@zimpligital/medusa-plugin-auth-otp
Version:
A starter for Medusa plugins.
69 lines • 5.88 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.validateOTPRequestStep = void 0;
const workflows_sdk_1 = require("@medusajs/framework/workflows-sdk");
const date_fns_1 = require("date-fns");
const auth_otp_1 = require("../../../modules/auth-otp");
const utils_1 = require("@medusajs/framework/utils");
exports.validateOTPRequestStep = (0, workflows_sdk_1.createStep)('validate-otp-request-step', async (input, { container }) => {
const authOTPService = container.resolve(auth_otp_1.AUTH_OTP_MODULE_SERVICE);
const retryDelay = await authOTPService.getRetryDelay();
const exceededAttemptRequest = await authOTPService
.listOtpRequests({
phone: input.phone,
status: 'exceeded_attempts',
}, {
take: 1,
order: {
created_at: 'desc',
},
})
.then((res) => res[0]);
if (exceededAttemptRequest) {
const exceededAttemptAt = exceededAttemptRequest.attempts_exceeded_at;
const availableRetryAt = (0, date_fns_1.addSeconds)(exceededAttemptAt, retryDelay);
const now = new Date();
if ((0, date_fns_1.isAfter)(availableRetryAt, now)) {
throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, 'OTP attemps exceeded', 'OTP_ATTEMPTS_EXCEEDED');
}
}
const pendingRequests = await authOTPService.listOtpRequests({
phone: input.phone,
status: 'pending',
expired_at: {
$gt: new Date(),
},
}, {
take: 1,
order: {
created_at: 'desc',
},
});
const lastestRequest = pendingRequests[0];
if (!lastestRequest) {
return new workflows_sdk_1.StepResponse({});
}
const latestRequestAt = lastestRequest.created_at;
const retryThreshold = (0, date_fns_1.subSeconds)(new Date(), retryDelay);
if ((0, date_fns_1.isAfter)(latestRequestAt, retryThreshold)) {
throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, `Too many requests, please try again after ${retryDelay} seconds`, 'TOO_MANY_REQUESTS');
}
for await (const pendingRequest of pendingRequests) {
await authOTPService.updateOtpRequests({
id: pendingRequest.id,
status: 'overridden',
});
}
const fifteenMinutesAgo = (0, date_fns_1.subMinutes)(new Date(), 15);
const overriddenRequests = await authOTPService.listOtpRequests({
phone: input.phone,
status: 'overridden',
created_at: {
$gt: fifteenMinutesAgo,
},
});
if (overriddenRequests.length >= 5) {
throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, 'Too many retry-requests, please try again after 15 minutes', 'TOO_MANY_RETRY_REQUESTS');
}
});
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidmFsaWRhdGUtcmVxdWVzdC1zdGVwLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vc3JjL3dvcmtmbG93cy9yZXF1ZXN0LW90cC13b3JrZmxvdy9zdGVwcy92YWxpZGF0ZS1yZXF1ZXN0LXN0ZXAudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEscUVBQTZFO0FBQzdFLHVDQUF1RTtBQUV2RSx3REFBb0U7QUFFcEUscURBQXdEO0FBRTNDLFFBQUEsc0JBQXNCLEdBQUcsSUFBQSwwQkFBVSxFQUMvQywyQkFBMkIsRUFDM0IsS0FBSyxFQUFFLEtBQThCLEVBQUUsRUFBRSxTQUFTLEVBQUUsRUFBRSxFQUFFO0lBQ3ZELE1BQU0sY0FBYyxHQUF5QixTQUFTLENBQUMsT0FBTyxDQUM3RCxrQ0FBdUIsQ0FDdkIsQ0FBQztJQUNGLE1BQU0sVUFBVSxHQUFHLE1BQU0sY0FBYyxDQUFDLGFBQWEsRUFBRSxDQUFDO0lBQ3hELE1BQU0sc0JBQXNCLEdBQUcsTUFBTSxjQUFjO1NBQ2pELGVBQWUsQ0FDZjtRQUNDLEtBQUssRUFBRSxLQUFLLENBQUMsS0FBSztRQUNsQixNQUFNLEVBQUUsbUJBQW1CO0tBQzNCLEVBQ0Q7UUFDQyxJQUFJLEVBQUUsQ0FBQztRQUNQLEtBQUssRUFBRTtZQUNOLFVBQVUsRUFBRSxNQUFNO1NBQ2xCO0tBQ0QsQ0FDRDtTQUNBLElBQUksQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFFeEIsSUFBSSxzQkFBc0IsRUFBRSxDQUFDO1FBQzVCLE1BQU0saUJBQWlCLEdBQ3RCLHNCQUFzQixDQUFDLG9CQUE0QixDQUFDO1FBQ3JELE1BQU0sZ0JBQWdCLEdBQUcsSUFBQSxxQkFBVSxFQUFDLGlCQUFpQixFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBQ25FLE1BQU0sR0FBRyxHQUFHLElBQUksSUFBSSxFQUFFLENBQUM7UUFDdkIsSUFBSSxJQUFBLGtCQUFPLEVBQUMsZ0JBQWdCLEVBQUUsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUNwQyxNQUFNLElBQUksbUJBQVcsQ0FDcEIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5QixzQkFBc0IsRUFDdEIsdUJBQXVCLENBQ3ZCLENBQUM7UUFDSCxDQUFDO0lBQ0YsQ0FBQztJQUVELE1BQU0sZUFBZSxHQUFHLE1BQU0sY0FBYyxDQUFDLGVBQWUsQ0FDM0Q7UUFDQyxLQUFLLEVBQUUsS0FBSyxDQUFDLEtBQUs7UUFDbEIsTUFBTSxFQUFFLFNBQVM7UUFDakIsVUFBVSxFQUFFO1lBQ1gsR0FBRyxFQUFFLElBQUksSUFBSSxFQUFFO1NBQ2Y7S0FDRCxFQUNEO1FBQ0MsSUFBSSxFQUFFLENBQUM7UUFDUCxLQUFLLEVBQUU7WUFDTixVQUFVLEVBQUUsTUFBTTtTQUNsQjtLQUNELENBQ0QsQ0FBQztJQUVGLE1BQU0sY0FBYyxHQUFHLGVBQWUsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUMxQyxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7UUFDckIsT0FBTyxJQUFJLDRCQUFZLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDN0IsQ0FBQztJQUVELE1BQU0sZUFBZSxHQUFHLGNBQWMsQ0FBQyxVQUFVLENBQUM7SUFDbEQsTUFBTSxjQUFjLEdBQUcsSUFBQSxxQkFBVSxFQUFDLElBQUksSUFBSSxFQUFFLEVBQUUsVUFBVSxDQUFDLENBQUM7SUFDMUQsSUFBSSxJQUFBLGtCQUFPLEVBQUMsZUFBZSxFQUFFLGNBQWMsQ0FBQyxFQUFFLENBQUM7UUFDOUMsTUFBTSxJQUFJLG1CQUFXLENBQ3BCLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVksRUFDOUIsNkNBQTZDLFVBQVUsVUFBVSxFQUNqRSxtQkFBbUIsQ0FDbkIsQ0FBQztJQUNILENBQUM7SUFFRCxJQUFJLEtBQUssRUFBRSxNQUFNLGNBQWMsSUFBSSxlQUFlLEVBQUUsQ0FBQztRQUNwRCxNQUFNLGNBQWMsQ0FBQyxpQkFBaUIsQ0FBQztZQUN0QyxFQUFFLEVBQUUsY0FBYyxDQUFDLEVBQUU7WUFDckIsTUFBTSxFQUFFLFlBQVk7U0FDcEIsQ0FBQyxDQUFDO0lBQ0osQ0FBQztJQUVELE1BQU0saUJBQWlCLEdBQUcsSUFBQSxxQkFBVSxFQUFDLElBQUksSUFBSSxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDckQsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLGNBQWMsQ0FBQyxlQUFlLENBQUM7UUFDL0QsS0FBSyxFQUFFLEtBQUssQ0FBQyxLQUFLO1FBQ2xCLE1BQU0sRUFBRSxZQUFZO1FBQ3BCLFVBQVUsRUFBRTtZQUNYLEdBQUcsRUFBRSxpQkFBaUI7U0FDdEI7S0FDRCxDQUFDLENBQUM7SUFDSCxJQUFJLGtCQUFrQixDQUFDLE1BQU0sSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUNwQyxNQUFNLElBQUksbUJBQVcsQ0FDcEIsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUM5Qiw0REFBNEQsRUFDNUQseUJBQXlCLENBQ3pCLENBQUM7SUFDSCxDQUFDO0FBQ0YsQ0FBQyxDQUNELENBQUMifQ==