65 lines
1.4 KiB
TypeScript
65 lines
1.4 KiB
TypeScript
import fs from 'fs';
|
|
import path from 'path';
|
|
|
|
const OTP_FILE = path.join(process.cwd(), 'auth-otp.json');
|
|
|
|
interface OTPData {
|
|
code: string;
|
|
expiresAt: number;
|
|
}
|
|
|
|
// Map username -> OTP Data
|
|
type OTPStore = Record<string, OTPData>;
|
|
|
|
function getStore(): OTPStore {
|
|
if (!fs.existsSync(OTP_FILE)) return {};
|
|
try {
|
|
return JSON.parse(fs.readFileSync(OTP_FILE, 'utf8'));
|
|
} catch {
|
|
return {};
|
|
}
|
|
}
|
|
|
|
function saveStore(store: OTPStore) {
|
|
try {
|
|
fs.writeFileSync(OTP_FILE, JSON.stringify(store));
|
|
} catch (err) {
|
|
console.error("Error saving OTP store:", err);
|
|
}
|
|
}
|
|
|
|
export function generateOTP(username: string): string {
|
|
const code = Math.floor(100000 + Math.random() * 900000).toString(); // 6 digits
|
|
const store = getStore();
|
|
|
|
store[username] = {
|
|
code,
|
|
expiresAt: Date.now() + 5 * 60 * 1000, // 5 minutes
|
|
};
|
|
|
|
saveStore(store);
|
|
return code;
|
|
}
|
|
|
|
export function verifyOTP(username: string, code: string): boolean {
|
|
const store = getStore();
|
|
const entry = store[username];
|
|
|
|
if (!entry) return false;
|
|
|
|
if (Date.now() > entry.expiresAt) {
|
|
delete store[username];
|
|
saveStore(store);
|
|
return false;
|
|
}
|
|
|
|
// Compare strings safely
|
|
if (String(entry.code).trim() === String(code).trim()) {
|
|
delete store[username]; // Consume OTP so it can't be reused
|
|
saveStore(store);
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|