This repository was archived by the owner on Apr 3, 2019. It is now read-only.
This repository was archived by the owner on Apr 3, 2019. It is now read-only.
Recovery Code API #302
Description
This issue tracks items needed to add the ability to verify a session from a recovery code.
New Tables
Recovery Code Table
| Column | Description | Options | Datatype |
|---|---|---|---|
| uid | account's uid | NOT NULL | BINARY(16) |
| codeHash | hashed recovery code | NOT NULL | BINARY(32) |
| createdAt | time code was created | NOT NULL | TIMESTAMP |
New stored procedures
.replaceRecoveryCodes(uid, count)
Deletes all current recovery codes for uid and generates now ones.
Parameters:
- uid - (Buffer16) the uid of the account
- count - (Integer) the number of recovery codes to generate
Returns:
- resolves with:
- an array of recovery code objects
- rejects: with one of:
- any error from the underlying storage engine
.consumeRecoveryCode(uid, codeHash)
Consumes the recovery code and deletes from table if successful.
Parameters:
- uid - (Buffer16) the uid of the account
- codeHash - (Buffer32)
Returns:
- resolves with:
- an object
{}- remaining: number of remaining codes
- an object
- rejects: with one of:
error.notFound()- any error from the underlying storage engine
New endpoints
Generate recovery codes
- Method :
GET - Path :
/account/<uid>/recoveryCodesuid: string
Consume recovery codes
- Method :
POST - Path :
/account/<uid>/recoveryCodes/<code>uid: hex128code: string