leaflet.pub / leaflet
a tool for shared writing and social publishing
fork atom
leaflet / actions / phone_auth / confirm_phone_auth_token.ts
at debug/datetime 56 lines 1.4 kB view raw
awarm.space use node-postgres and vercel's attachDBPool everywhere
cdc68782
1"use server"; 2 3import { drizzle } from "drizzle-orm/node-postgres"; 4import { and, eq } from "drizzle-orm"; 5import postgres from "postgres"; 6import { phone_number_auth_tokens } from "drizzle/schema"; 7import { cookies } from "next/headers"; 8import { pool } from "supabase/pool"; 9 10export async function confirmPhoneAuthToken(tokenId: string, code: string) { 11 const client = await pool.connect(); 12 const db = drizzle(client); 13 14 const [token] = await db 15 .select() 16 .from(phone_number_auth_tokens) 17 .where(eq(phone_number_auth_tokens.id, tokenId)); 18 19 if (!token) { 20 client.release(); 21 throw new Error("Invalid token"); 22 } 23 24 if (token.confirmation_code !== code) { 25 client.release(); 26 throw new Error("Invalid confirmation code"); 27 } 28 29 if (token.confirmed) { 30 client.release(); 31 throw new Error("Token already confirmed"); 32 } 33 34 const [confirmedToken] = await db 35 .update(phone_number_auth_tokens) 36 .set({ 37 confirmed: true, 38 }) 39 .where( 40 and( 41 eq(phone_number_auth_tokens.id, tokenId), 42 eq(phone_number_auth_tokens.confirmation_code, code), 43 ), 44 ) 45 .returning(); 46 47 (await cookies()).set("phone_auth_token", confirmedToken.id, { 48 maxAge: 60 * 60 * 24 * 30, 49 secure: process.env.NODE_ENV === "production", 50 httpOnly: true, 51 sameSite: "strict", 52 }); 53 54 client.release(); 55 return confirmedToken; 56}