feat(core): add expiresAt in response of verification record creation (…

…#6686)
logto-io · Oct 17, 2024 · 6289433 · 6289433
1 parent 2fb85a2
commit 6289433
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 12 deletions.
diff --git a/packages/core/src/routes/verification/index.openapi.json b/packages/core/src/routes/verification/index.openapi.json
@@ -29,7 +29,21 @@
         },
         "responses": {
           "201": {
-            "description": "The verification record was created successfully."
+            "description": "The verification record was created successfully.",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "properties": {
+                    "verificationRecordId": {
+                      "type": "string"
+                    },
+                    "expiresAt": {
+                      "type": "string"
+                    }
+                  }
+                }
+              }
+            }
           },
           "422": {
             "description": "The password is invalid."
@@ -57,7 +71,21 @@
         },
         "responses": {
           "201": {
-            "description": "The verification code has been successfully sent."
+            "description": "The verification code has been successfully sent.",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "properties": {
+                    "verificationRecordId": {
+                      "type": "string"
+                    },
+                    "expiresAt": {
+                      "type": "string"
+                    }
+                  }
+                }
+              }
+            }
           },
           "501": {
             "description": "The connector for sending the verification code is not configured."

diff --git a/packages/core/src/routes/verification/index.ts b/packages/core/src/routes/verification/index.ts
@@ -32,7 +32,7 @@ export default function verificationRoutes<T extends UserRouter>(
     '/verifications/password',
     koaGuard({
       body: z.object({ password: z.string().min(1) }),
-      response: z.object({ verificationRecordId: z.string() }),
+      response: z.object({ verificationRecordId: z.string(), expiresAt: z.string() }),
       status: [201, 422],
     }),
     async (ctx, next) => {
@@ -58,9 +58,12 @@ export default function verificationRoutes<T extends UserRouter>(
         passwordVerification.verify(password)
       );
 
-      await insertVerificationRecord(passwordVerification, queries, userId);
+      const { expiresAt } = await insertVerificationRecord(passwordVerification, queries, userId);
 
-      ctx.body = { verificationRecordId: passwordVerification.id };
+      ctx.body = {
+        verificationRecordId: passwordVerification.id,
+        expiresAt: new Date(expiresAt).toISOString(),
+      };
       ctx.status = 201;
 
       return next();
@@ -73,7 +76,7 @@ export default function verificationRoutes<T extends UserRouter>(
       body: z.object({
         identifier: verificationCodeIdentifierGuard,
       }),
-      response: z.object({ verificationRecordId: z.string() }),
+      response: z.object({ verificationRecordId: z.string(), expiresAt: z.string() }),
       status: [201, 501],
     }),
     async (ctx, next) => {
@@ -92,7 +95,7 @@ export default function verificationRoutes<T extends UserRouter>(
 
       await codeVerification.sendVerificationCode();
 
-      await insertVerificationRecord(
+      const { expiresAt } = await insertVerificationRecord(
         codeVerification,
         queries,
         // If the identifier is the primary email or phone, the verification record is associated with the user.
@@ -102,7 +105,10 @@ export default function verificationRoutes<T extends UserRouter>(
           : undefined
       );
 
-      ctx.body = { verificationRecordId: codeVerification.id };
+      ctx.body = {
+        verificationRecordId: codeVerification.id,
+        expiresAt: new Date(expiresAt).toISOString(),
+      };
       ctx.status = 201;
 
       return next();

diff --git a/packages/integration-tests/src/api/verification-record.ts b/packages/integration-tests/src/api/verification-record.ts
@@ -4,13 +4,14 @@ import { type KyInstance } from 'ky';
 import { readConnectorMessage } from '#src/helpers/index.js';
 
 export const createVerificationRecordByPassword = async (api: KyInstance, password: string) => {
-  const { verificationRecordId } = await api
+  const { verificationRecordId, expiresAt } = await api
     .post('api/verifications/password', {
       json: {
         password,
       },
     })
-    .json<{ verificationRecordId: string }>();
+    .json<{ verificationRecordId: string; expiresAt: string }>();
+  expect(expiresAt).toBeTruthy();
 
   return verificationRecordId;
 };
@@ -19,7 +20,7 @@ const createVerificationCode = async (
   api: KyInstance,
   identifier: { type: SignInIdentifier; value: string }
 ) => {
-  const { verificationRecordId } = await api
+  const { verificationRecordId, expiresAt } = await api
     .post('api/verifications/verification-code', {
       json: {
         identifier: {
@@ -28,7 +29,8 @@ const createVerificationCode = async (
         },
       },
     })
-    .json<{ verificationRecordId: string }>();
+    .json<{ verificationRecordId: string; expiresAt: string }>();
+  expect(expiresAt).toBeTruthy();
 
   return verificationRecordId;
 };