musicle-svelte/src/lib/server/api/mfa/totp.service.ts

import { inject, injectable } from '@needle-di/core';
import { decodeBase64, encodeBase64 } from '@oslojs/encoding';
import { generateTOTP, verifyTOTP } from '@oslojs/otp';
import { EncryptionService } from '../common/services/encryption.service';
import type { CredentialsType } from '../databases/postgres/tables';
import { CredentialsRepository } from '../users/credentials.repository';

@injectable()
export class TotpService {
  constructor(
    private credentialsRepository = inject(CredentialsRepository),
    private encryptionService = inject(EncryptionService),
  ) {}

  async findOneByUserId(userId: string) {
    return this.credentialsRepository.findTOTPCredentialsByUserId(userId);
  }

  async findOneByUserIdOrThrow(userId: string) {
    const credential = await this.findOneByUserId(userId);
    if (!credential) {
      throw new Error('TOTP credential not found');
    }
    return credential;
  }

  async create(userId: string, key: Uint8Array) {
    try {
      return await this.credentialsRepository.create({
        user_id: userId,
        secret_data: encodeBase64(this.encryptionService.encrypt(key)),
        type: 'totp',
      });
    } catch (e) {
      console.error(e);
      return null;
    }
  }

  async deleteOneByUserId(userId: string) {
    return this.credentialsRepository.deleteByUserId(userId);
  }

  async deleteOneByUserIdAndType(userId: string, type: CredentialsType) {
    return this.credentialsRepository.deleteByUserIdAndType(userId, type);
  }

  async verify(userId: string, code: string) {
    const credential = await this.credentialsRepository.findTOTPCredentialsByUserId(userId);
    console.log(`TOTP credential: ${JSON.stringify(credential)}`);
    if (!credential) {
      throw new Error('TOTP credential not found');
    }
    const secret = this.encryptionService.decrypt(decodeBase64(credential.secret_data));
    return verifyTOTP(secret, 30, 6, code);
  }
}
Adding APIs, schemas for base roles etc. 2024-12-27 00:46:28 +00:00			`import { inject, injectable } from '@needle-di/core';`
			`import { decodeBase64, encodeBase64 } from '@oslojs/encoding';`
			`import { generateTOTP, verifyTOTP } from '@oslojs/otp';`
			`import { EncryptionService } from '../common/services/encryption.service';`
			`import type { CredentialsType } from '../databases/postgres/tables';`
			`import { CredentialsRepository } from '../users/credentials.repository';`

			`@injectable()`
			`export class TotpService {`
			`constructor(`
			`private credentialsRepository = inject(CredentialsRepository),`
			`private encryptionService = inject(EncryptionService),`
			`) {}`

			`async findOneByUserId(userId: string) {`
			`return this.credentialsRepository.findTOTPCredentialsByUserId(userId);`
			`}`

			`async findOneByUserIdOrThrow(userId: string) {`
			`const credential = await this.findOneByUserId(userId);`
			`if (!credential) {`
			`throw new Error('TOTP credential not found');`
			`}`
			`return credential;`
			`}`

			`async create(userId: string, key: Uint8Array) {`
			`try {`
			`return await this.credentialsRepository.create({`
			`user_id: userId,`
			`secret_data: encodeBase64(this.encryptionService.encrypt(key)),`
			`type: 'totp',`
			`});`
			`} catch (e) {`
			`console.error(e);`
			`return null;`
			`}`
			`}`

			`async deleteOneByUserId(userId: string) {`
			`return this.credentialsRepository.deleteByUserId(userId);`
			`}`

			`async deleteOneByUserIdAndType(userId: string, type: CredentialsType) {`
			`return this.credentialsRepository.deleteByUserIdAndType(userId, type);`
			`}`

			`async verify(userId: string, code: string) {`
			`const credential = await this.credentialsRepository.findTOTPCredentialsByUserId(userId);`
			console.log(`TOTP credential: ${JSON.stringify(credential)}`);
			`if (!credential) {`
			`throw new Error('TOTP credential not found');`
			`}`
			`const secret = this.encryptionService.decrypt(decodeBase64(credential.secret_data));`
			`return verifyTOTP(secret, 30, 6, code);`
			`}`
			`}`