✨ Route for checking sms code
This commit is contained in:
Maxime Lalo
parent
8192d93330
commit
d32532b5ed
@ -143,4 +143,35 @@ export default class AuthController extends ApiController {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Post("/api/v1/customer/auth/verify-totp-code")
|
||||||
|
protected async verifyTotpCode(req: Request, response: Response) {
|
||||||
|
const totpCode = req.body["totpCode"];
|
||||||
|
const email = req.body["email"];
|
||||||
|
if (!totpCode) {
|
||||||
|
this.httpBadRequest(response, "totpCode is required");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!email) {
|
||||||
|
this.httpBadRequest(response, "email is required");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
const customer = await this.customerService.verifyTotpCode(totpCode, email);
|
||||||
|
if (!customer) {
|
||||||
|
this.httpNotFoundRequest(response, "Customer not found");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
this.httpSuccess(response, { validCode: true });
|
||||||
|
} catch (error) {
|
||||||
|
if (error instanceof InvalidTotpCodeError || error instanceof TotpCodeExpiredError) {
|
||||||
|
this.httpUnauthorized(response, error.message);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
console.log(error);
|
||||||
|
this.httpInternalError(response);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -214,4 +214,25 @@ export default class CustomersService extends BaseService {
|
|||||||
private async sendSmsCodeToCustomer(totpPin: number, customer: Customer) {
|
private async sendSmsCodeToCustomer(totpPin: number, customer: Customer) {
|
||||||
console.log(totpPin);
|
console.log(totpPin);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public async verifyTotpCode(totpCode: string, email: string): Promise<Customer | null> {
|
||||||
|
// 1: Check if the customer exists
|
||||||
|
// 2: Check if the SMS code is existing and is not expired
|
||||||
|
// 3: Check if the SMS code is valid
|
||||||
|
// 4: Return the customer
|
||||||
|
|
||||||
|
// 1: Check if the customer exists
|
||||||
|
const customer = await this.getByEmail(email);
|
||||||
|
if (!customer) return null;
|
||||||
|
|
||||||
|
// 2: Check if the SMS code is existing and is not expired
|
||||||
|
if (!customer.smsCode || !customer.smsCodeExpire || new Date().getTime() > customer.smsCodeExpire.getTime())
|
||||||
|
throw new TotpCodeExpiredError();
|
||||||
|
|
||||||
|
// 3: Check if the SMS code is valid
|
||||||
|
if (customer.smsCode !== totpCode) throw new InvalidTotpCodeError();
|
||||||
|
|
||||||
|
// 4: Return the customer
|
||||||
|
return customer;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user