From d242850b63173f314fb259451139464f09e0a9e9 Mon Sep 17 00:00:00 2001
From: Mani Chandra <84711804+ThisIsMani@users.noreply.github.com>
Date: Mon, 3 Jun 2024 19:40:13 +0530
Subject: [PATCH] refactor(users): Changes for Home and Signout APIs for TOTP
 Redis flows (#4851)

Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com>
---
 crates/api_models/src/user.rs                 |  3 +++
 crates/router/src/core/user.rs                |  6 +++++
 .../router/src/utils/user/two_factor_auth.rs  | 23 +++++++++++++++++++
 3 files changed, 32 insertions(+)

diff --git a/crates/api_models/src/user.rs b/crates/api_models/src/user.rs
index ee9498cfee..a61b9fd7df 100644
--- a/crates/api_models/src/user.rs
+++ b/crates/api_models/src/user.rs
@@ -165,7 +165,10 @@ pub struct GetUserDetailsResponse {
     #[serde(skip_serializing)]
     pub user_id: String,
     pub org_id: String,
+    pub is_two_factor_auth_setup: bool,
+    pub recovery_codes_left: Option<usize>,
 }
+
 #[derive(Debug, serde::Deserialize, serde::Serialize)]
 pub struct GetUserRoleDetailsRequest {
     pub email: pii::Email,
diff --git a/crates/router/src/core/user.rs b/crates/router/src/core/user.rs
index f4751c3a55..69a4cfc8a6 100644
--- a/crates/router/src/core/user.rs
+++ b/crates/router/src/core/user.rs
@@ -94,6 +94,8 @@ pub async fn get_user_details(
             verification_days_left,
             role_id: user_from_token.role_id,
             org_id: user_from_token.org_id,
+            is_two_factor_auth_setup: user.get_totp_status() == TotpStatus::Set,
+            recovery_codes_left: user.get_recovery_codes().map(|codes| codes.len()),
         },
     ))
 }
@@ -328,6 +330,10 @@ pub async fn signout(
     state: SessionState,
     user_from_token: auth::UserFromToken,
 ) -> UserResponse<()> {
+    tfa_utils::delete_totp_from_redis(&state, &user_from_token.user_id).await?;
+    tfa_utils::delete_recovery_code_from_redis(&state, &user_from_token.user_id).await?;
+    tfa_utils::delete_totp_secret_from_redis(&state, &user_from_token.user_id).await?;
+
     auth::blacklist::insert_user_in_blacklist(&state, &user_from_token.user_id).await?;
     auth::cookies::remove_cookie_response()
 }
diff --git a/crates/router/src/utils/user/two_factor_auth.rs b/crates/router/src/utils/user/two_factor_auth.rs
index f64eda4dc5..bebe58ebd8 100644
--- a/crates/router/src/utils/user/two_factor_auth.rs
+++ b/crates/router/src/utils/user/two_factor_auth.rs
@@ -116,3 +116,26 @@ pub async fn insert_recovery_code_in_redis(state: &SessionState, user_id: &str)
         .await
         .change_context(UserErrors::InternalServerError)
 }
+
+pub async fn delete_totp_from_redis(state: &SessionState, user_id: &str) -> UserResult<()> {
+    let redis_conn = super::get_redis_connection(state)?;
+    let key = format!("{}{}", consts::user::REDIS_TOTP_PREFIX, user_id);
+    redis_conn
+        .delete_key(&key)
+        .await
+        .change_context(UserErrors::InternalServerError)
+        .map(|_| ())
+}
+
+pub async fn delete_recovery_code_from_redis(
+    state: &SessionState,
+    user_id: &str,
+) -> UserResult<()> {
+    let redis_conn = super::get_redis_connection(state)?;
+    let key = format!("{}{}", consts::user::REDIS_RECOVERY_CODE_PREFIX, user_id);
+    redis_conn
+        .delete_key(&key)
+        .await
+        .change_context(UserErrors::InternalServerError)
+        .map(|_| ())
+}