mirror of
https://github.com/documenso/documenso.git
synced 2026-07-13 06:25:01 +10:00
138d663c25
Merge origin/main into feat/external-2fa-codes. Resolve formatting conflicts caused by biome rollout; preserve both feature streams: PR's external 2FA token + signing-session 2FA proof additions plus main's RateLimit/RecipientExpired/signingReminders/date-auto-insert. In complete-document-with-token.ts, drop the duplicate early field-fetching block introduced when main moved that logic later with date auto-insert support; keep the EXTERNAL_TWO_FACTOR_AUTH check using derivedRecipientActionAuth.
31 lines
866 B
TypeScript
31 lines
866 B
TypeScript
import type { User } from '@prisma/client';
|
|
|
|
import { AppError } from '../../errors/app-error';
|
|
import { getBackupCodes } from './get-backup-code';
|
|
import { validateTwoFactorAuthentication } from './validate-2fa';
|
|
|
|
type ViewBackupCodesOptions = {
|
|
user: Pick<User, 'id' | 'email' | 'twoFactorEnabled' | 'twoFactorSecret' | 'twoFactorBackupCodes'>;
|
|
token: string;
|
|
};
|
|
|
|
export const viewBackupCodes = async ({ token, user }: ViewBackupCodesOptions) => {
|
|
let isValid = await validateTwoFactorAuthentication({ totpCode: token, user });
|
|
|
|
if (!isValid) {
|
|
isValid = await validateTwoFactorAuthentication({ backupCode: token, user });
|
|
}
|
|
|
|
if (!isValid) {
|
|
throw new AppError('INCORRECT_TWO_FACTOR_CODE');
|
|
}
|
|
|
|
const backupCodes = getBackupCodes({ user });
|
|
|
|
if (!backupCodes) {
|
|
throw new AppError('MISSING_BACKUP_CODE');
|
|
}
|
|
|
|
return backupCodes;
|
|
};
|