Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-13 08:13:56 +10:00
Code Issues Packages Projects Releases Wiki Activity
Files
3d0e3c6e8ea375df6b92d181caf1170f9bb398c6
documenso/packages/lib/server-only/2fa/get-backup-code.ts
David Nguyen 383b5f78f0 feat: migrate nextjs to rr7
2025-02-13 14:10:38 +11:00

42 lines
994 B
TypeScript
Raw Blame History

import type { User } from '@prisma/client';
import { z } from 'zod';
import { DOCUMENSO_ENCRYPTION_KEY } from '../../constants/crypto';
import { symmetricDecrypt } from '../../universal/crypto';
interface GetBackupCodesOptions {
user: Pick<User, 'id' | 'twoFactorEnabled' | 'twoFactorBackupCodes'>;
}
const ZBackupCodeSchema = z.array(z.string());
export const getBackupCodes = ({ user }: GetBackupCodesOptions) => {
const key = DOCUMENSO_ENCRYPTION_KEY;
if (!key) {
throw new Error('Missing DOCUMENSO_ENCRYPTION_KEY');
}
if (!user.twoFactorEnabled) {
throw new Error('User has not enabled 2FA');
}
if (!user.twoFactorBackupCodes) {
throw new Error('User has no backup codes');
}
const secret = Buffer.from(symmetricDecrypt({ key, data: user.twoFactorBackupCodes })).toString(
'utf-8',
);
const data = JSON.parse(secret);
const result = ZBackupCodeSchema.safeParse(data);
if (result.success) {
return result.data;
}
return null;
};
Reference in New Issue View Git Blame Copy Permalink