Merge branch 'main' into payone-template-code

crates/api_models/src/events/user.rs

@@ -10,13 +10,14 @@ use crate::user::{
     dashboard_metadata::{
         GetMetaDataRequest, GetMetaDataResponse, GetMultipleMetaDataPayload, SetMetaDataRequest,
     },
-    AcceptInviteFromEmailRequest, AuthorizeResponse, ChangePasswordRequest, ConnectAccountRequest,
-    CreateInternalUserRequest, DashboardEntryResponse, ForgotPasswordRequest,
-    GetUserDetailsResponse, GetUserRoleDetailsRequest, GetUserRoleDetailsResponse,
-    InviteUserRequest, ListUsersResponse, ReInviteUserRequest, ResetPasswordRequest,
-    RotatePasswordRequest, SendVerifyEmailRequest, SignInResponse, SignUpRequest,
-    SignUpWithMerchantIdRequest, SwitchMerchantIdRequest, TokenOrPayloadResponse, TokenResponse,
-    UpdateUserAccountDetailsRequest, UserFromEmailRequest, UserMerchantCreate, VerifyEmailRequest,
+    AcceptInviteFromEmailRequest, AuthorizeResponse, BeginTotpResponse, ChangePasswordRequest,
+    ConnectAccountRequest, CreateInternalUserRequest, DashboardEntryResponse,
+    ForgotPasswordRequest, GetUserDetailsResponse, GetUserRoleDetailsRequest,
+    GetUserRoleDetailsResponse, InviteUserRequest, ListUsersResponse, ReInviteUserRequest,
+    ResetPasswordRequest, RotatePasswordRequest, SendVerifyEmailRequest, SignInResponse,
+    SignUpRequest, SignUpWithMerchantIdRequest, SwitchMerchantIdRequest, TokenOrPayloadResponse,
+    TokenResponse, UpdateUserAccountDetailsRequest, UserFromEmailRequest, UserMerchantCreate,
+    VerifyEmailRequest,
 };
 
 impl ApiEventMetric for DashboardEntryResponse {
@@ -72,7 +73,8 @@ common_utils::impl_misc_api_event_type!(
     GetUserRoleDetailsRequest,
     GetUserRoleDetailsResponse,
     TokenResponse,
-    UserFromEmailRequest
+    UserFromEmailRequest,
+    BeginTotpResponse
 );
 
 #[cfg(feature = "dummy_connector")]

crates/api_models/src/user.rs

@@ -236,8 +236,19 @@ pub enum TokenOrPayloadResponse<T> {
     Token(TokenResponse),
     Payload(T),
 }
-
 #[derive(Debug, serde::Deserialize, serde::Serialize)]
 pub struct UserFromEmailRequest {
     pub token: Secret<String>,
 }
+
+#[derive(Debug, serde::Deserialize, serde::Serialize)]
+pub struct BeginTotpResponse {
+    pub secret: Option<TotpSecret>,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize)]
+pub struct TotpSecret {
+    pub secret: Secret<String>,
+    pub totp_url: Secret<String>,
+    pub recovery_codes: Vec<Secret<String>>,
+}

crates/diesel_models/src/authentication.rs

@@ -38,7 +38,6 @@ pub struct Authentication {
     pub challenge_request: Option<String>,
     pub acs_reference_number: Option<String>,
     pub acs_trans_id: Option<String>,
-    pub three_ds_server_trans_id: Option<String>,
     pub acs_signed_content: Option<String>,
     pub profile_id: String,
     pub payment_id: Option<String>,
@@ -83,7 +82,6 @@ pub struct AuthenticationNew {
     pub challenge_request: Option<String>,
     pub acs_reference_number: Option<String>,
     pub acs_trans_id: Option<String>,
-    pub three_dsserver_trans_id: Option<String>,
     pub acs_signed_content: Option<String>,
     pub profile_id: String,
     pub payment_id: Option<String>,
@@ -160,7 +158,6 @@ pub struct AuthenticationUpdateInternal {
     pub challenge_request: Option<String>,
     pub acs_reference_number: Option<String>,
     pub acs_trans_id: Option<String>,
-    pub three_dsserver_trans_id: Option<String>,
     pub acs_signed_content: Option<String>,
 }
 
@@ -191,7 +188,6 @@ impl Default for AuthenticationUpdateInternal {
             challenge_request: Default::default(),
             acs_reference_number: Default::default(),
             acs_trans_id: Default::default(),
-            three_dsserver_trans_id: Default::default(),
             acs_signed_content: Default::default(),
         }
     }
@@ -224,7 +220,6 @@ impl AuthenticationUpdateInternal {
             challenge_request,
             acs_reference_number,
             acs_trans_id,
-            three_dsserver_trans_id,
             acs_signed_content,
         } = self;
         Authentication {
@@ -256,7 +251,6 @@ impl AuthenticationUpdateInternal {
             challenge_request: challenge_request.or(source.challenge_request),
             acs_reference_number: acs_reference_number.or(source.acs_reference_number),
             acs_trans_id: acs_trans_id.or(source.acs_trans_id),
-            three_ds_server_trans_id: three_dsserver_trans_id.or(source.three_ds_server_trans_id),
             acs_signed_content: acs_signed_content.or(source.acs_signed_content),
             ..source
         }

crates/diesel_models/src/enums.rs

@@ -18,8 +18,8 @@ pub mod diesel_exports {
         DbRefundStatus as RefundStatus, DbRefundType as RefundType,
         DbRequestIncrementalAuthorization as RequestIncrementalAuthorization,
         DbRoleScope as RoleScope, DbRoutingAlgorithmKind as RoutingAlgorithmKind,
-        DbTransactionType as TransactionType, DbUserStatus as UserStatus,
-        DbWebhookDeliveryAttempt as WebhookDeliveryAttempt,
+        DbTotpStatus as TotpStatus, DbTransactionType as TransactionType,
+        DbUserStatus as UserStatus, DbWebhookDeliveryAttempt as WebhookDeliveryAttempt,
     };
 }
 pub use common_enums::*;
@@ -350,3 +350,26 @@ pub enum DashboardMetadata {
     IsChangePasswordRequired,
     OnboardingSurvey,
 }
+
+#[derive(
+    Clone,
+    Copy,
+    Debug,
+    Default,
+    Eq,
+    PartialEq,
+    serde::Serialize,
+    serde::Deserialize,
+    strum::Display,
+    strum::EnumString,
+    frunk::LabelledGeneric,
+)]
+#[diesel_enum(storage_type = "db_enum")]
+#[serde(rename_all = "snake_case")]
+#[strum(serialize_all = "snake_case")]
+pub enum TotpStatus {
+    Set,
+    InProgress,
+    #[default]
+    NotSet,
+}

crates/diesel_models/src/lib.rs

@@ -44,6 +44,7 @@ pub mod routing_algorithm;
 #[allow(unused_qualifications)]
 pub mod schema;
 pub mod user;
+pub mod user_key_store;
 pub mod user_role;
 
 use diesel_impl::{DieselArray, OptionalDieselArray};

crates/diesel_models/src/query.rs

@@ -36,4 +36,5 @@ pub mod reverse_lookup;
 pub mod role;
 pub mod routing_algorithm;
 pub mod user;
+pub mod user_key_store;
 pub mod user_role;

crates/diesel_models/src/query/user_key_store.rs

@@ -0,0 +1,24 @@
+use diesel::{associations::HasTable, ExpressionMethods};
+
+use super::generics;
+use crate::{
+    schema::user_key_store::dsl,
+    user_key_store::{UserKeyStore, UserKeyStoreNew},
+    PgPooledConn, StorageResult,
+};
+
+impl UserKeyStoreNew {
+    pub async fn insert(self, conn: &PgPooledConn) -> StorageResult<UserKeyStore> {
+        generics::generic_insert(conn, self).await
+    }
+}
+
+impl UserKeyStore {
+    pub async fn find_by_user_id(conn: &PgPooledConn, user_id: &str) -> StorageResult<Self> {
+        generics::generic_find_one::<<Self as HasTable>::Table, _, _>(
+            conn,
+            dsl::user_id.eq(user_id.to_owned()),
+        )
+        .await
+    }
+}

crates/diesel_models/src/schema.rs

@@ -108,7 +108,6 @@ diesel::table! {
         challenge_request -> Nullable<Varchar>,
         acs_reference_number -> Nullable<Varchar>,
         acs_trans_id -> Nullable<Varchar>,
-        three_dsserver_trans_id -> Nullable<Varchar>,
         acs_signed_content -> Nullable<Varchar>,
         #[max_length = 64]
         profile_id -> Varchar,
@@ -1149,6 +1148,18 @@ diesel::table! {
     }
 }
 
+diesel::table! {
+    use diesel::sql_types::*;
+    use crate::enums::diesel_exports::*;
+
+    user_key_store (user_id) {
+        #[max_length = 64]
+        user_id -> Varchar,
+        key -> Bytea,
+        created_at -> Timestamp,
+    }
+}
+
 diesel::table! {
     use diesel::sql_types::*;
     use crate::enums::diesel_exports::*;
@@ -1192,6 +1203,9 @@ diesel::table! {
         last_modified_at -> Timestamp,
         #[max_length = 64]
         preferred_merchant_id -> Nullable<Varchar>,
+        totp_status -> TotpStatus,
+        totp_secret -> Nullable<Bytea>,
+        totp_recovery_codes -> Nullable<Array<Nullable<Text>>>,
         last_password_modified_at -> Nullable<Timestamp>,
     }
 }
@@ -1232,6 +1246,7 @@ diesel::allow_tables_to_appear_in_same_query!(
     reverse_lookup,
     roles,
     routing_algorithm,
+    user_key_store,
     user_roles,
     users,
 );

crates/diesel_models/src/user.rs

@@ -3,7 +3,9 @@ use diesel::{AsChangeset, Identifiable, Insertable, Queryable};
 use masking::Secret;
 use time::PrimitiveDateTime;
 
-use crate::schema::users;
+use crate::{
+    diesel_impl::OptionalDieselArray, encryption::Encryption, enums::TotpStatus, schema::users,
+};
 
 pub mod dashboard_metadata;
 
@@ -20,6 +22,10 @@ pub struct User {
     pub created_at: PrimitiveDateTime,
     pub last_modified_at: PrimitiveDateTime,
     pub preferred_merchant_id: Option<String>,
+    pub totp_status: TotpStatus,
+    pub totp_secret: Option<Encryption>,
+    #[diesel(deserialize_as = OptionalDieselArray<Secret<String>>)]
+    pub totp_recovery_codes: Option<Vec<Secret<String>>>,
     pub last_password_modified_at: Option<PrimitiveDateTime>,
 }
 
@@ -36,6 +42,9 @@ pub struct UserNew {
     pub created_at: Option<PrimitiveDateTime>,
     pub last_modified_at: Option<PrimitiveDateTime>,
     pub preferred_merchant_id: Option<String>,
+    pub totp_status: TotpStatus,
+    pub totp_secret: Option<Encryption>,
+    pub totp_recovery_codes: Option<Vec<Secret<String>>>,
     pub last_password_modified_at: Option<PrimitiveDateTime>,
 }
 
@@ -47,6 +56,9 @@ pub struct UserUpdateInternal {
     is_verified: Option<bool>,
     last_modified_at: PrimitiveDateTime,
     preferred_merchant_id: Option<String>,
+    totp_status: Option<TotpStatus>,
+    totp_secret: Option<Encryption>,
+    totp_recovery_codes: Option<Vec<Secret<String>>>,
     last_password_modified_at: Option<PrimitiveDateTime>,
 }
 
@@ -58,6 +70,11 @@ pub enum UserUpdate {
         is_verified: Option<bool>,
         preferred_merchant_id: Option<String>,
     },
+    TotpUpdate {
+        totp_status: Option<TotpStatus>,
+        totp_secret: Option<Encryption>,
+        totp_recovery_codes: Option<Vec<Secret<String>>>,
+    },
     PasswordUpdate {
         password: Option<Secret<String>>,
     },
@@ -73,6 +90,9 @@ impl From<UserUpdate> for UserUpdateInternal {
                 is_verified: Some(true),
                 last_modified_at,
                 preferred_merchant_id: None,
+                totp_status: None,
+                totp_secret: None,
+                totp_recovery_codes: None,
                 last_password_modified_at: None,
             },
             UserUpdate::AccountUpdate {
@@ -85,6 +105,24 @@ impl From<UserUpdate> for UserUpdateInternal {
                 is_verified,
                 last_modified_at,
                 preferred_merchant_id,
+                totp_status: None,
+                totp_secret: None,
+                totp_recovery_codes: None,
+                last_password_modified_at: None,
+            },
+            UserUpdate::TotpUpdate {
+                totp_status,
+                totp_secret,
+                totp_recovery_codes,
+            } => Self {
+                name: None,
+                password: None,
+                is_verified: None,
+                last_modified_at,
+                preferred_merchant_id: None,
+                totp_status,
+                totp_secret,
+                totp_recovery_codes,
                 last_password_modified_at: None,
             },
             UserUpdate::PasswordUpdate { password } => Self {
@@ -94,6 +132,9 @@ impl From<UserUpdate> for UserUpdateInternal {
                 last_modified_at,
                 preferred_merchant_id: None,
                 last_password_modified_at: Some(last_modified_at),
+                totp_status: None,
+                totp_secret: None,
+                totp_recovery_codes: None,
             },
         }
     }