Merge pull request #82 from SyncrowIOT/feature/otp-config

Feature/otp config
2025-07-16 02:36:19 +00:00 · 2024-08-21 11:25:10 +03:00
parent bb669f5561 95a315db8f
commit f7813cd0b3
2 changed files with 10 additions and 7 deletions
--- a/.env.example
+++ b/.env.example
@ -88,3 +88,5 @@ FIREBASE_MEASUREMENT_ID=

 FIREBASE_DATABASE_URL=

+OTP_LIMITER=
+
--- a/src/auth/services/user-auth.service.ts
+++ b/src/auth/services/user-auth.service.ts
@ -20,6 +20,7 @@ import { UserEntity } from '../../../libs/common/src/modules/user/entities/user.
 import * as argon2 from 'argon2';
 import { differenceInSeconds } from '@app/common/helper/differenceInSeconds';
 import { LessThan, MoreThan } from 'typeorm';
+import { ConfigService } from '@nestjs/config';

@Injectable()
 export class UserAuthService {
@ -32,6 +33,7 @@ export class UserAuthService {
    private readonly emailService: EmailService,
    private readonly userRoleRepository: UserRoleRepository,
    private readonly roleTypeRepository: RoleTypeRepository,
+    private readonly configService: ConfigService,
  ) {}

  async signUp(userSignUpDto: UserSignUpDto): Promise<UserEntity> {
@ -96,11 +98,9 @@ export class UserAuthService {
        data.password,
        data.regionUuid,
      );
-
      if (!user) {
        throw new UnauthorizedException('Invalid login credentials.');
      }
-
      const session = await Promise.all([
        await this.sessionRepository.update(
          { userId: user.id },
@ -114,7 +114,6 @@ export class UserAuthService {
          isLoggedOut: false,
        }),
      ]);
-
      return await this.authService.login({
        email: user.email,
        userId: user.uuid,
@ -142,8 +141,10 @@ export class UserAuthService {
  }

  async generateOTP(data: UserOtpDto): Promise<string> {
-    const threeDaysAgo = new Date();
-    threeDaysAgo.setDate(threeDaysAgo.getDate() - 3);
+    const otpLimiter = new Date();
+    otpLimiter.setDate(
+      otpLimiter.getDate() - this.configService.get<number>('OTP_LIMITER'),
+    );
    const userExists = await this.userRepository.exists({
      where: {
        region: data.regionUuid
@ -162,14 +163,14 @@ export class UserAuthService {
    await this.otpRepository.delete({
      email: data.email,
      type: data.type,
-      createdAt: LessThan(threeDaysAgo),
+      createdAt: LessThan(otpLimiter),
    });
    const countOfOtp = await this.otpRepository.count({
      withDeleted: true,
      where: {
        email: data.email,
        type: data.type,
-        createdAt: MoreThan(threeDaysAgo),
+        createdAt: MoreThan(otpLimiter),
      },
    });
    const lastOtp = await this.otpRepository.findOne({