forked from abhishek97/dumbass
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathcontroller.js
More file actions
129 lines (103 loc) · 3.43 KB
/
controller.js
File metadata and controls
129 lines (103 loc) · 3.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
const { getOtpMessageText, generateOtp } = require('utils/otp')
const { createOtp, getOtpById, updateOtpById } = require('services/db')
const { sendSms } = require('services/sms')
const { sendEmail } = require('services/email')
const { ResponseError } = require('utils/error')
const sentry = require('@sentry/node')
module.exports.handleSendOtp = async (req, res, next) => {
// get the message to be sent
const otp = generateOtp()
const messageText = getOtpMessageText(otp, req.body.template)
if (req.body.mobile) {
// we are sending an sms on mobile
const { mobile, dialCode = '+91', payload } = req.body
// create otp in mongo
const { id: createdOtpId, revert } = await createOtp({
type: 'mobile',
mobile,
dialCode,
message: messageText,
otp,
payload
})
try {
await sendSms(dialCode + mobile, messageText)
res.json({
id: createdOtpId
})
} catch (err) {
sentry.captureException(err)
await revert()
return res.status(400).json(new ResponseError('SMS_API_ERROR', "Can't send OTP to that number"))
}
} else if (req.body.email) {
const { email, payload } = req.body
// create otp in mongo
const { id: createdOtpId, revert } = await createOtp({
type: 'email',
email,
message: messageText,
otp,
payload
})
try {
// send the actual email
await sendEmail(email, messageText)
// send back response
res.json({
id: createdOtpId
})
} catch (e) {
sentry.captureException(err)
// revert DB insert
await revert()
return res.status(400).json(new ResponseError('EMAIL_API_ERROR', "Can't send OTP to that email"))
}
} else {
res.status(400).json(new ResponseError('MOBILE_OR_EMAIL_REQUIRED', 'Either one of mobile and email is required'))
}
}
module.exports.handleVerifyOtp = async (req, res, next) => {
const { code } = req.body
if (req.params.id.length != 24) {
return res.status(404).json(new ResponseError('OTP_NOT_FOUND'))
}
const otp = await getOtpById(req.params.id)
if (!otp) {
return res.status(404).json(new ResponseError('OTP_NOT_FOUND'))
}
if (!code) {
return res.status(400).json(new ResponseError('VALIDATION_ERROR', 'parameter code is required'))
}
// otp expires if created more than 5 mins ago
if ( (new Date() - otp.createdAt) > (5 * 60 * 60 * 1000) ) {
return res.status(400).json(new ResponseError('EXPIRED_OTP', 'This OTP is expired. You must generate a new one'))
}
if (otp.otp !== code) {
return res.status(400).json(new ResponseError('INVALID_OTP', 'the otp is invalid'))
}
if (otp.verifiedAt)
return res.status(400).json(new ResponseError('ALREADY_VERIFIED', 'the otp is already verified'))
// otp is valid and we update the claim
await updateOtpById(otp._id, {
verifiedAt: new Date(),
})
res.sendStatus(204)
}
module.exports.handleGetById = async (req, res, next) => {
const otp = await getOtpById(req.params.id)
if (!otp)
return res.sendStatus(404)
if (!otp.verifiedAt)
return res.status(403).json(new ResponseError('NOT_VERIFIED', 'OTP is not verified yet. You can only fetch verified, non-consumed OTPs'))
res.json(otp)
}
module.exports.handleDeleteById = async (req, res) => {
const otp = await getOtpById(req.params.id)
if (!otp)
return res.sendStatus(404)
await updateOtpById(otp._id, {
deletedAt: new Date()
})
res.sendStatus(204)
}