mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-08-04 01:55:10 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

check and verify 2fa backup code

Browse source
This commit is contained in:
Milo Schwartz 2024-10-05 15:45:01 -04:00
parent 4a5e0e1c57
commit 863f94c8db
No known key found for this signature in database
6 changed files with 79 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

9
server/routers/auth/changePassword.ts
View file

@ -9,9 +9,8 @@ import { User, users } from "@server/db/schema";
import { eq } from "drizzle-orm";
import { response } from "@server/utils";
import { hashPassword, verifyPassword } from "./password";
import { verifyTotpCode } from "./verifyTotpCode";
import { verifyTotpCode } from "./2fa";
import { passwordSchema } from "./passwordSchema";
import logger from "@server/logger";
export const changePasswordBody = z.object({
oldPassword: z.string(),
@ -72,7 +71,11 @@ export async function changePassword(
status: HttpCode.ACCEPTED,
});
}
const validOTP = await verifyTotpCode(code!, user.twoFactorSecret!);
const validOTP = await verifyTotpCode(
code!,
user.twoFactorSecret!,
user.id,
);
if (!validOTP) {
return next(