Merged in fix/too-many-codes-error (pull request #1814)

Fix SAS OTP rate limited error * Fix error for too many codes not showing up Approved-by: Joakim Jäderberg
2025-04-16 11:20:20 +00:00
parent 0ab5dc1c9d
commit 009d46ebac
3 changed files with 25 additions and 22 deletions
--- a/apps/scandic-web/app/[lang]/(partner)/(sas)/(protected)/sas-x-scandic/callback/route.ts
+++ b/apps/scandic-web/app/[lang]/(partner)/(sas)/(protected)/sas-x-scandic/callback/route.ts
@@ -83,9 +83,7 @@ export async function GET(
    stateResult.data.intent === "unlink" ||
    stateResult.data.intent === "transfer"
  ) {
-    const [data, error] = await safeTry(
-      serverClient().partner.sas.requestOtp({})
-    )
+    const [data, error] = await safeTry(serverClient().partner.sas.requestOtp())
    if (!data || error) {
      console.error("[SAS] Failed to request OTP", error)
      redirect(`/${lang}/sas-x-scandic/error`)
@@ -93,12 +91,13 @@ export async function GET(

    switch (data.status) {
      case "ABUSED":
-        redirect(`/${params.lang}/sas-x-scandic/error?errorCode=tooManyCodes`)
      case "NOTSENT":
-        redirect(`/${params.lang}/sas-x-scandic/error`)
+        redirect(`/${params.lang}/sas-x-scandic/error?errorCode=tooManyCodes`)
      case "NULL":
      case "RETRY":
      case "EXPIRED":
+      case "PENDING":
+      case "VERIFIED":
        // These errors should never happen for request, but according to the API spec they can
        throw new Error(`Unhandled request OTP status ${data.status}`)
    }
--- a/apps/scandic-web/app/[lang]/(partner)/(sas)/(protected)/sas-x-scandic/otp/OneTimePasswordForm.tsx
+++ b/apps/scandic-web/app/[lang]/(partner)/(sas)/(protected)/sas-x-scandic/otp/OneTimePasswordForm.tsx
@@ -91,7 +91,7 @@ export default function OneTimePasswordForm({

    setOtp("")
    requestOtp.reset()
-    requestOtp.mutate({})
+    requestOtp.mutate()
    setDisableResend(true)

    setTimeout(() => {
--- a/apps/scandic-web/server/routers/partners/sas/otp/request/requestOtp.ts
+++ b/apps/scandic-web/server/routers/partners/sas/otp/request/requestOtp.ts
@@ -15,29 +15,31 @@ import {

 import type { OtpState } from "../getOTPState"

-const inputSchema = z.object({})
-
-const outputSchema = z.object({
-  status: z.enum([
-    "VERIFIED",
-    "ABUSED",
-    "EXPIRED",
-    "PENDING",
-    "RETRY",
-    "SENT",
-    "NULL",
-    "NOTSENT",
-  ]),
+const successSchema = z.object({
+  status: z.literal("SENT"),
  referenceId: z.string().uuid(),
  databaseUUID: z.string().uuid(),
  otpExpiration: z.number(),
  otpReceiver: z.string(),
 })

+const failureSchema = z.object({
+  status: z.enum([
+    "VERIFIED",
+    "ABUSED",
+    "EXPIRED",
+    "PENDING",
+    "RETRY",
+    "NULL",
+    "NOTSENT",
+  ]),
+})
+
+const outputSchema = z.union([successSchema, failureSchema])
+
 export const requestOtp = protectedProcedure
-  .input(inputSchema)
  .output(outputSchema)
-  .mutation(async function ({ ctx, input }) {
+  .mutation(async function () {
    const sasAuthToken = getSasToken()

    if (!sasAuthToken) {
@@ -63,7 +65,9 @@ export const requestOtp = protectedProcedure
      throw createError(parseResult.error)
    }

-    setSASOtpCookie(parseResult.data)
+    if (parseResult.data.status === "SENT") {
+      setSASOtpCookie(parseResult.data)
+    }

    return parseResult.data
  })