renato97/finanzas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feat: Add complete auth system (Login, Register, OTP/2FA via Telegram, Session management)

Browse Source
This commit is contained in:
ren
2026-01-29 14:57:19 +01:00
parent 811c78ffa5
commit 020218275f
14 changed files with 645 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
lib/otp.ts
View File

@@ -8,32 +8,57 @@ interface OTPData {
expiresAt: number;
}
export function generateOTP(): string {
return Math.floor(100000 + Math.random() * 900000).toString();
}
// Map username -> OTP Data
type OTPStore = Record<string, OTPData>;
export function saveOTP(code: string) {
const data: OTPData = {
code,
expiresAt: Date.now() + 5 * 60 * 1000 // 5 minutes
};
function getStore(): OTPStore {
if (!fs.existsSync(OTP_FILE)) return {};
try {
fs.writeFileSync(OTP_FILE, JSON.stringify(data));
} catch (err) {
console.error("Error saving OTP:", err);
return JSON.parse(fs.readFileSync(OTP_FILE, 'utf8'));
} catch {
return {};
}
}
export function verifyOTP(code: string): boolean {
if (!fs.existsSync(OTP_FILE)) return false;
function saveStore(store: OTPStore) {
try {
const data: OTPData = JSON.parse(fs.readFileSync(OTP_FILE, 'utf8'));
if (Date.now() > data.expiresAt) return false;
// Simple check
return String(data.code).trim() === String(code).trim();
} catch (e) {
console.error("Error verifying OTP:", e);
fs.writeFileSync(OTP_FILE, JSON.stringify(store));
} catch (err) {
console.error("Error saving OTP store:", err);
}
}
export function generateOTP(username: string): string {
const code = Math.floor(100000 + Math.random() * 900000).toString(); // 6 digits
const store = getStore();
store[username] = {
code,
expiresAt: Date.now() + 5 * 60 * 1000, // 5 minutes
};
saveStore(store);
return code;
}
export function verifyOTP(username: string, code: string): boolean {
const store = getStore();
const entry = store[username];
if (!entry) return false;
if (Date.now() > entry.expiresAt) {
delete store[username];
saveStore(store);
return false;
}
// Compare strings safely
if (String(entry.code).trim() === String(code).trim()) {
delete store[username]; // Consume OTP so it can't be reused
saveStore(store);
return true;
}
return false;
}