Purpose
Collect factor from user, save factor & type into token, create OTP for approval factor.
Request parameters
Logic WS
- Validate token & scope
- Validate
user_id FK- request JSON-Schema for $.type=SMS
- Search user by token, validate user is blocked
- Get 2FA item by $.type for non-blocked user by $.user_id
| Code Block |
|---|
|
SELECT *
FROM authentication_factors AS 2FA
INNER JOIN user AS U
ON 2FA.user_id = U.id
WHERE
U.id = $.user_id
AND 2FA.type = $.type
AND U.is_active = TRUE
AND U.is_blocked = FALSE |
If <> <> NULL) - update 2FA item (set values) to logical status = ACTIVE :- 2FA.factor = new_factor
- 2FA.update_at = now()
If | != NULL) |
User setting factor (from NULL on NEW, after Reset factor )
after successful getting 2fa_access_token_type | (exist 2FA item for user) AND (token_type = 2fa_access_token_type) AND (2FA.factor = "" OR 2FA.factor = NULL) |
- update 2FA item (set values) to logical status = ACTIVE :- 2FA.factor = new_factor
- 2FA.update_at = now()
Else return 401 error Return 200- Update exist token (for token_type = 2fa_access_token_type) OR create new 2fa_access_token_type (if token_type in payload = access_token_type)
- insert into `tokens.details` this attributes:
- `request_authentication_factor` = $.factor
- `request_authentication_factor_type` = $.type
- invoke OTP timeout procedure
- If successful - invoke internal function `create OTP (key)`, for 2FA.type = SMS, with params:
- key = 2FA.faсtor
- Get result of call `create OTP()` as `OTP_value`
- Sending (delivery) OTP via channel communication
- for 2FA.type = SMS - via SMS gateway API
- mobile phone = 2FA.factor
- SMS text = OTP_value
- ...
- Return 201
- ...
Response
- 200 201 if 2FA successful set new.factor + 2FA_object_view
- 4xx in other case