FIXES: TOTP

sdslabs · Dec 23, 2024 · 87a7bff · 87a7bff
1 parent 02b808e
commit 87a7bff
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 32 deletions.
diff --git a/api/login.go b/api/login.go
@@ -65,7 +65,7 @@ func HandlePostLoginFlow(c *gin.Context) {
 
 	identity, session, err := login.SubmitLoginFlowWrapper(cookie, t.FlowID, t.CsrfToken, t.Password, t.Identifier) // _ is USERID
 
-	if err != nil {
+	if session == "" {
 		log.ErrorLogger("Post login flow failed", err)
 
 		errCode, _ := strconv.Atoi((strings.Split(err.Error(), " "))[0])
@@ -75,8 +75,16 @@ func HandlePostLoginFlow(c *gin.Context) {
 		})
 		return
 	}
-
 	c.SetCookie("sdslabs_session", session, 3600, "/", config.NymeriaConfig.URL.Domain, true, true)
+
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"status": "aal1 done",
+			"person": nil,
+		})
+		return
+	}
+
 	c.JSON(http.StatusOK, gin.H{
 		"status": "user logged in",
 		"person": identity,

diff --git a/api/settings.go b/api/settings.go
@@ -31,8 +31,9 @@ func HandleGetSettingsFlow(c *gin.Context) {
 
 	if err != nil {
 		log.ErrorLogger("Initialize Settings flow Failed", err)
-		c.JSON(http.StatusInternalServerError, gin.H{
-			"error": "internal server error",
+		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
+		c.JSON(errCode, gin.H{
+			"error": err.Error(),
 		})
 		return
 	}
@@ -69,31 +70,6 @@ func HandleGetSettingsFlow(c *gin.Context) {
 		}
 	}
 
-	session, err := middleware.GetSession(c)
-	if err != nil {
-		log.ErrorLogger("Unable to get session", err)
-		errCode, _ := strconv.Atoi(strings.Split(err.Error(), " ")[0])
-		c.JSON(errCode, gin.H{
-			"error":   err.Error(),
-			"message": "Unable to get session",
-		})
-		return
-	}
-	identity := session.GetIdentity()
-	traits := identity.GetTraits().(map[string]interface{})
-
-	_, err = settings.SubmitSettingsFlowProfileMethod(flow_cookie, session_cookie, flowID, csrf_token, traits)
-	if err != nil {
-		log.ErrorLogger("Kratos post settings update profile flow failed", err)
-
-		errCode, _ := strconv.Atoi((strings.Split(err.Error(), " "))[0])
-		c.JSON(errCode, gin.H{
-			"error":   err.Error(),
-			"message": "Kratos post settings update profile flow failed",
-		})
-		return
-	}
-
 	c.JSON(http.StatusOK, gin.H{
 		"flowID":      flowID,
 		"csrf_token":  csrf_token,

diff --git a/pkg/wrapper/kratos/login/login.go b/pkg/wrapper/kratos/login/login.go
@@ -42,12 +42,16 @@ func SubmitLoginFlowWrapper(cookie string, flowID string, csrfToken string, pass
 	apiClient := client.NewAPIClient(config.KratosClientConfig)
 
 	resp, r, err := apiClient.FrontendAPI.UpdateLoginFlow(context.Background()).Cookie(cookie).Flow(flowID).XSessionToken("").UpdateLoginFlowBody(submitDataBody).Execute()
-	if err != nil {
-		return *client.NewSessionWithDefaults(), "", err
-	}
 
 	responseCookies := r.Header["Set-Cookie"]
 
+	if err != nil {
+		if responseCookies == nil {
+			return *client.NewSessionWithDefaults(), "", err
+		}
+		return *client.NewSessionWithDefaults(), responseCookies[1], err
+	}
+
 	return resp.Session, responseCookies[1], nil
 }