Handle existing user trying to use OTP

0xsend · Nov 18, 2024 · 780dac2 · 780dac2
1 parent 4e6e6e7
commit 780dac2
Show file tree

Hide file tree

Showing 5 changed files with 330 additions and 207 deletions.
diff --git a/packages/api/src/routers/_app.ts b/packages/api/src/routers/_app.ts
@@ -1,6 +1,6 @@
 import type { inferRouterInputs, inferRouterOutputs } from '@trpc/server'
 import { createTRPCRouter } from '../trpc'
-import { authRouter } from './auth'
+import { authRouter } from './auth/router'
 import { chainAddressRouter } from './chainAddress'
 import { distributionRouter } from './distribution'
 import { tagRouter } from './tag'

diff --git a/packages/api/src/routers/auth.ts b/packages/api/src/routers/auth.ts
diff --git a/packages/api/src/routers/auth/router.ts b/packages/api/src/routers/auth/router.ts
@@ -0,0 +1,88 @@
+import { TRPCError } from '@trpc/server'
+import { supabaseAdmin } from 'app/utils/supabase/admin'
+import debug from 'debug'
+import { z } from 'zod'
+import { createTRPCRouter, publicProcedure } from '../../trpc'
+import { AuthStatus } from './types'
+
+const log = debug('api:auth')
+
+export const authRouter = createTRPCRouter({
+  signInWithOtp: publicProcedure
+    .input(
+      z.object({
+        phone: z.string().trim(),
+        countrycode: z.string(),
+        captchaToken: z.string().optional(),
+        bypassOnboardedCheck: z.boolean().optional().default(false),
+      })
+    )
+    .mutation(async ({ input }) => {
+      const { phone, countrycode, captchaToken, bypassOnboardedCheck } = input
+
+      if (!phone) {
+        throw new TRPCError({
+          code: 'BAD_REQUEST',
+          message: 'Phone number is required',
+        })
+      }
+
+      if (!countrycode) {
+        throw new TRPCError({
+          code: 'BAD_REQUEST',
+          message: 'Country Code is required',
+        })
+      }
+
+      if (!!process.env.NEXT_PUBLIC_TURNSTILE_SITE_KEY && !captchaToken) {
+        throw new TRPCError({
+          code: 'BAD_REQUEST',
+          message: 'Captcha token is required',
+        })
+      }
+
+      if (!bypassOnboardedCheck) {
+        log('checking if phone is already used', { phone })
+
+        const { data } = await supabaseAdmin
+          .rpc('profile_lookup', { lookup_type: 'phone', identifier: `${countrycode}${phone}` })
+          .maybeSingle()
+
+        if (data) {
+          log('phone is already used', { phone })
+
+          return {
+            status: AuthStatus.PhoneAlreadyUsed,
+          }
+        }
+      }
+
+      const { error } = await supabaseAdmin.auth
+        .signInWithOtp({ phone: `${countrycode}${phone}`, options: { captchaToken } })
+        .then(async (r) => {
+          // TODO: potentially add a fake numbers list for app store reviewers
+          if (__DEV__ || process.env.CI) {
+            log('fake_otp_credentials', { phone: `${countrycode}${phone}` })
+            return await supabaseAdmin.rpc('fake_otp_credentials', {
+              phone: `${countrycode}${phone}`,
+            })
+          }
+          const errMessage = r.error?.message.toLowerCase()
+          log('signInWithOtp', { errMessage, phone })
+          return r
+        })
+
+      if (error) {
+        throw new TRPCError({
+          code: 'INTERNAL_SERVER_ERROR',
+          message: error.message,
+        })
+      }
+
+      log('successfully signed up with otp', { phone })
+
+      return {
+        status: AuthStatus.SignedIn,
+      }
+    }),
+})
diff --git a/packages/api/src/routers/auth/types.ts b/packages/api/src/routers/auth/types.ts
@@ -0,0 +1,4 @@
+export enum AuthStatus {
+  SignedIn = 'SignedIn',
+  PhoneAlreadyUsed = 'PhoneAlreadyUsed',
+}