ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 16 Current »

Specification

Apiary
PATCHmithril/api/users/actions/init_factor
Scopeuser:request_factor
Request json-schema

Purpose

Collect factor from user,  save factor & type into token, create OTP for approval factor.

Request parameters

  • token
  • factor
  • type


Logic WS

  • Validate token & scope
  • Validate request JSON-Schema for $.type=SMS
  • Search user by token, validate user is blocked
  • Get 2FA item by $.type  for non-blocked user by $.user_id
  • SELECT *
    FROM authentication_factors AS 2FA
    	INNER JOIN user AS U
    		ON 2FA.user_id = U.id
    WHERE 
    	U.id = $.user_id
    		AND 2FA.type = $.type
    		AND U.is_active = TRUE
    		AND U.is_blocked = FALSE
    • For this valid conditions:

      PurposeConditions
      User change factor (from OLD on NEW) after
      successful authorization and getting access_token_type
      (exist 2FA item for user) AND (token_type = access_token_type) AND (2FA.factor != "" AND  2FA.factor != NULL) 
      User setting factor (from NULL on NEW, after Reset factor )
      after successful getting 2fa_access_token_type
      (exist 2FA item for user) AND (token_type = 2fa_access_token_type) AND (2FA.factor = "" OR  2FA.factor = NULL)
      • Update exist token (for token_type = 2fa_access_token_type) OR create new 2fa_access_token_type (if token_type in payload = access_token_type)
        • insert into `tokens.details` this attributes:
          • `request_authentication_factor` = $.factor
          • `request_authentication_factor_type` = $.type
      • invoke OTP timeout procedure
      • If successful - invoke internal function `create OTP (key)`, for 2FA.type = SMS, with params:
        • key = 2FA.faсtor
        • Get result of call `create OTP()` as `OTP_value` 
      • Sending (delivery) OTP via channel communication 
        • for 2FA.type = SMS - via SMS gateway API
          • mobile phone = 2FA.factor
          • SMS text = OTP_value 
          • ...
  • Return 201
  • ...

Response

  • 201 if 2FA successful set new.factor  + 2FA_object_view
  • 4xx in other case
  • No labels