Add passkeys support + MFA (#341)

2025-07-09 17:38:04 +02:00 · 2024-10-07 23:56:32 +02:00
parent 41dc2e451b
commit 6959929094
20 changed files with 1073 additions and 105 deletions
--- a/internal/db/user.go
+++ b/internal/db/user.go
@ -18,9 +18,10 @@ type User struct {
 	GiteaID   string
 	OIDCID    string `gorm:"column:oidc_id"`

-	Gists   []Gist   `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
-	SSHKeys []SSHKey `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
-	Liked   []Gist   `gorm:"many2many:likes;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
+	Gists               []Gist               `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
+	SSHKeys             []SSHKey             `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
+	Liked               []Gist               `gorm:"many2many:likes;constraint:OnUpdate:CASCADE,OnDelete:CASCADE"`
+	WebAuthnCredentials []WebAuthnCredential `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;foreignKey:UserID"`
 }

 func (user *User) BeforeDelete(tx *gorm.DB) error {
@ -58,6 +59,11 @@ func (user *User) BeforeDelete(tx *gorm.DB) error {
 		return err
 	}

+	err = tx.Where("user_id = ?", user.ID).Delete(&WebAuthnCredential{}).Error
+	if err != nil {
+		return err
+	}
+
 	// Delete all gists created by this user
 	return tx.Where("user_id = ?", user.ID).Delete(&Gist{}).Error
 }
@ -200,6 +206,13 @@ func (user *User) DeleteProviderID(provider string) error {
 	return nil
 }

+func (user *User) HasMFA() (bool, error) {
+	var exists bool
+	err := db.Model(&WebAuthnCredential{}).Select("count(*) > 0").Where("user_id = ?", user.ID).Find(&exists).Error
+
+	return exists, err
+}
+
 // -- DTO -- //

 type UserDTO struct {