chore: Merge branch 'master' into hf/phase-ii-ott

supabase · May 8, 2024 · 9b31ffa · 9b31ffa
2 parents 58f301a + 86a79df
commit 9b31ffa
Show file tree

Hide file tree

Showing 4 changed files with 66 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,19 @@
 # Changelog
 
+## [2.151.0](https://github.com/supabase/auth/compare/v2.150.1...v2.151.0) (2024-05-06)
+
+
+### Features
+
+* refactor one-time tokens for performance ([#1558](https://github.com/supabase/auth/issues/1558)) ([d1cf8d9](https://github.com/supabase/auth/commit/d1cf8d9096e9183d7772b73031de8ecbd66e912b))
+
+
+### Bug Fixes
+
+* do call send sms hook when SMS autoconfirm is enabled ([#1562](https://github.com/supabase/auth/issues/1562)) ([bfe4d98](https://github.com/supabase/auth/commit/bfe4d988f3768b0407526bcc7979fb21d8cbebb3))
+* format test otps ([#1567](https://github.com/supabase/auth/issues/1567)) ([434a59a](https://github.com/supabase/auth/commit/434a59ae387c35fd6629ec7c674d439537e344e5))
+* log final writer error instead of handling ([#1564](https://github.com/supabase/auth/issues/1564)) ([170bd66](https://github.com/supabase/auth/commit/170bd6615405afc852c7107f7358dfc837bad737))
+
 ## [2.150.1](https://github.com/supabase/auth/compare/v2.150.0...v2.150.1) (2024-04-28)
 
 

diff --git a/internal/api/mail.go b/internal/api/mail.go
@@ -182,7 +182,7 @@ func (a *API) adminGenerateLink(w http.ResponseWriter, r *http.Request) error {
 			}
 			terr = models.CreateOneTimeToken(tx, user.ID, user.GetEmail(), user.ConfirmationToken, models.ConfirmationToken)
 			if terr != nil {
-				terr = errors.Wrap(terr, "Database error reating confirmation token for invite in admin")
+				terr = errors.Wrap(terr, "Database error creating confirmation token for invite in admin")
 				return terr
 			}
 		case mail.SignupVerification:
@@ -220,7 +220,7 @@ func (a *API) adminGenerateLink(w http.ResponseWriter, r *http.Request) error {
 			}
 			terr = models.CreateOneTimeToken(tx, user.ID, user.GetEmail(), user.ConfirmationToken, models.ConfirmationToken)
 			if terr != nil {
-				terr = errors.Wrap(terr, "Database error reating confirmation token for signup in admin")
+				terr = errors.Wrap(terr, "Database error creating confirmation token for signup in admin")
 				return terr
 			}
 		case mail.EmailChangeCurrentVerification, mail.EmailChangeNewVerification:

diff --git a/internal/api/verify_test.go b/internal/api/verify_test.go
@@ -24,11 +24,15 @@ import (
 type VerifyVariant int
 
 const (
-	VerifyWithOTT VerifyVariant = iota
+	VerifyWithoutOTT VerifyVariant = iota
+	VerifyWithOTT
 )
 
 func (v VerifyVariant) String() string {
 	switch v {
+	case VerifyWithoutOTT:
+		return "WithoutOTT"
+
 	case VerifyWithOTT:
 		return "WithOTT"
 
@@ -67,6 +71,7 @@ func (ts *VerifyTestSuite) SetupTest() {
 
 func (ts *VerifyTestSuite) VerifyWithVariants(fn func(variant VerifyVariant)) {
 	variants := []VerifyVariant{
+		VerifyWithoutOTT,
 		VerifyWithOTT,
 	}
 
@@ -141,6 +146,10 @@ func (ts *VerifyTestSuite) TestVerifyPasswordRecovery() {
 
 				recoveryToken := u.RecoveryToken
 
+				if variant == VerifyWithoutOTT {
+					require.NoError(ts.T(), models.ClearAllOneTimeTokensForUser(ts.API.db, u.ID))
+				}
+
 				reqURL := fmt.Sprintf("http://localhost/verify?type=%s&token=%s", mail.RecoveryVerification, recoveryToken)
 				req = httptest.NewRequest(http.MethodGet, reqURL, nil)
 
@@ -240,6 +249,10 @@ func (ts *VerifyTestSuite) TestVerifySecureEmailChange() {
 			currentTokenHash := u.EmailChangeTokenCurrent
 			newTokenHash := u.EmailChangeTokenNew
 
+			if variant == VerifyWithoutOTT {
+				require.NoError(ts.T(), models.ClearAllOneTimeTokensForUser(ts.API.db, u.ID))
+			}
+
 			u, err = models.FindUserByEmailAndAudience(ts.API.db, c.currentEmail, ts.Config.JWT.Aud)
 			require.NoError(ts.T(), err)
 
@@ -999,6 +1012,10 @@ func (ts *VerifyTestSuite) TestVerifyValidOtp() {
 				require.NoError(ts.T(), models.CreateOneTimeToken(ts.API.db, u.ID, "relates_to not used", u.EmailChangeTokenNew, models.EmailChangeTokenNew))
 				require.NoError(ts.T(), models.CreateOneTimeToken(ts.API.db, u.ID, "relates_to not used", u.PhoneChangeToken, models.PhoneChangeToken))
 
+				if variant == VerifyWithoutOTT {
+					require.NoError(ts.T(), models.ClearAllOneTimeTokensForUser(ts.API.db, u.ID))
+				}
+
 				require.NoError(ts.T(), ts.API.db.Update(u))
 
 				var buffer bytes.Buffer

diff --git a/openapi.yaml b/openapi.yaml
@@ -1840,7 +1840,7 @@ components:
         identities:
           type: array
           items:
-            type: object
+            $ref: "#/components/schemas/IdentitySchema"
         banned_until:
           type: string
           format: date-time
@@ -1853,6 +1853,8 @@ components:
         deleted_at:
           type: string
           format: date-time
+        is_anonymous:
+          type: boolean
 
     SAMLAttributeMappingSchema:
       type: object
@@ -1958,6 +1960,35 @@ components:
             Usually one of:
             - totp
 
+    IdentitySchema:
+      type: object
+      properties:
+        identity_id:
+          type: string
+          format: uuid
+        id:
+          type: string
+          format: uuid
+        user_id:
+          type: string
+          format: uuid
+        identity_data:
+          type: object
+        provider:
+          type: string
+        last_sign_in_at:
+          type: string
+          format: date-time
+        created_at:
+          type: string
+          format: date-time
+        updated_at:
+          type: string
+          format: date-time
+        email:
+          type: string
+          format: email
+
   responses:
     OAuthCallbackRedirectResponse:
       description: >