diff --git a/src/services/customer/CustomersService/CustomersService.ts b/src/services/customer/CustomersService/CustomersService.ts index 7a5789f6..8af9653e 100644 --- a/src/services/customer/CustomersService/CustomersService.ts +++ b/src/services/customer/CustomersService/CustomersService.ts @@ -107,7 +107,7 @@ export default class CustomersService extends BaseService { const reason = customer.password ? TotpCodesReasons.LOGIN : TotpCodesReasons.FIRST_LOGIN; // 4: Save the SMS code in database - const totpCode = await this.saveTotpPin(customer, totpPin, new Date(now + 5 * 60000), reason); + const totpCode = await this.saveTotpPin(customer, totpPin, new Date(now + 5 * 60 * 1000), reason); if (!totpCode) return null; // 5: Send the SMS code to the customer if(this.variables.ENV !== 'dev') await this.sendSmsCodeToCustomer(totpPin, customer); @@ -272,13 +272,13 @@ export default class CustomersService extends BaseService { const customerHydrated = Customer.hydrate(customer); - // 2: Get last code sent + // 2: Get last code sent and check if it's still valid const totpCodeToResend = customerHydrated.totpCodes?.find((totpCode) => { return totpCode.uid === totpCodeUid && totpCode.expire_at && totpCode.expire_at.getTime() > now; }); if (!totpCodeToResend) throw new TotpCodeExpiredError(); - // 3: Check if it was created more than 30 seconds ago + // 3: Check if it was created more than 30 seconds ago and hasn't been resent yet if (totpCodeToResend.created_at && totpCodeToResend.created_at.getTime() > now - 30000 && totpCodeToResend.resent) throw new TooSoonForNewCode(); @@ -288,8 +288,8 @@ export default class CustomersService extends BaseService { // 5: Disable the old code await this.totpCodesRepository.disable(totpCodeToResend); - // 6: Save the SMS code in database - const totpCode = await this.saveTotpPin(customer, totpPin, new Date(now + 5 * 60000), totpCodeToResend.reason!, true); + // 6: Save the SMS code in database with the same reason as the old one + const totpCode = await this.saveTotpPin(customer, totpPin, new Date(now + 5 * 60 * 1000), totpCodeToResend.reason!, true); // 7: Send the SMS code to the customer if(this.variables.ENV !== 'dev') await this.sendSmsCodeToCustomer(totpPin, customer);