fix: minor mfa changes (#692)

* refactor enroll * fix: omit user, user_id & empty friendly_name from response
supabase · Sep 19, 2022 · 5da121c · 5da121c
1 parent fb58fff
commit 5da121c
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 12 deletions.
diff --git a/api/mfa.go b/api/mfa.go
@@ -7,6 +7,8 @@ import (
 	"time"
 
 	"fmt"
+	"net/url"
+
 	"github.com/aaronarduino/goqrsvg"
 	svg "github.com/ajstarks/svgo"
 	"github.com/boombuler/barcode/qr"
@@ -16,7 +18,6 @@ import (
 	"github.com/netlify/gotrue/storage"
 	"github.com/netlify/gotrue/utilities"
 	"github.com/pquerna/otp/totp"
-	"net/url"
 )
 
 type EnrollFactorParams struct {
@@ -87,34 +88,33 @@ func (a *API) EnrollFactor(w http.ResponseWriter, r *http.Request) error {
 	// Read from DB for certainty
 	factors, err := models.FindVerifiedFactorsByUser(a.db, user)
 	if err != nil {
-		return internalServerError("Error validating number of factors in system")
+		return internalServerError("error validating number of factors in system").WithInternalError(err)
 	}
 	// Remove this at v2
 	if len(factors) >= 1 {
-		return forbiddenError("Only one factor can be enrolled at a time, please unenroll to continue")
+		return forbiddenError("only one factor can be enrolled at a time, please unenroll to continue")
 	}
 
 	key, err := totp.Generate(totp.GenerateOpts{
 		Issuer:      issuer,
 		AccountName: user.GetEmail(),
 	})
 	if err != nil {
-		return internalServerError("Error generating QR Code secret key").WithInternalError(err)
+		return internalServerError("error generating QR Code secret key").WithInternalError(err)
 	}
 	var buf bytes.Buffer
 	s := svg.New(&buf)
 	qrCode, _ := qr.Encode(key.String(), qr.M, qr.Auto)
 	qs := goqrsvg.NewQrSVG(qrCode, DefaultQRSize)
 	qs.StartQrSVG(s)
-	err = qs.WriteQrSVG(s)
-	if err != nil {
-		return internalServerError("Error writing to QR Code").WithInternalError(err)
+	if err = qs.WriteQrSVG(s); err != nil {
+		return internalServerError("error writing to QR Code").WithInternalError(err)
 	}
 	s.End()
 
 	factor, terr := models.NewFactor(user, params.FriendlyName, params.FactorType, models.FactorUnverifiedState, key.Secret())
 	if terr != nil {
-		return internalServerError("Database error creating factor").WithInternalError(err)
+		return internalServerError("database error creating factor").WithInternalError(err)
 	}
 	terr = a.db.Transaction(func(tx *storage.Connection) error {
 		if terr = tx.Create(factor); terr != nil {

diff --git a/models/factor.go b/models/factor.go
@@ -2,10 +2,11 @@ package models
 
 import (
 	"database/sql"
+	"time"
+
 	"github.com/gofrs/uuid"
 	"github.com/netlify/gotrue/storage"
 	"github.com/pkg/errors"
-	"time"
 )
 
 const FactorUnverifiedState = "unverified"
@@ -16,12 +17,12 @@ const Webauthn = "webauthn"
 
 type Factor struct {
 	ID           uuid.UUID `json:"id" db:"id"`
-	User         User      `belongs_to:"user"`
-	UserID       uuid.UUID `json:"user_id" db:"user_id"`
+	User         User      `json:"-" belongs_to:"user"`
+	UserID       uuid.UUID `json:"-" db:"user_id"`
 	CreatedAt    time.Time `json:"created_at" db:"created_at"`
 	UpdatedAt    time.Time `json:"updated_at" db:"updated_at"`
 	Status       string    `json:"status" db:"status"`
-	FriendlyName string    `json:"friendly_name" db:"friendly_name"`
+	FriendlyName string    `json:"friendly_name,omitempty" db:"friendly_name"`
 	TOTPSecret   string    `json:"-" db:"totp_secret"`
 	FactorType   string    `json:"factor_type" db:"factor_type"`
 }