nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-02 00:22:50 -05:00
Code Activity
Files
20bf1455cf2b67ba0d3e1fe4846a3d71856a4eaf
bitwarden/util/Migrator/DbScripts/2025-06-04-00_AddReadPendingAuthRequestsByUserId.sql
Ike 20bf1455cf [PM-20348] Add pending auth request endpoint (#5957) 
* Feat(pm-20348): 
  * Add migration scripts for Read Pending Auth Requests by UserId stored procedure and new `view` for pending AuthRequest. 
  * View only returns the most recent pending authRequest, or none at all if the most recent is answered.
  * Implement stored procedure in AuthRequestRepository for both Dapper and Entity Framework.
  * Update AuthRequestController to query the new View to get a user's most recent pending auth requests response includes the requesting deviceId.

* Doc: 
  * Move summary xml comments to interface.
  * Added comments for the AuthRequestService.

* Test: 
  * Added testing for AuthRequestsController.
  * Added testing for repositories. 
  * Added integration tests for multiple auth requests but only returning the most recent.
2025-06-30 13:17:51 -04:00

54 lines
1.6 KiB
Transact-SQL
Raw Blame History

CREATE OR ALTER VIEW [dbo].[AuthRequestPendingDetailsView]
AS
WITH
PendingRequests
AS
(
SELECT
[AR].*,
[D].[Id] AS [DeviceId],
ROW_NUMBER() OVER (PARTITION BY [AR].[RequestDeviceIdentifier] ORDER BY [AR].[CreationDate] DESC) AS [rn]
FROM [dbo].[AuthRequest] [AR]
LEFT JOIN [dbo].[Device] [D]
ON [AR].[RequestDeviceIdentifier] = [D].[Identifier]
AND [D].[UserId] = [AR].[UserId]
WHERE [AR].[Type] IN (0, 1) -- 0 = AuthenticateAndUnlock, 1 = Unlock
)
SELECT
[PR].[Id],
[PR].[UserId],
[PR].[OrganizationId],
[PR].[Type],
[PR].[RequestDeviceIdentifier],
[PR].[RequestDeviceType],
[PR].[RequestIpAddress],
[PR].[RequestCountryName],
[PR].[ResponseDeviceId],
[PR].[AccessCode],
[PR].[PublicKey],
[PR].[Key],
[PR].[MasterPasswordHash],
[PR].[Approved],
[PR].[CreationDate],
[PR].[ResponseDate],
[PR].[AuthenticationDate],
[PR].[DeviceId]
FROM [PendingRequests] [PR]
WHERE [PR].[rn] = 1
AND [PR].[Approved] IS NULL -- since we only want pending requests we only want the most recent that is also approved = null
GO
CREATE OR ALTER PROCEDURE [dbo].[AuthRequest_ReadPendingByUserId]
@UserId UNIQUEIDENTIFIER,
@ExpirationMinutes INT
AS
BEGIN
SET NOCOUNT ON
SELECT *
FROM [dbo].[AuthRequestPendingDetailsView]
WHERE [UserId] = @UserId
AND [CreationDate] >= DATEADD(MINUTE, -@ExpirationMinutes, GETUTCDATE())
END
GO
View Git Blame Copy Permalink