// @ts-check const http = require("http"); const getAuthCookieNames = require("../package-shared/functions/backend/cookies/get-auth-cookie-names"); const parseCookies = require("../package-shared/utils/backend/parseCookies"); const decrypt = require("../package-shared/functions/dsql/decrypt"); const EJSON = require("../package-shared/utils/ejson"); /** * Verify the temp email code sent to the user's email address * ============================================================================== * @async * * @param {object} params - Single Param object containing params * @param {http.IncomingMessage & Object} params.request * @param {string} [params.email] * * @returns { Promise} */ async function validateTempEmailCode({ request, email }) { try { const keyNames = getAuthCookieNames(); const oneTimeCodeCookieName = keyNames.oneTimeCodeName; const cookies = parseCookies({ request }); const encryptedOneTimeCode = cookies[oneTimeCodeCookieName]; const encryptedPayload = decrypt({ encryptedString: encryptedOneTimeCode, }); const payload = /** @type {import("../package-shared/types").SendOneTimeCodeEmailResponse | undefined} */ ( EJSON.parse(encryptedPayload) ); if (payload?.email && !email) { return true; } if (payload?.email && payload.email === email) { return true; } return false; } catch (/** @type {any} */ error) { console.log("validateTempEmailCode error:", error.message); return false; } } module.exports = validateTempEmailCode;