Yared Yemane
78f231f222
Resolve false OTP already used/expired responses during registration by loading OTP rows using user_id plus submitted otp code and validating usage/expiry on the matched row. Made-with: Cursor
39 lines
722 B
SQL
39 lines
722 B
SQL
-- name: UpdateExpiredOtp :exec
|
|
UPDATE otps
|
|
SET
|
|
otp = $2,
|
|
used = FALSE,
|
|
used_at = NULL,
|
|
expires_at = $3
|
|
WHERE user_id = $1;
|
|
|
|
-- name: CreateOtp :exec
|
|
INSERT INTO otps (
|
|
user_id,
|
|
sent_to,
|
|
medium,
|
|
otp_for,
|
|
otp,
|
|
expires_at
|
|
)
|
|
VALUES ($1, $2, $3, $4, $5, $6);
|
|
|
|
-- name: GetOtp :one
|
|
SELECT id, user_id, sent_to, medium, otp_for, otp, used, used_at, created_at, expires_at
|
|
FROM otps
|
|
WHERE user_id = $1
|
|
ORDER BY id DESC
|
|
LIMIT 1;
|
|
|
|
-- name: GetOtpByCode :one
|
|
SELECT id, user_id, sent_to, medium, otp_for, otp, used, used_at, created_at, expires_at
|
|
FROM otps
|
|
WHERE user_id = $1
|
|
AND otp = $2
|
|
ORDER BY id DESC
|
|
LIMIT 1;
|
|
|
|
-- name: MarkOtpAsUsed :exec
|
|
UPDATE otps
|
|
SET used = TRUE, used_at = $2
|
|
WHERE id = $1; |