Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
Specification


Apiary
Status
titlepatch
mithril/api/users/{user_id}/actions/requestinit_factor
Scopeuser:request_factor
Request json-schema

Purpose

Collect factor from user,  save factor & type into token, create OTP for approval factor.

Request parameters

  • tokenuser_id
  • factor
  • type


Logic WS

  • Validate token & scope
  • Validate request JSON-Schema for $.type=SMS
  • Validate user_id FK
  • Validate $.user_id = token.user_idIf invalid - return 403 errorSearch user by token, validate user is blocked
  • Get 2FA item by $.type  for non-blocked user by $.user_id

  • Code Block
    languagesql
    SELECT *
    FROM authentication_factors AS 2FA
    	INNER JOIN user AS U
    		ON 2FA.user_id = U.id
    WHERE 
    	U.id = $.user_id
    		AND 2FA.type = $.type
    		AND U.is_active = TRUE
    		AND U.is_blocked = FALSE
    • For this valid conditions:

      PurposeConditions
      User change factor (from OLD on NEW) after
      successful authorization and getting access_token_type
      (exist 2FA item for user) AND (token_type = access_token_type) AND (2FA.factor != "" AND  2FA.factor != NULL) 
      User setting factor (from NULL on NEW, after Reset factor )
      after successful getting 2fa_access_token_type
      (exist 2FA item for user) AND (token_type = 2fa_access_token_type) AND (2FA.factor = "" OR  2FA.factor = NULL)
      • Update exist token (for token_type = 2fa_access_token_type) OR create new 2fa_access_token_type (if token_type in payload = access_token_type)
        • insert into `tokens.details` this attributes:
          • `request_authentication_factor` = $.factor
          • `request_authentication_factor_type` = $.type
      • Invoke invoke OTP timeout procedure
      • If successful - invoke internal function `create OTP (key)`, for 2FA.type = SMS, with params:
        • key = 2FA.faсtor
        • Get result of call `create OTP()` as `OTP_value` 
      • Sending (delivery) OTP via channel communication 
        • for 2FA.type = SMS - via SMS gateway API
          • mobile phone = 2FA.factor
          • SMS text = OTP_value 
          • ...
  • Return 201
  • ...

Response

  • 201 if 2FA successful set new.factor  + 2FA_object_view
  • 4xx in other case