chore(backend): bump allauth version (#9714)

* bump allauth * add trust * add device trust handling * fix style * Update api_version.py --------- Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2025-07-02 19:50:59 +00:00 · 2025-06-05 05:27:52 +02:00
parent ee67c4f099
commit 71abd489ae
7 changed files with 64 additions and 16 deletions
--- a/src/frontend/lib/enums/ApiEndpoints.tsx
+++ b/src/frontend/lib/enums/ApiEndpoints.tsx
@ -30,6 +30,7 @@ export enum ApiEndpoints {
  auth_recovery = 'auth/v1/account/authenticators/recovery-codes',
  auth_mfa_reauthenticate = 'auth/v1/auth/2fa/reauthenticate',
  auth_totp = 'auth/v1/account/authenticators/totp',
+  auth_trust = 'auth/v1/auth/2fa/trust',
  auth_reauthenticate = 'auth/v1/auth/reauthenticate',
  auth_email = 'auth/v1/account/email',
  auth_email_verify = 'auth/v1/auth/email/verify',
--- a/src/frontend/lib/types/Auth.tsx
+++ b/src/frontend/lib/types/Auth.tsx
@ -13,7 +13,8 @@ export enum FlowEnum {
  ProviderToken = 'provider_token',
  MfaAuthenticate = 'mfa_authenticate',
  Reauthenticate = 'reauthenticate',
-  MfaReauthenticate = 'mfa_reauthenticate'
+  MfaReauthenticate = 'mfa_reauthenticate',
+  MfaTrust = 'mfa_trust'
 }

 export interface Flow {
--- a/src/frontend/src/functions/auth.tsx
+++ b/src/frontend/src/functions/auth.tsx
@ -262,26 +262,19 @@ export function handleReset(
 export function handleMfaLogin(
  navigate: NavigateFunction,
  location: Location<any>,
-  values: { code: string },
+  values: { code: string; remember?: boolean },
  setError: (message: string | undefined) => void
 ) {
-  const { setAuthenticated, fetchUserState } = useUserState.getState();
  const { setAuthContext } = useServerApiState.getState();

  authApi(apiUrl(ApiEndpoints.auth_login_2fa), undefined, 'post', {
    code: values.code
  })
    .then((response) => {
-      setError(undefined);
-      setAuthContext(response.data?.data);
-      setAuthenticated();
-
-      fetchUserState().finally(() => {
-        observeProfile();
-        followRedirect(navigate, location?.state);
-      });
+      handleSuccessFullAuth(response, navigate, location, setError);
    })
    .catch((err) => {
+      // Already logged in, but with a different session
      if (err?.response?.status == 409) {
        notifications.show({
          title: t`Already logged in`,
@ -289,6 +282,19 @@ export function handleMfaLogin(
          color: 'red',
          autoClose: false
        });
+        // MFA trust flow pending
+      } else if (err?.response?.status == 401) {
+        const mfa_trust = err.response.data.data.flows.find(
+          (flow: any) => flow.id == FlowEnum.MfaTrust
+        );
+        if (mfa_trust?.is_pending) {
+          setAuthContext(err.response.data.data);
+          authApi(apiUrl(ApiEndpoints.auth_trust), undefined, 'post', {
+            trust: values.remember ?? false
+          }).then((response) => {
+            handleSuccessFullAuth(response, navigate, location, setError);
+          });
+        }
      } else {
        const errors = err.response?.data?.errors;
        let msg = t`An error occurred`;
@ -351,6 +357,35 @@ export const checkLoginState = async (
  }
 };

+function handleSuccessFullAuth(
+  response?: any,
+  navigate?: NavigateFunction,
+  location?: Location<any>,
+  setError?: (message: string | undefined) => void
+) {
+  const { setAuthenticated, fetchUserState } = useUserState.getState();
+  const { setAuthContext } = useServerApiState.getState();
+
+  if (setError) {
+    // If an error function is provided, clear any previous errors
+    setError(undefined);
+  }
+
+  if (response.data?.data) {
+    setAuthContext(response.data?.data);
+  }
+  setAuthenticated();
+
+  fetchUserState().finally(() => {
+    observeProfile();
+    fetchGlobalStates(navigate);
+
+    if (navigate) {
+      followRedirect(navigate, location?.state);
+    }
+  });
+}
+
 /*
 * Return the value of the CSRF cookie, if available
 */
--- a/src/frontend/src/pages/Auth/MFA.tsx
+++ b/src/frontend/src/pages/Auth/MFA.tsx
@ -1,6 +1,6 @@
 import { t } from '@lingui/core/macro';
 import { Trans } from '@lingui/react/macro';
-import { Button, TextInput } from '@mantine/core';
+import { Button, Checkbox, TextInput } from '@mantine/core';
 import { useForm } from '@mantine/form';
 import { useState } from 'react';
 import { useLocation, useNavigate } from 'react-router-dom';
@ -8,7 +8,7 @@ import { handleMfaLogin } from '../../functions/auth';
 import { Wrapper } from './Layout';

 export default function Mfa() {
-  const simpleForm = useForm({ initialValues: { code: '' } });
+  const simpleForm = useForm({ initialValues: { code: '', remember: false } });
  const navigate = useNavigate();
  const location = useLocation();
  const [loginError, setLoginError] = useState<string | undefined>(undefined);
@ -23,6 +23,12 @@ export default function Mfa() {
        {...simpleForm.getInputProps('code')}
        error={loginError}
      />
+      <Checkbox
+        label={t`Remember this device`}
+        name='remember'
+        description={t`If enabled, you will not be asked for MFA on this device for 30 days.`}
+        {...simpleForm.getInputProps('remember', { type: 'checkbox' })}
+      />
      <Button
        type='submit'
        onClick={() =>