Remove mfa in wallet (#858)

* Remove MFA in Wallet

* cleanup

---------

Co-authored-by: Aleksander <[email protected]>

migrations/20241119105926_disable_wallet_mfa.down.sql

@@ -0,0 +1 @@
+ALTER TABLE wallet ADD COLUMN use_for_mfa boolean NOT NULL DEFAULT true;

migrations/20241119105926_disable_wallet_mfa.up.sql

@@ -1 +1 @@
-UPDATE wallet SET use_for_mfa = false;
+ALTER TABLE wallet DROP use_for_mfa;

src/db/models/mod.rs

@@ -40,12 +40,11 @@ pub struct NewOpenIDClient {
     pub enabled: bool,
 }
 
-#[derive(Debug, Deserialize, Serialize)]
+#[derive(Debug, Deserialize, Serialize, ToSchema)]
 pub struct WalletInfo {
     pub address: String,
     pub name: String,
     pub chain_id: Id,
-    pub use_for_mfa: bool,
 }
 
 #[derive(Deserialize, Serialize, Debug, Clone)]
@@ -217,7 +216,6 @@ impl UserDetails {
 pub struct MFAInfo {
     mfa_method: MFAMethod,
     totp_available: bool,
-    web3_available: bool,
     webauthn_available: bool,
     email_available: bool,
 }
@@ -227,7 +225,6 @@ impl MFAInfo {
         query_as!(
             Self,
             "SELECT mfa_method \"mfa_method: _\", totp_enabled totp_available, email_mfa_enabled email_available, \
-            (SELECT count(*) > 0 FROM wallet WHERE user_id = $1 AND wallet.use_for_mfa) \"web3_available!\", \
             (SELECT count(*) > 0 FROM webauthn WHERE user_id = $1) \"webauthn_available!\" \
             FROM \"user\" WHERE \"user\".id = $1",
             user.id
@@ -236,10 +233,7 @@ impl MFAInfo {
 
     #[must_use]
     pub fn mfa_available(&self) -> bool {
-        self.webauthn_available
-            || self.totp_available
-            || self.web3_available
-            || self.email_available
+        self.webauthn_available || self.totp_available || self.email_available
     }
 
     #[must_use]
@@ -257,9 +251,6 @@ impl MFAInfo {
         if self.webauthn_available {
             methods.push(MFAMethod::Webauthn);
         }
-        if self.web3_available {
-            methods.push(MFAMethod::Web3);
-        }
         if self.totp_available {
             methods.push(MFAMethod::OneTimePassword);
         }

src/db/models/user.rs

@@ -15,7 +15,6 @@ use totp_lite::{totp_custom, Sha1};
 use super::{
     device::{Device, UserDevice},
     group::Group,
-    wallet::Wallet,
     webauthn::WebAuthn,
     MFAInfo, OAuth2AuthorizedAppInfo, SecurityKey, WalletInfo,
 };
@@ -234,7 +233,6 @@ impl User<Id> {
 
     /// Check if any of the multi-factor authentication methods is on.
     /// - TOTP is enabled
-    /// - a [`Wallet`] flagged `use_for_mfa`
     /// - a security key for Webauthn
     async fn check_mfa_enabled<'e, E>(&self, executor: E) -> Result<bool, SqlxError>
     where
@@ -246,9 +244,8 @@ impl User<Id> {
         }
 
         query_scalar!(
-            "SELECT totp_enabled OR email_mfa_enabled OR coalesce(bool_or(wallet.use_for_mfa), FALSE) \
+            "SELECT totp_enabled OR email_mfa_enabled \
             OR count(webauthn.id) > 0 \"bool!\" FROM \"user\" \
-            LEFT JOIN wallet ON wallet.user_id = \"user\".id \
             LEFT JOIN webauthn ON webauthn.user_id = \"user\".id \
             WHERE \"user\".id = $1 GROUP BY totp_enabled, email_mfa_enabled;",
             self.id
@@ -360,7 +357,6 @@ impl User<Id> {
         )
         .execute(pool)
         .await?;
-        Wallet::disable_mfa_for_user(pool, self.id).await?;
         WebAuthn::delete_all_for_user(pool, self.id).await?;
 
         self.totp_secret = None;
@@ -727,7 +723,7 @@ impl User<Id> {
     {
         query_as!(
             WalletInfo,
-            "SELECT address \"address!\", name, chain_id, use_for_mfa \
+            "SELECT address \"address!\", name, chain_id \
             FROM wallet WHERE user_id = $1 AND validation_timestamp IS NOT NULL",
             self.id
         )