Merge pull request 'feat/otp-cancel' (#148) from feat/otp-cancel into development

Reviewed-on: #148
2025-06-10 15:19:45 +07:00 · 2025-06-10 15:19:45 +07:00 · e24fee86ba
parent 399ca0bdda 16df6945b7
commit e24fee86ba
2 changed files with 25 additions and 8 deletions
--- a/src/core/helpers/otp/otp-service.ts
+++ b/src/core/helpers/otp/otp-service.ts
@ -38,6 +38,14 @@ export class OtpService {
    return Object.values(counts).some((count) => count > 2);
  }

+  private hasNoMatchLength(str: string) {
+    return str.length !== this.otpLength;
+  }
+
+  private hasStartWithZero(str: string) {
+    return str.split('')[0] === '0';
+  }
+
  public generateSecureOTP(): string {
    let otp: string;

@ -46,11 +54,12 @@ export class OtpService {
        Math.floor(Math.random() * 10).toString(),
      ).join('');
    } while (
+      this.hasNoMatchLength(otp) ||
      this.hasSequentialDigits(otp) ||
      this.hasRepeatedDigits(otp) ||
      this.isPalindrome(otp) ||
      this.hasPartiallyRepeatedDigits(otp) ||
-      otp?.length < this.otpLength
+      this.hasStartWithZero(otp)
    );
    return otp;
  }
--- a/src/modules/configuration/otp-verification/data/services/otp-verification.service.ts
+++ b/src/modules/configuration/otp-verification/data/services/otp-verification.service.ts
@ -74,7 +74,9 @@ export class OtpVerificationService {
      const createdAtMoment = moment(Number(activeOTP.created_at));
      const nowMoment = moment(Number(dateNow));
      const diffSeconds = nowMoment.diff(createdAtMoment, 'seconds');
-      if (diffSeconds < 60) {
+      const isProduction = process.env.NODE_ENV === 'true';
+
+      if (diffSeconds < 60 && isProduction) {
        throw new BadRequestException(
          'An active OTP request was made recently. Please try again later.',
        );
@ -116,10 +118,13 @@ export class OtpVerificationService {
      );
    }

+    let otp: any;
+
    // Build a where condition with OR between target_id and reference
-    const otp = await this.otpVerificationRepo.findOne({
-      where: [
-        {
+
+    if (target_id) {
+      otp = await this.otpVerificationRepo.findOne({
+        where: {
          otp_code,
          action_type,
          target_id,
@ -127,7 +132,10 @@ export class OtpVerificationService {
          is_used: false,
          is_replaced: false,
        },
-        {
+      });
+    } else if (reference) {
+      otp = await this.otpVerificationRepo.findOne({
+        where: {
          otp_code,
          action_type,
          reference,
@ -135,8 +143,8 @@ export class OtpVerificationService {
          is_used: false,
          is_replaced: false,
        },
-      ],
-    });
+      });
+    }

    if (!otp) {
      throw new BadRequestException('Invalid or expired OTP.');