Rename passKey to passkey

server/cmd/museum/main.go

@@ -434,7 +434,7 @@ func main() {
 	publicAPI.POST("/users/two-factor/passkeys/begin", userHandler.BeginPasskeyAuthenticationCeremony)
 	publicAPI.POST("/users/two-factor/passkeys/finish", userHandler.FinishPasskeyAuthenticationCeremony)
 	privateAPI.GET("/users/two-factor/recovery-status", userHandler.GetTwoFactorRecoveryStatus)
-	privateAPI.POST("/users/two-factor/passkeys/configure-reset", userHandler.ConfigurePassKeySkipChallenge)
+	privateAPI.POST("/users/two-factor/passkeys/configure-recovery", userHandler.ConfigurePasskeyRecovery)
 	privateAPI.GET("/users/two-factor/status", userHandler.GetTwoFactorStatus)
 	privateAPI.POST("/users/two-factor/setup", userHandler.SetupTwoFactor)
 	privateAPI.POST("/users/two-factor/enable", userHandler.EnableTwoFactor)

server/ente/passkey.go

@@ -13,7 +13,7 @@ type Passkey struct {
 
 var MaxPasskeys = 10
 
-type SetPassKeyRecoveryRequest struct {
+type SetPasskeyRecoveryRequest struct {
 	Secret uuid.UUID `json:"secret" binding:"required"`
 	// The UserSecretCipher has SkipSecret encrypted with the user's recoveryKey
 	// If the user sends the correct UserSecretCipher, we can be sure that the user has the recoveryKey,
@@ -26,5 +26,5 @@ type TwoFactorRecoveryStatus struct {
 	// AllowAdminReset is a boolean that determines if the admin can reset the user's MFA.
 	// If true, in the event that the user loses their MFA device, the admin can reset the user's MFA.
 	AllowAdminReset          bool `json:"allowAdminReset" binding:"required"`
-	IsPassKeyRecoveryEnabled bool `json:"isPassKeyRecoveryEnabled" binding:"required"`
+	IsPasskeyRecoveryEnabled bool `json:"isPasskeyRecoveryEnabled" binding:"required"`
 }

server/pkg/api/user.go

@@ -253,15 +253,15 @@ func (h *UserHandler) GetTwoFactorRecoveryStatus(c *gin.Context) {
 	c.JSON(http.StatusOK, res)
 }
 
-// ConfigurePassKeySkipChallenge configures the passkey skip challenge for a user. In case the user does not
+// ConfigurePasskeyRecovery configures the passkey skip challenge for a user. In case the user does not
 // have access to passkey, the user can bypass the passkey by providing the recovery key
-func (h *UserHandler) ConfigurePassKeySkipChallenge(c *gin.Context) {
-	var request ente.SetPassKeyRecoveryRequest
+func (h *UserHandler) ConfigurePasskeyRecovery(c *gin.Context) {
+	var request ente.SetPasskeyRecoveryRequest
 	if err := c.ShouldBindJSON(&request); err != nil {
 		handler.Error(c, stacktrace.Propagate(err, ""))
 		return
 	}
-	err := h.UserController.ConfigurePassKeySkip(c, &request)
+	err := h.UserController.ConfigurePasskeyRecovery(c, &request)
 	if err != nil {
 		handler.Error(c, stacktrace.Propagate(err, ""))
 		return
@@ -405,7 +405,7 @@ func (h *UserHandler) RecoverTwoFactor(c *gin.Context) {
 	twoFactorType := c.Query("twoFactorType")
 	var response *ente.TwoFactorRecoveryResponse
 	var err error
-	if twoFactorType == "passKey" {
+	if twoFactorType == "passkey" {
 		response, err = h.UserController.GetPasskeyRecoveryResponse(c, sessionID)
 	} else {
 		response, err = h.UserController.RecoverTwoFactor(sessionID)
@@ -427,7 +427,7 @@ func (h *UserHandler) RemoveTwoFactor(c *gin.Context) {
 	}
 	var response *ente.TwoFactorAuthorizationResponse
 	var err error
-	if request.TwoFactorType == "passKey" {
+	if request.TwoFactorType == "passkey" {
 		response, err = h.UserController.SkipPasskeyVerification(c, &request)
 	} else {
 		response, err = h.UserController.RemoveTOTPTwoFactor(c, request.SessionID, request.Secret)

server/pkg/controller/user/passkey.go

@@ -13,9 +13,9 @@ func (c *UserController) GetTwoFactorRecoveryStatus(ctx *gin.Context) (*ente.Two
 	return c.TwoFactorRecoveryRepo.GetStatus(userID)
 }
 
-func (c *UserController) ConfigurePassKeySkip(ctx *gin.Context, req *ente.SetPassKeyRecoveryRequest) error {
+func (c *UserController) ConfigurePasskeyRecovery(ctx *gin.Context, req *ente.SetPasskeyRecoveryRequest) error {
 	userID := auth.GetUserID(ctx.Request.Header)
-	return c.TwoFactorRecoveryRepo.SetPassKeyRecovery(ctx, userID, req)
+	return c.TwoFactorRecoveryRepo.SetPasskeyRecovery(ctx, userID, req)
 }
 
 func (c *UserController) GetPasskeyRecoveryResponse(ctx *gin.Context, passKeySessionID string) (*ente.TwoFactorRecoveryResponse, error) {
@@ -27,11 +27,11 @@ func (c *UserController) GetPasskeyRecoveryResponse(ctx *gin.Context, passKeySes
 	if err != nil {
 		return nil, err
 	}
-	if !recoveryStatus.IsPassKeyRecoveryEnabled {
+	if !recoveryStatus.IsPasskeyRecoveryEnabled {
 		return nil, ente.NewBadRequestWithMessage("Passkey reset is not configured")
 	}
 
-	result, err := c.TwoFactorRecoveryRepo.GetPasskeySkipChallenge(ctx, userID)
+	result, err := c.TwoFactorRecoveryRepo.GetPasskeyRecoveryData(ctx, userID)
 	if err != nil {
 		return nil, err
 	}
@@ -46,7 +46,7 @@ func (c *UserController) SkipPasskeyVerification(context *gin.Context, req *ente
 	if err != nil {
 		return nil, stacktrace.Propagate(err, "")
 	}
-	exists, err := c.TwoFactorRecoveryRepo.VerifyPasskeySkipSecret(userID, req.Secret)
+	exists, err := c.TwoFactorRecoveryRepo.ValidatePasskeyRecoverySecret(userID, req.Secret)
 	if err != nil {
 		return nil, stacktrace.Propagate(err, "")
 	}

server/pkg/repo/two_factor_recovery/repository.go

@@ -26,29 +26,29 @@ func (r *Repository) GetStatus(userID int64) (*ente.TwoFactorRecoveryStatus, err
 			// by default, admin
 			return &ente.TwoFactorRecoveryStatus{
 				AllowAdminReset:          true,
-				IsPassKeyRecoveryEnabled: false,
+				IsPasskeyRecoveryEnabled: false,
 			}, nil
 		}
 		return nil, err
 	}
-	return &ente.TwoFactorRecoveryStatus{AllowAdminReset: isAdminResetEnabled, IsPassKeyRecoveryEnabled: len(resetKey) > 0}, nil
+	return &ente.TwoFactorRecoveryStatus{AllowAdminReset: isAdminResetEnabled, IsPasskeyRecoveryEnabled: len(resetKey) > 0}, nil
 }
 
-func (r *Repository) SetPassKeyRecovery(ctx context.Context, userID int64, req *ente.SetPassKeyRecoveryRequest) error {
-	serveEncPassKey, encRrr := crypto.Encrypt(req.Secret.String(), r.SecretEncryptionKey)
-	if encRrr != nil {
-		return stacktrace.Propagate(encRrr, "failed to encrypt passkey secret")
+func (r *Repository) SetPasskeyRecovery(ctx context.Context, userID int64, req *ente.SetPasskeyRecoveryRequest) error {
+	serveEncPasskey, encErr := crypto.Encrypt(req.Secret.String(), r.SecretEncryptionKey)
+	if encErr != nil {
+		return stacktrace.Propagate(encErr, "failed to encrypt passkey secret")
 	}
 	_, err := r.Db.ExecContext(ctx, `INSERT INTO two_factor_recovery 
     (user_id, server_passkey_secret_data, server_passkey_secret_nonce, user_passkey_secret_data, user_passkey_secret_nonce) 
 	VALUES ($1, $2, $3, $4, $5)  ON CONFLICT (user_id) 
 	DO UPDATE SET server_passkey_secret_data = $2, server_passkey_secret_nonce = $3, user_passkey_secret_data = $4, user_passkey_secret_nonce = $5 
 	WHERE two_factor_recovery.user_passkey_secret_data IS NULL AND two_factor_recovery.server_passkey_secret_data IS NULL`,
-		userID, serveEncPassKey.Cipher, serveEncPassKey.Nonce, req.UserSecretCipher, req.UserSecretNonce)
+		userID, serveEncPasskey.Cipher, serveEncPasskey.Nonce, req.UserSecretCipher, req.UserSecretNonce)
 	return err
 }
 
-func (r *Repository) GetPasskeySkipChallenge(ctx context.Context, userID int64) (*ente.TwoFactorRecoveryResponse, error) {
+func (r *Repository) GetPasskeyRecoveryData(ctx context.Context, userID int64) (*ente.TwoFactorRecoveryResponse, error) {
 	var result *ente.TwoFactorRecoveryResponse
 	err := r.Db.QueryRowContext(ctx, "SELECT user_passkey_secret_data, user_passkey_secret_nonce FROM two_factor_recovery WHERE  user_id= $1", userID).Scan(result.EncryptedSecret, result.SecretDecryptionNonce)
 	if err != nil {
@@ -57,8 +57,8 @@ func (r *Repository) GetPasskeySkipChallenge(ctx context.Context, userID int64)
 	return result, nil
 }
 
-// VerifyPasskeySkipSecret checks if the passkey skip secret is valid for a user
-func (r *Repository) VerifyPasskeySkipSecret(userID int64, skipSecret string) (bool, error) {
+// ValidatePasskeyRecoverySecret checks if the passkey skip secret is valid for a user
+func (r *Repository) ValidatePasskeyRecoverySecret(userID int64, secret string) (bool, error) {
 	// get server_passkey_secret_data and server_passkey_secret_nonce for given user id
 	var severSecreteData, serverSecretNonce []byte
 	row := r.Db.QueryRow(`SELECT server_passkey_secret_data, server_passkey_secret_nonce FROM two_factor_recovery WHERE user_id = $1`, userID)
@@ -71,7 +71,7 @@ func (r *Repository) VerifyPasskeySkipSecret(userID int64, skipSecret string) (b
 	if decErr != nil {
 		return false, stacktrace.Propagate(decErr, "failed to decrypt passkey reset key")
 	}
-	if skipSecret != serverSkipSecretKey {
+	if secret != serverSkipSecretKey {
 		logrus.Warn("invalid passkey skip secret")
 		return false, nil
 	}