fix: errors

2025-11-20 11:41:44 +10:00 · 2025-02-06 01:57:23 +11:00
parent 7effe66387
commit 738201eb55
43 changed files with 159 additions and 1068 deletions
--- a/packages/lib/server-only/2fa/get-backup-code.ts
+++ b/packages/lib/server-only/2fa/get-backup-code.ts
@ -13,6 +13,10 @@ const ZBackupCodeSchema = z.array(z.string());
 export const getBackupCodes = ({ user }: GetBackupCodesOptions) => {
  const key = DOCUMENSO_ENCRYPTION_KEY;

+  if (!key) {
+    throw new Error('Missing DOCUMENSO_ENCRYPTION_KEY');
+  }
+
  if (!user.twoFactorEnabled) {
    throw new Error('User has not enabled 2FA');
  }
--- a/packages/lib/server-only/2fa/validate-2fa.ts
+++ b/packages/lib/server-only/2fa/validate-2fa.ts
@ -7,7 +7,10 @@ import { verifyBackupCode } from './verify-backup-code';
 type ValidateTwoFactorAuthenticationOptions = {
  totpCode?: string;
  backupCode?: string;
-  user: Pick<User, 'id' | 'email' | 'twoFactorEnabled' | 'twoFactorSecret'>;
+  user: Pick<
+    User,
+    'id' | 'email' | 'twoFactorEnabled' | 'twoFactorSecret' | 'twoFactorBackupCodes'
+  >;
 };

 export const validateTwoFactorAuthentication = async ({
@ -28,7 +31,7 @@ export const validateTwoFactorAuthentication = async ({
  }

  if (backupCode) {
-    return await verifyBackupCode({ user, backupCode });
+    return verifyBackupCode({ user, backupCode });
  }

  throw new AppError('TWO_FACTOR_MISSING_CREDENTIALS');
--- a/packages/lib/server-only/2fa/verify-2fa-token.ts
+++ b/packages/lib/server-only/2fa/verify-2fa-token.ts
@ -6,7 +6,7 @@ import { DOCUMENSO_ENCRYPTION_KEY } from '../../constants/crypto';
 import { symmetricDecrypt } from '../../universal/crypto';

 type VerifyTwoFactorAuthenticationTokenOptions = {
-  user: User;
+  user: Pick<User, 'id' | 'twoFactorSecret'>;
  totpCode: string;
  // The number of windows to look back
  window?: number;
@ -22,6 +22,10 @@ export const verifyTwoFactorAuthenticationToken = async ({
 }: VerifyTwoFactorAuthenticationTokenOptions) => {
  const key = DOCUMENSO_ENCRYPTION_KEY;

+  if (!key) {
+    throw new Error('Missing DOCUMENSO_ENCRYPTION_KEY');
+  }
+
  if (!user.twoFactorSecret) {
    throw new Error('user missing 2fa secret');
  }
--- a/packages/lib/server-only/2fa/verify-backup-code.ts
+++ b/packages/lib/server-only/2fa/verify-backup-code.ts
@ -3,12 +3,12 @@ import type { User } from '@prisma/client';
 import { getBackupCodes } from './get-backup-code';

 type VerifyBackupCodeParams = {
-  user: Pick<User, 'id' | 'email' | 'twoFactorEnabled' | 'twoFactorBackupCodes'>;
+  user: Pick<User, 'id' | 'twoFactorEnabled' | 'twoFactorBackupCodes'>;
  backupCode: string;
 };

-export const verifyBackupCode = async ({ user, backupCode }: VerifyBackupCodeParams) => {
-  const userBackupCodes = await getBackupCodes({ user });
+export const verifyBackupCode = ({ user, backupCode }: VerifyBackupCodeParams) => {
+  const userBackupCodes = getBackupCodes({ user });

  if (!userBackupCodes) {
    throw new Error('User has no backup codes');