diff options
| author | schererleander <leander@schererleander.de> | 2025-12-26 18:08:48 +0100 |
|---|---|---|
| committer | schererleander <leander@schererleander.de> | 2025-12-26 18:08:48 +0100 |
| commit | ad7b4f1ab0b3ef2f71e9a70078716aed50cdbf64 (patch) | |
| tree | 944f78aeb0364e962b84c98ea6bb236072413656 /src/lib/auth.ts | |
| parent | a23753f65272dca3f0b54bed16d96512a3cbe20d (diff) | |
feat(auth): add two-factor authentication support
Diffstat (limited to 'src/lib/auth.ts')
| -rw-r--r-- | src/lib/auth.ts | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/src/lib/auth.ts b/src/lib/auth.ts index ad47d5f..91cf0cb 100644 --- a/src/lib/auth.ts +++ b/src/lib/auth.ts @@ -1,10 +1,10 @@ import { type NextAuthOptions } from "next-auth" import CredentialsProvider from "next-auth/providers/credentials" import bcrypt from "bcryptjs" -import { authenticator } from "otplib" import dbConnect from "./mongodb" import User from "@/model/User" import { loginSchema } from "./validation" +import { verifyTwoFactor } from "./auth-helpers" export const authOptions: NextAuthOptions = { providers: [ @@ -32,16 +32,10 @@ export const authOptions: NextAuthOptions = { const isPasswordValid = await bcrypt.compare(password, user.password) if (!isPasswordValid) return null - if (user.twoFactorEnabled) { - if (!twoFactorCode) { - throw new Error("2FA_REQUIRED") - } - - const isValid = authenticator.check(twoFactorCode, user.twoFactorSecret) - if (!isValid) { - throw new Error("Invalid 2FA Code") - } - } + verifyTwoFactor({ + twoFactorEnabled: user.twoFactorEnabled, + twoFactorSecret: user.twoFactorSecret + }, twoFactorCode) return { id: user._id.toString(), |