movie-web/backend
1
0
Fork 0
mirror of https://github.com/movie-web/backend.git synced 2025-09-13 18:13:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add challenge type validation

Browse Source
This commit is contained in:
William Oldham
2023-11-04 09:42:45 +00:00
parent bbd13453b2
commit 9c19cf509b
3 changed files with 21 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/services/challenge.ts
View File

@@ -8,6 +8,8 @@ export async function assertChallengeCode(
code: string,
publicKey: string,
signature: string,
validFlow: ChallengeFlow,
validType: ChallengeType,
) {
const now = Date.now();
@@ -15,7 +17,13 @@ export async function assertChallengeCode(
code,
});
if (!challenge) throw new StatusError('Challenge Code Invalid', 401);
if (
!challenge ||
challenge.flow !== validFlow ||
challenge.authType !== validType
) {
throw new StatusError('Challenge Code Invalid', 401);
}
if (challenge.expiresAt.getTime() <= now)
throw new StatusError('Challenge Code Expired', 401);