ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Specification

Apiary
PATCHmithril/api/users/{user_id}/actions/request_factor
Scopeuser:request_factor
Request json-schema

Purpose

Collect factor from user,  save factor & type into token, create OTP for approval factor.

Request parameters

  • token
  • user_id
  • factor
  • type


Logic WS

  • Validate token & scope
  • Validate request JSON-Schema for $.type=SMS
  • Validate user_id FK
  • Validate $.user_id = token.user_id
    • If invalid - return 403 error
  • Get 2FA item by $.type  for non-blocked user by $.user_id

    SELECT *
    FROM authentication_factors AS 2FA
    	INNER JOIN user AS U
    		ON 2FA.user_id = U.id
    WHERE 
    	U.id = $.user_id
    		AND 2FA.type = $.type
    		AND U.is_active = TRUE
    		AND U.is_blocked = FALSE
    • For this valid conditions:

      PurposeConditions
      User change factor (from OLD on NEW) after
      successful authorization and getting access_token_type
      (exist 2FA item for user) AND (token_type = access_token_type) AND (2FA.factor != "" AND  2FA.factor != NULL) 
      User setting factor (from NULL on NEW, after Reset factor )
      after successful getting 2fa_access_token_type
      (exist 2FA item for user) AND (token_type = 2fa_access_token_type) AND (2FA.factor = "" OR  2FA.factor = NULL)
      • Update exist token (for token_type = 2fa_access_token_type) OR create new 2fa_access_token_type (if token_type in payload = access_token_type)
        • insert into `tokens.details` this attributes:
          • `request_authentication_factor` = $.factor
          • `request_authentication_factor_type` = $.type
      • Invoke internal function `create OTP (key)`, for 2FA.type = SMS, with params:
        • key = 2FA.faсtor
        • Get result of call `create OTP()` as `OTP_value` 
      • Sending (delivery) OTP via channel communication 
        • for 2FA.type = SMS - via SMS gateway API
          • mobile phone = 2FA.factor
          • SMS text = OTP_value 
          • ...
  • Return 201
  • ...

Response

  • 201 if 2FA successful set new.factor  + 2FA_object_view
  • 4xx in other case
  • No labels