rparodi/ft_transcendence
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(routes/OTP): timeout condition check

Browse source 
- The condition was inverted for the expiration of the token will be unvalidated
This commit is contained in:
Raphaël 2025-08-31 14:56:57 +02:00 committed by Maix0
parent 61adf0f742
commit 29a5d38530
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/auth/src/routes/otp.ts
View file

@ -35,7 +35,7 @@ const route: FastifyPluginAsync = async (fastify, opts): Promise<void> => {
// no ? fuck off then
return makeResponse("failed", "otp.failed.invalid");
// is it too old ?
if (dJwt.createdAt + OTP_TOKEN_TIMEOUT_SEC * 1000 > Date.now())
if (dJwt.createdAt + OTP_TOKEN_TIMEOUT_SEC * 1000 < Date.now())
// yes ? fuck off then, redo the password
return makeResponse("failed", "otp.failed.timeout");