Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(users): Fix bugs caused by the new token only flows #4607

Merged
merged 5 commits into from
May 9, 2024
Merged

fix(users): Fix bugs caused by the new token only flows #4607

merged 5 commits into from
May 9, 2024
+34 −8

Conversation

ThisIsMani
Copy link
Contributor

@ThisIsMani ThisIsMani commented May 9, 2024
edited
Loading

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

This PR fixes the following bugs:

  • Password without special characters is not throwing parsing failed error.
  • Signup is not populating the last_password_modified_at.
  • Verify email is blacklisting all email tokens.
  • If the SPT token time is less than JWT time, some SPTs issued after that blacklist are not working.

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

Closes #4606.

How did you test it?

Note

This only works when email feature flag is disabled.

  • To check the password validation
curl --location 'http://localhost:8080/user/signup' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "unregistered email",
    "password": "password"
}'
  • If the password is valid, then you will get the following response
{
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiM2MwOTBiMDYtYWY2ZS00MDk0LTgwYzktMWEzOTlkOTQ2MjBjIiwicHVycG9zZSI6InRvdHAiLCJvcmlnaW4iOiJzaWduX2luIiwiZXhwIjoxNzE1MzMzNTE1fQ.v3fBLoTdf01RDWs24ukphvNFuVQ9AsqaVBuUfjviEuQ",
    "token_type": "totp"
}

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@ThisIsMani ThisIsMani added C-bug Category: Bug A-users Area: Users labels May 9, 2024
@ThisIsMani ThisIsMani self-assigned this May 9, 2024
@ThisIsMani ThisIsMani requested a review from a team as a code owner May 9, 2024 12:46
@ThisIsMani ThisIsMani requested a review from a team as a code owner May 9, 2024 12:57
apoorvdixit88
apoorvdixit88 previously approved these changes May 9, 2024
View reviewed changes
@Gnanasundari24 Gnanasundari24 added this pull request to the merge queue May 9, 2024
Merged via the queue into main with commit a0f11d7 May 9, 2024
12 of 15 checks passed
@Gnanasundari24 Gnanasundari24 deleted the totp-fixes branch May 9, 2024 14:30
pixincreate added a commit that referenced this pull request May 10, 2024
@pixincreate
Merge branch 'main' of github.com:juspay/hyperswitch into assertion-r…
cc259e9 
…efactor

* 'main' of github.com:juspay/hyperswitch:
  chore(version): 2024.05.10.0
  fix(router): [NETCETERA] skip sending browser_information in authentication request for app device_channel (#4613)
  fix(users): Fix bugs caused by the new token only flows (#4607)
  ci(cypress): Fix card expiry for savecard flows (#4585)
  refactor(billing): store `payment_method_data_billing` for recurring payments (#4513)
  feat(users): new routes to accept invite and list merchants (#4591)
  fix(connector): [BAMBORA] Audit Fixes for Bambora (#4604)
  fix(connector): [iatapay]handle empty error response in case of 401 (#4291)
  feat(connector): [Payone] add connector template code (#4469)
  feat(users): Create API to Verify TOTP (#4597)
  chore(version): 2024.05.09.0
  chore(postman): update Postman collection files
  fix(core): drop three_dsserver_trans_id from authentication table (#4587)
  refactor(db): Add TenantId field to the KafkaStore struct (#4512)
  feat(users): Create `user_key_store` table and `begin_totp` API (#4577)
  Fix(connector): [BOA/CYBS] make rsync status optional (#4570)
  fix(users): Correct the condition for `verify_email` flow in decision manger (#4580)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@apoorvdixit88 apoorvdixit88 apoorvdixit88 approved these changes

@racnan racnan racnan approved these changes

Assignees

@ThisIsMani ThisIsMani

Labels
A-users Area: Users C-bug Category: Bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix: Fix bugs caused by token only flows
4 participants
@ThisIsMani @apoorvdixit88 @racnan @Gnanasundari24