Adds multi-factor support for updateUser #706
Conversation
This will allow the ability to update the list of second factors on an existing user record. Adds related unit and integration tests for this operation.
src/auth/user-record.ts
Outdated
| @@ -51,6 +51,15 @@ export interface UpdateRequest { | |||
| password?: string; | |||
| phoneNumber?: string | null; | |||
| photoURL?: string | null; | |||
| multiFactor?: { | |||
| enrolledFactors: Array<{ | |||
There was a problem hiding this comment.
Should we use the SecondFactor type as used in UserImportBuilder?
There was a problem hiding this comment.
I created a local SecondFactor type. Didn't want to risk getting in a possible circular dependency situation.
| @@ -1049,6 +1059,28 @@ export abstract class AbstractAuthRequestHandler { | |||
| request.disableUser = request.disabled; | |||
| delete request.disabled; | |||
| } | |||
| // Construct mfa related user data. | |||
| if (validator.isNonNullObject(request.multiFactor)) { | |||
| if (request.multiFactor.enrolledFactors === null) { | |||
There was a problem hiding this comment.
Perhaps this is slightly more clear:
request.mfa = {};
const enrollments = [];
if (validator.isArray(request.multiFactor.enrolledFactors)) {
// iterate and push
}
if (enrollments.length > 0) {
request.mfa.enrollments = enrollments;
}
There was a problem hiding this comment.
Hmm it is a bit more complicated as passing request.mfa = {} will clear all existing second factors on the user.
We should only pass that if the developers passing explicitly an empty array for enrolledFactors or null for enrolledFactors.
…ation to d.ts file.
| @@ -1000,6 +1020,16 @@ declare namespace admin.auth { | |||
| * to the tenant corresponding to that `TenantAwareAuth` instance's tenant ID. | |||
| */ | |||
| tenantId?: string | null; | |||
|
|
|||
| multiFactor?: { | |||
| enrolledFactors: Array<{ | |||
There was a problem hiding this comment.
Does it make sense to reduce this duplication by introducing an interface? Like the SecondFactor type used in the implementation?
There was a problem hiding this comment.
Yeah I think we can define an interface for this. I can do it in the next PR. This is going to be modified and more documentation added later anyway.
Adds multi-factor support for updateUser
This will allow the ability to update the list of second factors on an existing user record.
Adds related unit and integration tests for this operation.