(
jti: string | undefined,
type: TemplateType,
code: string,
payload: { phone: string } | { email: string }
)
| 121 | |
| 122 | // eslint-disable-next-line complexity |
| 123 | const verifyPasscode = async ( |
| 124 | jti: string | undefined, |
| 125 | type: TemplateType, |
| 126 | code: string, |
| 127 | payload: { phone: string } | { email: string } |
| 128 | ): Promise<void> => { |
| 129 | const passcode = jti |
| 130 | ? // Session based flows. E.g. SignIn, Register, etc. |
| 131 | await findUnconsumedPasscodeByJtiAndType(jti, type) |
| 132 | : // Generic flow. E.g. Triggered by management API |
| 133 | await findUnconsumedPasscodeByIdentifierAndType({ type, ...payload }); |
| 134 | |
| 135 | if (!passcode) { |
| 136 | throw new RequestError('verification_code.not_found'); |
| 137 | } |
| 138 | |
| 139 | if ('phone' in payload && passcode.phone !== payload.phone) { |
| 140 | throw new RequestError('verification_code.phone_mismatch'); |
| 141 | } |
| 142 | |
| 143 | if ('email' in payload && passcode.email !== payload.email) { |
| 144 | throw new RequestError('verification_code.email_mismatch'); |
| 145 | } |
| 146 | |
| 147 | const { verificationCodePolicy } = |
| 148 | await queries.signInExperiences.findDefaultSignInExperience(); |
| 149 | const expirationMs = |
| 150 | (verificationCodePolicy.expirationDuration ?? |
| 151 | defaultVerificationCodePolicy.expirationDuration) * 1000; |
| 152 | const maxTryCount = |
| 153 | verificationCodePolicy.maxRetryAttempts ?? defaultVerificationCodePolicy.maxRetryAttempts; |
| 154 | |
| 155 | if (passcode.createdAt + expirationMs < Date.now()) { |
| 156 | throw new RequestError('verification_code.expired'); |
| 157 | } |
| 158 | |
| 159 | if (passcode.tryCount >= maxTryCount) { |
| 160 | throw new RequestError('verification_code.exceed_max_try'); |
| 161 | } |
| 162 | |
| 163 | if (code !== passcode.code) { |
| 164 | await increasePasscodeTryCount(passcode.id); |
| 165 | throw new RequestError('verification_code.code_mismatch'); |
| 166 | } |
| 167 | |
| 168 | await consumePasscode(passcode.id); |
| 169 | }; |
| 170 | |
| 171 | /** |
| 172 | * Build the context information for the verification code email template. |
no test coverage detected