From 29a5d38530b8efb9cd4bf308552d36f305e971bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl?= <35407363+EniumRaphael@users.noreply.github.com> Date: Sun, 31 Aug 2025 14:56:57 +0200 Subject: [PATCH] fix(routes/OTP): timeout condition check - The condition was inverted for the expiration of the token will be unvalidated --- src/auth/src/routes/otp.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/auth/src/routes/otp.ts b/src/auth/src/routes/otp.ts index e542fda..6f45662 100644 --- a/src/auth/src/routes/otp.ts +++ b/src/auth/src/routes/otp.ts @@ -35,7 +35,7 @@ const route: FastifyPluginAsync = async (fastify, opts): Promise => { // no ? fuck off then return makeResponse("failed", "otp.failed.invalid"); // is it too old ? - if (dJwt.createdAt + OTP_TOKEN_TIMEOUT_SEC * 1000 > Date.now()) + if (dJwt.createdAt + OTP_TOKEN_TIMEOUT_SEC * 1000 < Date.now()) // yes ? fuck off then, redo the password return makeResponse("failed", "otp.failed.timeout");