mirror of
https://github.com/documenso/documenso.git
synced 2025-11-13 08:13:56 +10:00
7f09ba72f4
This PR is handles the changes required to support envelopes. The new envelope editor/signing page will be hidden during release. The core changes here is to migrate the documents and templates model to a centralized envelopes model. Even though Documents and Templates are removed, from the user perspective they will still exist as we remap envelopes to documents and templates.
39 lines
1.0 KiB
TypeScript
39 lines
1.0 KiB
TypeScript
import { hmac } from '@noble/hashes/hmac';
|
|
import { sha256 } from '@noble/hashes/sha256';
|
|
import { createTOTPKeyURI } from 'oslo/otp';
|
|
|
|
import { DOCUMENSO_ENCRYPTION_KEY } from '../../../constants/crypto';
|
|
|
|
const ISSUER = 'Documenso Email 2FA';
|
|
|
|
export type GenerateTwoFactorCredentialsFromEmailOptions = {
|
|
envelopeId: string;
|
|
email: string;
|
|
};
|
|
|
|
/**
|
|
* Generate an encrypted token containing a 6-digit 2FA code for email verification.
|
|
*
|
|
* @param options - The options for generating the token
|
|
* @returns Object containing the token and the 6-digit code
|
|
*/
|
|
export const generateTwoFactorCredentialsFromEmail = ({
|
|
envelopeId,
|
|
email,
|
|
}: GenerateTwoFactorCredentialsFromEmailOptions) => {
|
|
if (!DOCUMENSO_ENCRYPTION_KEY) {
|
|
throw new Error('Missing DOCUMENSO_ENCRYPTION_KEY');
|
|
}
|
|
|
|
const identity = `email-2fa|v1|email:${email}|id:${envelopeId}`;
|
|
|
|
const secret = hmac(sha256, DOCUMENSO_ENCRYPTION_KEY, identity);
|
|
|
|
const uri = createTOTPKeyURI(ISSUER, email, secret);
|
|
|
|
return {
|
|
uri,
|
|
secret,
|
|
};
|
|
};
|