feat: add optional OTP verification for user registration

Author: muneebhashone

.env.development

@@ -31,3 +31,6 @@ MAILGUN_FROM_EMAIL="[email protected]"
 # ADMIN
 ADMIN_EMAIL="[email protected]"
 ADMIN_PASSWORD="password"
+
+# USER
+OTP_VERIFICATION_ENABLED=0

.env.sample

@@ -43,3 +43,6 @@ MONGO_DATABASE_URL=""
 # ADMIN
 ADMIN_EMAIL="[email protected]"
 ADMIN_PASSWORD="password"
+
+# USER
+OTP_VERIFICATION_ENABLED=0

src/config/config.service.ts

@@ -41,6 +41,7 @@ const configSchema = z.object({
 	MAILGUN_FROM_EMAIL: z.string().email(),
 	ADMIN_EMAIL: z.string().email(),
 	ADMIN_PASSWORD: z.string().min(1),
+	OTP_VERIFICATION_ENABLED: z.string().transform((value) => !!Number(value)),
 });
 
 export type Config = z.infer<typeof configSchema>;

src/modules/auth/auth.controller.ts

@@ -53,6 +53,10 @@ export const handleRegisterUser = async (
 ) => {
 	const user = await registerUserByEmail(req.body);
 
+	if (config.OTP_VERIFICATION_ENABLED) {
+		return successResponse(res, "Please check your email for OTP", user);
+	}
+
 	return successResponse(res, "User has been reigstered", user);
 };
 

src/modules/auth/auth.router.ts

@@ -37,7 +37,7 @@ authRouter.post(
 
 authRouter.post("/logout", {}, handleLogout);
 
-authRouter.get("/user", {}, canAccess(), handleGetCurrentUser);
+authRouter.get("/me", {}, canAccess(), handleGetCurrentUser);
 
 authRouter.post(
 	"/forget-password",

src/modules/auth/auth.service.ts

@@ -1,9 +1,11 @@
+import config from "../../config/config.service";
 import { ROLE_ENUM, type RoleType, SOCIAL_ACCOUNT_ENUM } from "../../enums";
 import type { GoogleCallbackQuery } from "../../types";
 import {
 	type JwtPayload,
 	compareHash,
 	fetchGoogleTokens,
+	generateOTP,
 	getUserInfo,
 	hashPassword,
 	signToken,
@@ -94,9 +96,10 @@ export const registerUserByEmail = async (
 
 	const { confirmPassword, ...rest } = payload;
 
-	// OTP is null for now - it will set user as verified
+	const otp = config.OTP_VERIFICATION_ENABLED ? generateOTP() : null;
+
 	const user = await createUser(
-		{ ...rest, role: "DEFAULT_USER", otp: null },
+		{ ...rest, role: "DEFAULT_USER", otp },
 		false,
 	);
 

src/utils/auth.utils.ts

@@ -124,14 +124,14 @@ export const fetchGoogleTokens = async (
 	return data;
 };
 export interface GoogleUserInfo {
-	id: string; // User's unique Google ID
-	email: string; // User's email address
-	verified_email: boolean; // Whether the email is verified
-	name: string; // User's full name
-	given_name: string; // User's given name
-	family_name: string; // User's family name
-	picture: string; // URL of the user's profile picture
-	locale: string; // User's locale
+	id: string;
+	email: string;
+	verified_email: boolean;
+	name: string;
+	given_name: string;
+	family_name: string;
+	picture: string;
+	locale: string;
 }
 
 export const getUserInfo = async (accessToken: string) => {
@@ -146,3 +146,7 @@ export const getUserInfo = async (accessToken: string) => {
 	}
 	return userInfoResponse.json();
 };
+
+export const generateOTP = (length = 6): string => {
+	return crypto.randomBytes(length).toString("hex").slice(0, length);
+};