scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
849802618924ddd68d8853560ab9eda31bc4c72e
web/packages/trpc/lib/routers/partners/sas/otp/request/requestOtp.ts
Joakim Jäderberg daf765f3d5 Merged in feature/wrap-logging (pull request #2511) 
Feature/wrap logging

* feat: change all logging to go through our own logger function so that we can control log levels

* move packages/trpc to using our own logger

* merge


Approved-by: Linus Flood
2025-07-03 12:37:04 +00:00

140 lines
3.4 KiB
TypeScript
Raw Blame History

import * as Sentry from "@sentry/nextjs"
import { TRPCError } from "@trpc/server"
import { cookies } from "next/headers"
import { v4 as uuidv4 } from "uuid"
import { z } from "zod"
import { createLogger } from "@scandic-hotels/common/logger/createLogger"
import { env } from "../../../../../../env/server"
import { protectedProcedure } from "../../../../../procedures"
import { getSasToken } from "../../getSasToken"
import { SAS_REQUEST_OTP_STATE_STORAGE_COOKIE_NAME } from "../constants"
import {
parseSASRequestOtpError,
type RequestOtpGeneralError,
} from "./requestOtpError"
import type { OtpState } from "../getOTPState"
const successSchema = z.object({
status: z.literal("SENT"),
referenceId: z.string().uuid(),
databaseUUID: z.string().uuid(),
otpExpiration: z.number(),
otpReceiver: z.string(),
})
const failureSchema = z.object({
status: z.enum([
"VERIFIED",
"ABUSED",
"EXPIRED",
"PENDING",
"RETRY",
"NULL",
"NOTSENT",
]),
})
const outputSchema = z.union([successSchema, failureSchema])
const sasLogger = createLogger("SAS")
export const requestOtp = protectedProcedure
.output(outputSchema)
.mutation(async function () {
const sasAuthToken = await getSasToken()
if (!sasAuthToken) {
throw createError("AUTH_TOKEN_NOT_FOUND")
}
const tokenResponse = await fetchRequestOtp({ sasAuthToken })
sasLogger.debug(
"requestOtp",
tokenResponse.status,
tokenResponse.statusText
)
const body = await tokenResponse.json()
const parseResult = outputSchema.safeParse(body)
if (!parseResult.success) {
sasLogger.error("requestOtp error", body)
if (!tokenResponse.ok) {
throw createError(body)
}
throw createError(parseResult.error)
}
if (parseResult.data.status === "SENT") {
setSASOtpCookie(parseResult.data)
} else {
const sasRequestOtpErrorMessage = `requestOtp did not return SENT status with body: ${JSON.stringify(body)}`
sasLogger.warn(sasRequestOtpErrorMessage)
Sentry.captureMessage(sasRequestOtpErrorMessage)
}
return parseResult.data
})
function createError(
errorBody:
| {
status: string
error: string
errorCode: number
databaseUUID: string
}
| Error
| RequestOtpGeneralError
): TRPCError {
const errorInfo = parseSASRequestOtpError(errorBody)
sasLogger.error("createError", errorInfo)
return new TRPCError({
code: "BAD_REQUEST",
cause: errorInfo,
})
}
async function fetchRequestOtp({ sasAuthToken }: { sasAuthToken: string }) {
const endpoint = `${env.SAS_API_ENDPOINT}/api/scandic-partnership/customer/send-otp`
sasLogger.debug("Requesting OTP")
return await fetch(endpoint, {
method: "POST",
headers: {
"Content-Type": "application/json",
"Ocp-Apim-Subscription-Key": env.SAS_OCP_APIM,
Authorization: `Bearer ${sasAuthToken}`,
},
body: JSON.stringify({
referenceId: uuidv4(),
}),
signal: AbortSignal.timeout(15_000),
})
}
async function setSASOtpCookie({
referenceId,
databaseUUID,
}: {
referenceId: string
databaseUUID: string
}) {
const cookieStore = await cookies()
cookieStore.set(
SAS_REQUEST_OTP_STATE_STORAGE_COOKIE_NAME,
JSON.stringify({
referenceId: referenceId,
databaseUUID: databaseUUID,
} satisfies OtpState),
{
httpOnly: true,
maxAge: 3600,
secure: env.NODE_ENV !== "development",
}
)
}
Reference in New Issue View Git Blame Copy Permalink