diff --git a/src/app/api/customer/AuthController.ts b/src/app/api/customer/AuthController.ts index 7b2b1dd0..631dce4c 100644 --- a/src/app/api/customer/AuthController.ts +++ b/src/app/api/customer/AuthController.ts @@ -8,6 +8,7 @@ import CustomersService, { NotRegisteredCustomerError, PasswordAlreadySetError, SmsNotExpiredError, + TooSoonForNewCode, TotpCodeExpiredError, } from "@Services/customer/CustomersService/CustomersService"; import AuthService from "@Services/common/AuthService/AuthService"; @@ -219,7 +220,7 @@ export default class AuthController extends ApiController { } this.httpSuccess(response, { partialPhoneNumber: customer.contact?.cell_phone_number.replace(/\s/g, "").slice(-4) }); } catch (error) { - if (error instanceof InvalidTotpCodeError || error instanceof TotpCodeExpiredError) { + if (error instanceof TooSoonForNewCode || error instanceof TotpCodeExpiredError) { this.httpUnauthorized(response, error.message); return; } diff --git a/src/services/customer/CustomersService/CustomersService.ts b/src/services/customer/CustomersService/CustomersService.ts index 96aeb5ae..e4dc47a9 100644 --- a/src/services/customer/CustomersService/CustomersService.ts +++ b/src/services/customer/CustomersService/CustomersService.ts @@ -42,6 +42,12 @@ export class PasswordAlreadySetError extends Error { super("Password already set"); } } + +export class TooSoonForNewCode extends Error { + constructor() { + super("You need to wait at least 30 seconds before asking for a new code"); + } +} @Service() export default class CustomersService extends BaseService { constructor( @@ -258,10 +264,10 @@ export default class CustomersService extends BaseService { const lastCode = customerHydrated.totpCodes?.find((totpCode) => { return totpCode.expire_at && totpCode.expire_at.getTime() > now; }); - if (!lastCode) throw new SmsNotExpiredError(); + if (!lastCode) throw new TotpCodeExpiredError(); // 3: Check if it was created more than 30 seconds ago - if (lastCode.created_at && lastCode.created_at.getTime() > now - 30000) throw new SmsNotExpiredError(); + if (lastCode.created_at && lastCode.created_at.getTime() > now - 30000) throw new TooSoonForNewCode(); // 4: Generate a new SMS code const totpPin = this.generateTotp();