fission-codes · avivash · Feb 25, 2023 · Mar 2, 2023 · Mar 6, 2023 · Mar 7, 2023
diff --git a/fission-web-api/library/Fission/Web/API/User/Challenge/Types.hs b/fission-web-api/library/Fission/Web/API/User/Challenge/Types.hs
@@ -0,0 +1,22 @@
+module Fission.Web.API.User.Challenge.Types (Routes (..)) where
+
+import           Fission.Challenge.Types
+
+import           Fission.Web.API.Prelude
+
+import           Fission.User.Username.Types
+
+import qualified Fission.Web.API.Auth.Types  as Auth
+
+data Routes mode = Routes
+  { recover ::
+      mode
+      :- "recover"
+      :> Summary "Return challenge for account recovery"
+      --
+      :> Capture "Username" Username
+      --
+      :> Auth.HigherOrder
+      :> Post '[JSON] Challenge
+  }
+  deriving Generic
diff --git a/fission-web-api/library/Fission/Web/API/User/Types.hs b/fission-web-api/library/Fission/Web/API/User/Types.hs
@@ -6,6 +6,7 @@ import qualified Fission.Web.API.Relay.Types               as Relay
 import qualified Fission.Web.API.User.Create.Types         as Create
 import qualified Fission.Web.API.User.DID.Types            as DID
 import qualified Fission.Web.API.User.DataRoot.Types       as DataRoot
+import qualified Fission.Web.API.User.Challenge.Types      as Challenge
 import qualified Fission.Web.API.User.Email.Types          as Email
 import qualified Fission.Web.API.User.ExchangeKey.Types    as ExchangeKeys
 import qualified Fission.Web.API.User.Password.Reset.Types as Password
@@ -18,11 +19,12 @@ data RoutesV3 mode = RoutesV3
   deriving Generic
 
 data RoutesV2 mode = RoutesV2
-  { dataRoot     :: mode :- "data"   :> ToServantApi DataRoot.RoutesV2
-  , email        :: mode :- "email"  :> ToServantApi Email.Routes
-  , did          :: mode :- "did"    :> ToServantApi DID.RoutesV_
-  , whoAmI       :: mode :- "whoami" :> ToServantApi WhoAmI.Routes
-  , linkingRelay :: mode :- "link"   :> ToServantApi Relay.Routes
+  { dataRoot     :: mode :- "data"      :> ToServantApi DataRoot.RoutesV2
+  , challenge    :: mode :- "challenge" :> ToServantApi Challenge.Routes
+  , email        :: mode :- "email"     :> ToServantApi Email.Routes
+  , did          :: mode :- "did"       :> ToServantApi DID.RoutesV_
+  , whoAmI       :: mode :- "whoami"    :> ToServantApi WhoAmI.Routes
+  , linkingRelay :: mode :- "link"      :> ToServantApi Relay.Routes
   , create       :: mode :- Create.WithDID
   }
   deriving Generic

diff --git a/fission-web-client/library/Fission/Web/Client/V2.hs b/fission-web-client/library/Fission/Web/Client/V2.hs
@@ -17,6 +17,8 @@ module Fission.Web.Client.V2
   , setDIDViaUCAN
   , setDIDViaChallenge
   --
+  , recoverViaChallenge
+  --
   , verifyViaEmail
   , resendVerificationEmail
   , recoverViaEmail
@@ -36,6 +38,7 @@ import qualified Fission.Web.API.Types                            as Fission
 
 import qualified Fission.Web.API.User.DID.Types                   as User.DID
 import qualified Fission.Web.API.User.DataRoot.Types              as User.DataRoot
+import qualified Fission.Web.API.User.Challenge.Types             as User.Challenge
 import qualified Fission.Web.API.User.Email.Types                 as User.Email
 import qualified Fission.Web.API.User.Types                       as User
 import qualified Fission.Web.API.User.WhoAmI.Types                as User.WhoAmI
@@ -83,6 +86,11 @@ Fission.Routes
                         , setViaChallenge  = setDIDViaChallenge
                         }
 
+                  , challenge = fromServant @_ @(AsClientT ClientM) ->
+                      User.Challenge.Routes
+                        { recover = recoverViaChallenge
+                        }
+
                   , email = fromServant @_ @(AsClientT ClientM) ->
                       User.Email.Routes
                         { verify  = verifyViaEmail

diff --git a/fission-web-server/library/Fission/Web/Server/Handler/User.hs b/fission-web-server/library/Fission/Web/Server/Handler/User.hs
@@ -25,6 +25,7 @@ import qualified Fission.Web.Server.Handler.Relay               as Relay
 import qualified Fission.Web.Server.Handler.User.Create         as Create
 import qualified Fission.Web.Server.Handler.User.DID            as DID
 import qualified Fission.Web.Server.Handler.User.DataRoot       as DataRoot
+import qualified Fission.Web.Server.Handler.User.Challenge      as Challenge
 import qualified Fission.Web.Server.Handler.User.Email          as Email
 import qualified Fission.Web.Server.Handler.User.ExchangeKey    as ExchangeKey
 import qualified Fission.Web.Server.Handler.User.Password.Reset as Password.Reset
@@ -69,6 +70,7 @@ handlerV2 =
   User.RoutesV2
     { create       = Create.withDID
     , whoAmI       = genericServerT WhoAmI.handler
+    , challenge    = genericServerT Challenge.handler
     , email        = genericServerT Email.handler
     , did          = genericServerT DID.handlerV_
     , linkingRelay = genericServerT Relay.handler

diff --git a/fission-web-server/library/Fission/Web/Server/Handler/User/Challenge.hs b/fission-web-server/library/Fission/Web/Server/Handler/User/Challenge.hs
@@ -0,0 +1,34 @@
+module Fission.Web.Server.Handler.User.Challenge (handler) where
+
+import           Servant
+import           Servant.Server.Generic
+
+import           Fission.Prelude
+
+import qualified Fission.Web.API.User.Challenge.Types               as Challenge
+
+import           Fission.Web.Server.Authorization.Types
+import qualified Fission.Web.Server.Error                           as Web.Err
+import           Fission.Web.Server.Models
+import qualified Fission.Web.Server.RecoveryChallenge.Creator.Class as RecoveryChallenge
+import           Fission.Web.Server.User.Retriever.Class            as User
+
+handler ::
+  ( RecoveryChallenge.Creator m
+  , User.Retriever            m
+  , MonadThrow                m
+  , MonadLogger               m
+  , MonadTime                 m
+  )
+  => Challenge.Routes (AsServerT m)
+handler = Challenge.Routes {..}
+  where
+    recover username Authorization { about = Entity userId _ } = do
+      Entity _ User { } <- Web.Err.ensureMaybe couldntFindUser =<< getByUsername username
+      now       <- currentTime
+      challenge <- RecoveryChallenge.create userId now
+      return challenge
+
+      where
+        couldntFindUser =
+          err422 { errBody = "Couldn't find a user with this username" }
diff --git a/fission-web-server/package.yaml b/fission-web-server/package.yaml
@@ -1,5 +1,5 @@
 name: fission-web-server
-version: "2.21.0.0"
+version: "2.21.0.1"
 category: API
 author:
   - Brooklyn Zelenka
@@ -15,7 +15,7 @@ maintainer:
   - [email protected]
   - [email protected]
   - [email protected]
-copyright: © 2021 Fission Internet Software Services for Open Networks Inc.
+copyright: © 2023 Fission Internet Software Services for Open Networks Inc.
 license: AGPL-3.0-or-later
 license-file: LICENSE
 github: fission-suite/fission