fix(user_auth_method): make id option in auth select (#5213)

juspay · Jul 8, 2024 · 4252feb · 4252feb
1 parent c7d89c6
commit 4252feb
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 13 deletions.
diff --git a/crates/api_models/src/user.rs b/crates/api_models/src/user.rs
@@ -377,5 +377,5 @@ pub struct AuthIdQueryParam {
 
 #[derive(Debug, serde::Deserialize, serde::Serialize)]
 pub struct AuthSelectRequest {
-    pub id: String,
+    pub id: Option<String>,
 }
diff --git a/crates/router/src/core/user.rs b/crates/router/src/core/user.rs
@@ -2306,21 +2306,38 @@ pub async fn terminate_auth_select(
         .change_context(UserErrors::InternalServerError)?
         .into();
 
-    let user_authentication_method = state
-        .store
-        .get_user_authentication_method_by_id(&req.id)
-        .await
-        .to_not_found_response(UserErrors::InvalidUserAuthMethodOperation)?;
+    if let Some(id) = &req.id {
+        let user_authentication_method = state
+            .store
+            .get_user_authentication_method_by_id(id)
+            .await
+            .to_not_found_response(UserErrors::InvalidUserAuthMethodOperation)?;
 
-    let current_flow = domain::CurrentFlow::new(user_token, domain::SPTFlow::AuthSelect.into())?;
-    let mut next_flow = current_flow.next(user_from_db.clone(), &state).await?;
+        let current_flow =
+            domain::CurrentFlow::new(user_token, domain::SPTFlow::AuthSelect.into())?;
+        let mut next_flow = current_flow.next(user_from_db.clone(), &state).await?;
 
-    // Skip SSO if continue with password(TOTP)
-    if next_flow.get_flow() == domain::UserFlow::SPTFlow(domain::SPTFlow::SSO)
-        && !utils::user::is_sso_auth_type(&user_authentication_method.auth_type)
-    {
-        next_flow = next_flow.skip(user_from_db, &state).await?;
+        // Skip SSO if continue with password(TOTP)
+        if next_flow.get_flow() == domain::UserFlow::SPTFlow(domain::SPTFlow::SSO)
+            && !utils::user::is_sso_auth_type(&user_authentication_method.auth_type)
+        {
+            next_flow = next_flow.skip(user_from_db, &state).await?;
+        }
+        let token = next_flow.get_token(&state).await?;
+
+        return auth::cookies::set_cookie_response(
+            user_api::TokenResponse {
+                token: token.clone(),
+                token_type: next_flow.get_flow().into(),
+            },
+            token,
+        );
     }
+
+    // Giving totp token for hyperswtich users when no id is present in the request body
+    let current_flow = domain::CurrentFlow::new(user_token, domain::SPTFlow::AuthSelect.into())?;
+    let mut next_flow = current_flow.next(user_from_db.clone(), &state).await?;
+    next_flow = next_flow.skip(user_from_db, &state).await?;
     let token = next_flow.get_token(&state).await?;
 
     auth::cookies::set_cookie_response(