pahmiudahgede
/
MIF_E31222379_BE
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: add cooldown for request otp

This commit is contained in:
pahmiudahgede 2025-03-22 00:52:56 +07:00
parent 298b0de725
commit ba4645fef9
1 changed files with 37 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
internal/services/auth_service.go
View File

@ -29,16 +29,35 @@ func NewAuthService(userRepo repositories.UserRepository, roleRepo repositories.
return &authService{userRepo, roleRepo} return &authService{userRepo, roleRepo}
} }
const otpCooldown = 30
func (s *authService) RegisterUser(req *dto.RegisterRequest) error { func (s *authService) RegisterUser(req *dto.RegisterRequest) error {
user, err := s.userRepo.GetUserByPhone(req.Phone)
if err == nil && user != nil {
return errors.New("phone number already registered")
}
lastOtpSent, err := utils.GetStringData("otp_sent:" + req.Phone)
if err == nil && lastOtpSent != "" {
lastSentTime, err := time.Parse(time.RFC3339, lastOtpSent)
if err != nil {
return errors.New("invalid OTP sent timestamp")
}
if time.Since(lastSentTime).Seconds() < otpCooldown {
return errors.New("please wait before requesting another OTP")
}
}
userID := uuid.New().String() userID := uuid.New().String()
user := &model.User{ user = &model.User{
Phone: req.Phone, Phone: req.Phone,
RoleID: req.RoleID, RoleID: req.RoleID,
} }
err := utils.SetJSONData("user:"+userID, user, 10*time.Minute) err = utils.SetJSONData("user:"+userID, user, 10*time.Minute)
if err != nil { if err != nil {
return err return err
} }
@ -60,10 +79,21 @@ func (s *authService) RegisterUser(req *dto.RegisterRequest) error {
return err return err
} }
err = utils.SetStringData("otp_sent:"+req.Phone, time.Now().Format(time.RFC3339), 10*time.Minute)
if err != nil {
return err
}
return nil return nil
} }
func (s *authService) VerifyOTP(req *dto.VerifyOTPRequest) (*dto.UserDataResponse, error) { func (s *authService) VerifyOTP(req *dto.VerifyOTPRequest) (*dto.UserDataResponse, error) {
isLoggedIn, err := utils.GetStringData("user_logged_in:" + req.Phone)
if err == nil && isLoggedIn == "true" {
return nil, errors.New("you are already logged in")
}
storedOTP, err := utils.GetStringData("otp:" + req.Phone) storedOTP, err := utils.GetStringData("otp:" + req.Phone)
if err != nil { if err != nil {
return nil, err return nil, err
@ -107,6 +137,11 @@ func (s *authService) VerifyOTP(req *dto.VerifyOTPRequest) (*dto.UserDataRespons
return nil, err return nil, err
} }
err = utils.SetStringData("user_logged_in:"+req.Phone, "true", 0)
if err != nil {
return nil, err
}
return &dto.UserDataResponse{ return &dto.UserDataResponse{
UserID: createdUser.ID, UserID: createdUser.ID,
UserRole: role.RoleName, UserRole: role.RoleName,