Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-13 08:13:56 +10:00
Code Issues Packages Projects Releases Wiki Activity

feat: require 2fa code before account is deleted

Browse Source
This commit is contained in:
Ephraim Atta-Duncan
2024-01-21 15:38:32 +00:00
parent 7762b1db65
commit 9e433af112
5 changed files with 98 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
packages/lib/server-only/2fa/verify-2fa-token.ts
View File

@ -1,7 +1,7 @@
import { base32 } from '@scure/base';
import { TOTPController } from 'oslo/otp';
import { User } from '@documenso/prisma/client';
import type { User } from '@documenso/prisma/client';
import { DOCUMENSO_ENCRYPTION_KEY } from '../../constants/crypto';
import { symmetricDecrypt } from '../../universal/crypto';
@ -17,6 +17,7 @@ export const verifyTwoFactorAuthenticationToken = async ({
user,
totpCode,
}: VerifyTwoFactorAuthenticationTokenOptions) => {
// TODO: This is undefined and I can't figure out why.
const key = DOCUMENSO_ENCRYPTION_KEY;
if (!user.twoFactorSecret) {