
    public async Task ClearPushTokenAsync(Guid id)
    {
        using (var connection = new SqlConnection(ConnectionString))
--- a/src/Infrastructure.Dapper/Repositories/Repository.cs
+++ b/src/Infrastructure.Dapper/Repositories/Repository.cs
@ -51,7 +51,7 @@ public abstract class Repository<T, TId> : BaseRepository, IRepository<T, TId>
            var parameters = new DynamicParameters();
            parameters.AddDynamicParams(obj);
            parameters.Add("Id", obj.Id, direction: ParameterDirection.InputOutput);
-            var results = await connection.ExecuteAsync(
+            await connection.ExecuteAsync(
                $"[{Schema}].[{Table}_Create]",
                parameters,
                commandType: CommandType.StoredProcedure);
@ -64,7 +64,7 @@ public abstract class Repository<T, TId> : BaseRepository, IRepository<T, TId>
    {
        using (var connection = new SqlConnection(ConnectionString))
        {
-            var results = await connection.ExecuteAsync(
+            await connection.ExecuteAsync(
                $"[{Schema}].[{Table}_Update]",
                obj,
                commandType: CommandType.StoredProcedure);