fix email as 2fa for sso (#6495)

* fix email as 2fa for sso * allow saving device without updating `updated_at` * check if email is some * allow device to be saved in postgresql * use twofactor_incomplete table * no need to update device.updated_at
2026-04-02 23:29:21 -07:00 · 2025-12-06 22:22:33 +01:00
parent 8f689d8795
commit 4ad8baf7be
7 changed files with 94 additions and 61 deletions
--- a/src/db/models/device.rs
+++ b/src/db/models/device.rs
@@ -35,6 +35,25 @@ pub struct Device {

 /// Local methods
 impl Device {
+    pub fn new(uuid: DeviceId, user_uuid: UserId, name: String, atype: i32) -> Self {
+        let now = Utc::now().naive_utc();
+
+        Self {
+            uuid,
+            created_at: now,
+            updated_at: now,
+
+            user_uuid,
+            name,
+            atype,
+
+            push_uuid: Some(PushId(get_uuid())),
+            push_token: None,
+            refresh_token: crypto::encode_random_bytes::<64>(&BASE64URL),
+            twofactor_remember: None,
+        }
+    }
+
    pub fn to_json(&self) -> Value {
        json!({
            "id": self.uuid,
@@ -110,38 +129,21 @@ impl DeviceWithAuthRequest {
 }
 use crate::db::DbConn;

-use crate::api::{ApiResult, EmptyResult};
+use crate::api::EmptyResult;
 use crate::error::MapResult;

 /// Database methods
 impl Device {
-    pub async fn new(uuid: DeviceId, user_uuid: UserId, name: String, atype: i32, conn: &DbConn) -> ApiResult<Device> {
-        let now = Utc::now().naive_utc();
+    pub async fn save(&mut self, update_time: bool, conn: &DbConn) -> EmptyResult {
+        if update_time {
+            self.updated_at = Utc::now().naive_utc();
+        }

-        let device = Self {
-            uuid,
-            created_at: now,
-            updated_at: now,
-
-            user_uuid,
-            name,
-            atype,
-
-            push_uuid: Some(PushId(get_uuid())),
-            push_token: None,
-            refresh_token: crypto::encode_random_bytes::<64>(&BASE64URL),
-            twofactor_remember: None,
-        };
-
-        device.inner_save(conn).await.map(|()| device)
-    }
-
-    async fn inner_save(&self, conn: &DbConn) -> EmptyResult {
        db_run! { conn:
            sqlite, mysql {
                crate::util::retry(||
                    diesel::replace_into(devices::table)
-                        .values(self)
+                        .values(&*self)
                        .execute(conn),
                    10,
                ).map_res("Error saving device")
@@ -149,10 +151,10 @@ impl Device {
            postgresql {
                crate::util::retry(||
                    diesel::insert_into(devices::table)
-                        .values(self)
+                        .values(&*self)
                        .on_conflict((devices::uuid, devices::user_uuid))
                        .do_update()
-                        .set(self)
+                        .set(&*self)
                        .execute(conn),
                    10,
                ).map_res("Error saving device")
@@ -160,12 +162,6 @@ impl Device {
        }
    }

-    // Should only be called after user has passed authentication
-    pub async fn save(&mut self, conn: &DbConn) -> EmptyResult {
-        self.updated_at = Utc::now().naive_utc();
-        self.inner_save(conn).await
-    }
-
    pub async fn delete_all_by_user(user_uuid: &UserId, conn: &DbConn) -> EmptyResult {
        db_run! { conn: {
            diesel::delete(devices::table.filter(devices::user_uuid.eq(user_uuid)))