feat(session-verify): 添加 TOTP 支持 (#34)

* chore(deps): add pyotp * feat(auth): implement TOTP verification feat(auth): implement TOTP verification and email verification services - Added TOTP keys management with a new database model `TotpKeys`. - Introduced `EmailVerification` and `LoginSession` models for email verification. - Created `verification_service` to handle email verification logic and TOTP processes. - Updated user response models to include session verification methods. - Implemented routes for TOTP creation, verification, and fallback to email verification. - Enhanced login session management to support new location checks and verification methods. - Added migration script to create `totp_keys` table in the database. * feat(config): update config example * docs(totp): complete creating TOTP flow * refactor(totp): resolve review * feat(api): forbid unverified request * fix(totp): trace session by token id to avoid other sessions are forbidden * chore(linter): make pyright happy * fix(totp): only mark sessions with a specified token id
2025-09-21 19:50:11 +08:00
parent 7b4ff1224d
commit 1527e23b43
25 changed files with 684 additions and 235 deletions
--- a/migrations/versions/2025-09-20_15e3a9a05b67_auth_add_totp_keys.py
+++ b/migrations/versions/2025-09-20_15e3a9a05b67_auth_add_totp_keys.py
@@ -0,0 +1,47 @@
+"""auth: add totp keys
+
+Revision ID: 15e3a9a05b67
+Revises: ebaa317ad928
+Create Date: 2025-09-20 11:27:58.485299
+
+"""
+
+from __future__ import annotations
+
+from collections.abc import Sequence
+
+from alembic import op
+import sqlalchemy as sa
+import sqlmodel
+
+# revision identifiers, used by Alembic.
+revision: str = "15e3a9a05b67"
+down_revision: str | Sequence[str] | None = "ebaa317ad928"
+branch_labels: str | Sequence[str] | None = None
+depends_on: str | Sequence[str] | None = None
+
+
+def upgrade() -> None:
+    """Upgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table(
+        "totp_keys",
+        sa.Column("user_id", sa.BigInteger(), nullable=False),
+        sa.Column("secret", sqlmodel.sql.sqltypes.AutoString(length=100), nullable=False),
+        sa.Column("backup_keys", sa.JSON(), nullable=True),
+        sa.Column("created_at", sa.DateTime(), nullable=True),
+        sa.ForeignKeyConstraint(
+            ["user_id"],
+            ["lazer_users.id"],
+        ),
+        sa.PrimaryKeyConstraint("user_id"),
+    )
+
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    """Downgrade schema."""
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_table("totp_keys")
+    # ### end Alembic commands ###