Enable Email as a MFA method/option (#68)

This adds Email as a multi-factor authentication method/option. It reuses the `VerificationCode` for the code generation and validation. It also refactors the email templating for easier repurposing. Finally, it has a small Deno version bump. Closes #25
2025-06-11 15:53:39 +01:00
parent 111321e9c6
commit c7d6b8077b
16 changed files with 405 additions and 81 deletions
--- a/lib/models/multi-factor-auth/email.ts
+++ b/lib/models/multi-factor-auth/email.ts
@@ -0,0 +1,50 @@
+import { MultiFactorAuthMethod, User } from '/lib/types.ts';
+import { MultiFactorAuthSetup } from '/lib/models/multi-factor-auth.ts';
+import { VerificationCodeModel } from '/lib/models/user.ts';
+import { EmailModel as EmailTransportModel } from '/lib/models/email.ts';
+
+export class EmailModel {
+  static async createMethod(
+    id: string,
+    name: string,
+    user: User,
+  ): Promise<MultiFactorAuthSetup> {
+    const method: MultiFactorAuthMethod = {
+      type: 'email',
+      id,
+      name,
+      enabled: false,
+      created_at: new Date(),
+      metadata: {},
+    };
+
+    await this.createAndSendCode(id, user);
+
+    return {
+      method,
+    };
+  }
+
+  static async createAndSendCode(
+    id: string,
+    user: User,
+  ): Promise<void> {
+    const code = await VerificationCodeModel.create(user, `${user.email}-${id}`, 'email');
+
+    await EmailTransportModel.sendLoginVerificationEmail(user.email, code);
+  }
+
+  static async verifyCode(
+    methodId: string,
+    code: string,
+    user: User,
+  ): Promise<boolean> {
+    try {
+      await VerificationCodeModel.validate(user, `${user.email}-${methodId}`, code, 'email');
+
+      return true;
+    } catch {
+      return false;
+    }
+  }
+}