feat(auth): add 2FA with OTP, backup codes and trusted devices
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -154,15 +154,15 @@ async def init_data_entry_db():
|
||||
|
||||
|
||||
async def init_telegram_db():
|
||||
"""Initialize Telegram SQLite database."""
|
||||
logger.info("[TELEGRAM] Initializing SQLite database...")
|
||||
"""Initialize shared app database (trusted devices, backup codes, telegram tables)."""
|
||||
logger.info("[TELEGRAM] Initializing shared app database...")
|
||||
try:
|
||||
from backend.modules.telegram.db import init_database, cleanup_expired_codes, cleanup_expired_sessions, cleanup_expired_email_codes
|
||||
|
||||
await init_database()
|
||||
logger.info(f"[TELEGRAM] ✅ Database initialized: {settings.telegram_sqlite_database_path}")
|
||||
from shared.database.app_db import init_app_db
|
||||
await init_app_db()
|
||||
logger.info("[TELEGRAM] ✅ Shared app database initialized")
|
||||
|
||||
# Cleanup expired data
|
||||
from backend.modules.telegram.db import cleanup_expired_codes, cleanup_expired_sessions, cleanup_expired_email_codes
|
||||
expired_codes = await cleanup_expired_codes()
|
||||
expired_sessions = await cleanup_expired_sessions()
|
||||
expired_email_codes = await cleanup_expired_email_codes()
|
||||
@@ -544,6 +544,9 @@ app.add_middleware(
|
||||
"/", "/docs", "/health", "/redoc", "/openapi.json",
|
||||
"/api/auth/login", "/api/auth/refresh", "/api/auth/check-email",
|
||||
"/api/auth/check-identity", # US-013: Dual login support (email + username)
|
||||
"/api/auth/verify-2fa-code", # 2FA: verificare cod OTP (public — fără JWT)
|
||||
"/api/auth/resend-2fa-code", # 2FA: retrimite cod OTP (public — fără JWT)
|
||||
"/api/auth/verify-backup-code", # Backup codes: verificare cod de recuperare (public — fără JWT)
|
||||
"/api/system/auth-mode", # Public endpoint for login mode detection
|
||||
"/api/telegram/auth/verify-user",
|
||||
"/api/telegram/auth/verify-email",
|
||||
|
||||
Reference in New Issue
Block a user