Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

Table of Contents
Specification


Apiary
...get
post
 mithril/api
mithril/users/{user_id}/authentication_factors
Scopeauthentication_factor:
read
write


Purpose

Create

& Send

new

OTP

2FA item for user

via current 2FA factor

.

Request parameters

  • user_id
token
  • type

Logic WS

  • Validate
token (2fa_access_token) - ???? If invalid - return error 4xx 
  • $.token
  • Get user by user_id
  • Validate user id & user status
Get active 2FA item for non-blocked user by $.user_id
  • Validate user `is_blocked` flag
    • if is_blocked = TRUE
    • return 4xx - "User blocked"  (!!! TBD)
  • Validate existing 2FA item with $.type user 


    Code Block
    languagesql
    SELECT *
    FROM authentication_factors AS 2FA
  • 
    WHERE 
    	2FA.user_id = $.user_id
    		AND 2FA.
is_active
  • type = 
TRUE
  • $.type


    • If
not found - return 409 error "Not found 2FA data for user"
  • Extract type & factor from 2FA item for user
  • Invoke internal function `create OTP (key)`, for 2FA.type = SMS, with params:
    • key = 2FA.faсtor
    • Get result of call `create OTP()` as `OTP_value` 
  • Sending (delivery) OTP via channel communication 
    • for 2FA.type = SMS - via SMS gateway API
      • mobile phone = 2FA.factor
      • SMS text = OTP_value 
  • Return 200
  • Internal logic for `create OTP()`

  • Processed OTP lists for $.key
    • Deactivate all active OTP items (NEW → CANCELED)
  • Create new OTP item
  • status = NEW
  • expired
      •  not exist 2FA item with $.type 
        • Insert new record in `authentication_factors` with logical status = RESET
          1. user_id = $.user_id
          2. type = $.type
          3. factor = NULL
          4. is_active = TRUE
          5. inserted_at = now()
    + OTP_LIFETIME
  • value = generate number according OTP_LENGTH
  • updated_
          1. update_at = now()
        •  Return 201
      • If exist 2FA with $.type -  return 409 error "authentication_factor with such type are exist" 

    Response

    200 if OTP successful create & send + user_object_view
    • 201 if 2FA item created successful 
    • 4xx in other case