@perseidesjs/auth-otp 2.0.0

package/.medusa/server/src/api/auth/[actor_type]/otp/generate/route.js

@@ -0,0 +1,35 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.POST = void 0;
+const utils_1 = require("@medusajs/framework/utils");
+const get_plugin_options_1 = __importDefault(require("../../../../../utils/get-plugin-options"));
+const generate_otp_1 = __importDefault(require("../../../../../workflows/generate-otp"));
+const POST = async (req, res) => {
+    const logger = req.scope.resolve(utils_1.ContainerRegistrationKeys.LOGGER);
+    const { identifier } = req.validatedBody;
+    const actorType = req.params.actor_type;
+    const configModule = req.scope.resolve(utils_1.ContainerRegistrationKeys.CONFIG_MODULE);
+    const pluginOptions = (0, get_plugin_options_1.default)(configModule);
+    const accessorsPerActor = pluginOptions.accessorsPerActor[actorType];
+    await (0, generate_otp_1.default)(req.scope).run({
+        input: {
+            identifier,
+            actorType,
+            accessorsPerActor
+        }
+    }).catch((error) => {
+        if (pluginOptions.http?.alwaysReturnSuccess) {
+            if (pluginOptions.http.warnOnError) {
+                logger.error(error);
+            }
+            return;
+        }
+        throw error;
+    });
+    res.send({ message: 'If an account exists with this identifier, an OTP will be sent.' });
+};
+exports.POST = POST;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL2F1dGgvW2FjdG9yX3R5cGVdL290cC9nZW5lcmF0ZS9yb3V0ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFLQSxxREFBcUU7QUFDckUsaUdBQXNFO0FBQ3RFLHlGQUF1RTtBQUVoRSxNQUFNLElBQUksR0FBRyxLQUFLLEVBQ3ZCLEdBQXNELEVBQ3RELEdBQW1CLEVBQ25CLEVBQUU7SUFDRixNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxpQ0FBeUIsQ0FBQyxNQUFNLENBQUMsQ0FBQTtJQUVsRSxNQUFNLEVBQUUsVUFBVSxFQUFFLEdBQUcsR0FBRyxDQUFDLGFBQWEsQ0FBQTtJQUN4QyxNQUFNLFNBQVMsR0FBRyxHQUFHLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQTtJQUV2QyxNQUFNLFlBQVksR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxpQ0FBeUIsQ0FBQyxhQUFhLENBQUMsQ0FBQTtJQUMvRSxNQUFNLGFBQWEsR0FBRyxJQUFBLDRCQUFnQixFQUFDLFlBQVksQ0FBQyxDQUFBO0lBRXBELE1BQU0saUJBQWlCLEdBQUcsYUFBYSxDQUFDLGlCQUFrQixDQUFDLFNBQVMsQ0FBQyxDQUFBO0lBRXJFLE1BQU0sSUFBQSxzQkFBbUIsRUFBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUMsR0FBRyxDQUFDO1FBQ3ZDLEtBQUssRUFBRTtZQUNMLFVBQVU7WUFDVixTQUFTO1lBQ1QsaUJBQWlCO1NBQ2xCO0tBQ0YsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFO1FBQ2pCLElBQUksYUFBYSxDQUFDLElBQUksRUFBRSxtQkFBbUIsRUFBRSxDQUFDO1lBQzVDLElBQUksYUFBYSxDQUFDLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztnQkFDbkMsTUFBTSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQTtZQUNyQixDQUFDO1lBQ0QsT0FBTTtRQUNSLENBQUM7UUFDRCxNQUFNLEtBQUssQ0FBQTtJQUNiLENBQUMsQ0FBQyxDQUFBO0lBRUYsR0FBRyxDQUFDLElBQUksQ0FBQyxFQUFFLE9BQU8sRUFBRSxpRUFBaUUsRUFBRSxDQUFDLENBQUE7QUFDMUYsQ0FBQyxDQUFBO0FBL0JZLFFBQUEsSUFBSSxRQStCaEIifQ==

package/.medusa/server/src/api/auth/[actor_type]/otp/generate/validators.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PostAuthActorTypeOtpGenerateSchema = void 0;
+const zod_1 = require("zod");
+exports.PostAuthActorTypeOtpGenerateSchema = zod_1.z.object({
+    identifier: zod_1.z.string().min(1),
+});
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidmFsaWRhdG9ycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uLy4uLy4uL3NyYy9hcGkvYXV0aC9bYWN0b3JfdHlwZV0vb3RwL2dlbmVyYXRlL3ZhbGlkYXRvcnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkJBQXVCO0FBR1YsUUFBQSxrQ0FBa0MsR0FBRyxPQUFDLENBQUMsTUFBTSxDQUFDO0lBQ3pELFVBQVUsRUFBRSxPQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztDQUM5QixDQUFDLENBQUEifQ==

package/.medusa/server/src/api/auth/[actor_type]/otp/pre-register/route.js

@@ -0,0 +1,35 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.POST = void 0;
+const utils_1 = require("@medusajs/framework/utils");
+const get_plugin_options_1 = __importDefault(require("../../../../../utils/get-plugin-options"));
+const pre_register_check_1 = __importDefault(require("../../../../../workflows/pre-register-check"));
+const POST = async (req, res) => {
+    const logger = req.scope.resolve(utils_1.ContainerRegistrationKeys.LOGGER);
+    const { identifier } = req.validatedBody;
+    const actorType = req.params.actor_type;
+    const configModule = req.scope.resolve(utils_1.ContainerRegistrationKeys.CONFIG_MODULE);
+    const pluginOptions = (0, get_plugin_options_1.default)(configModule);
+    const accessorsPerActor = pluginOptions.accessorsPerActor[actorType];
+    await (0, pre_register_check_1.default)(req.scope).run({
+        input: {
+            identifier,
+            actorType,
+            accessorsPerActor
+        }
+    }).catch((error) => {
+        if (pluginOptions.http?.alwaysReturnSuccess) {
+            if (pluginOptions.http.warnOnError) {
+                logger.error(error);
+            }
+            return;
+        }
+        throw error;
+    });
+    res.send({ message: 'Please validate the OTP to continue with the registration process.' });
+};
+exports.POST = POST;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL2F1dGgvW2FjdG9yX3R5cGVdL290cC9wcmUtcmVnaXN0ZXIvcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBS0EscURBQXFFO0FBQ3JFLGlHQUFzRTtBQUV0RSxxR0FBa0Y7QUFFM0UsTUFBTSxJQUFJLEdBQUcsS0FBSyxFQUN2QixHQUF5RCxFQUN6RCxHQUFtQixFQUNuQixFQUFFO0lBQ0YsTUFBTSxNQUFNLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsaUNBQXlCLENBQUMsTUFBTSxDQUFDLENBQUE7SUFFbEUsTUFBTSxFQUFFLFVBQVUsRUFBRSxHQUFHLEdBQUcsQ0FBQyxhQUFhLENBQUE7SUFDeEMsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUE7SUFFdkMsTUFBTSxZQUFZLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsaUNBQXlCLENBQUMsYUFBYSxDQUFDLENBQUE7SUFDL0UsTUFBTSxhQUFhLEdBQUcsSUFBQSw0QkFBZ0IsRUFBQyxZQUFZLENBQUMsQ0FBQTtJQUVwRCxNQUFNLGlCQUFpQixHQUFHLGFBQWEsQ0FBQyxpQkFBa0IsQ0FBQyxTQUFTLENBQUMsQ0FBQTtJQUVyRSxNQUFNLElBQUEsNEJBQXdCLEVBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxDQUFDLEdBQUcsQ0FBQztRQUM1QyxLQUFLLEVBQUU7WUFDTCxVQUFVO1lBQ1YsU0FBUztZQUNULGlCQUFpQjtTQUNsQjtLQUNGLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRTtRQUNqQixJQUFJLGFBQWEsQ0FBQyxJQUFJLEVBQUUsbUJBQW1CLEVBQUUsQ0FBQztZQUM1QyxJQUFJLGFBQWEsQ0FBQyxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7Z0JBQ25DLE1BQU0sQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUE7WUFDckIsQ0FBQztZQUNELE9BQU07UUFDUixDQUFDO1FBQ0QsTUFBTSxLQUFLLENBQUE7SUFDYixDQUFDLENBQUMsQ0FBQTtJQUVGLEdBQUcsQ0FBQyxJQUFJLENBQUMsRUFBRSxPQUFPLEVBQUUsb0VBQW9FLEVBQUUsQ0FBQyxDQUFBO0FBQzdGLENBQUMsQ0FBQTtBQS9CWSxRQUFBLElBQUksUUErQmhCIn0=

package/.medusa/server/src/api/auth/[actor_type]/otp/pre-register/validators.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PostAuthActorTypeOtpPreRegisterSchema = void 0;
+const zod_1 = require("zod");
+exports.PostAuthActorTypeOtpPreRegisterSchema = zod_1.z.object({
+    identifier: zod_1.z.string().min(1),
+});
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidmFsaWRhdG9ycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uLy4uLy4uL3NyYy9hcGkvYXV0aC9bYWN0b3JfdHlwZV0vb3RwL3ByZS1yZWdpc3Rlci92YWxpZGF0b3JzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZCQUF1QjtBQUdWLFFBQUEscUNBQXFDLEdBQUcsT0FBQyxDQUFDLE1BQU0sQ0FBQztJQUM1RCxVQUFVLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7Q0FDOUIsQ0FBQyxDQUFBIn0=

package/.medusa/server/src/api/auth/[actor_type]/otp/verify/route.js

@@ -0,0 +1,51 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.POST = void 0;
+const utils_1 = require("@medusajs/framework/utils");
+const get_plugin_options_1 = __importDefault(require("../../../../../utils/get-plugin-options"));
+const verify_otp_1 = __importDefault(require("../../../../../workflows/verify-otp"));
+const generate_jwt_token_1 = require("@medusajs/medusa/api/auth/utils/generate-jwt-token");
+const framework_1 = require("@medusajs/framework");
+const POST = async (req, res) => {
+    const { identifier, otp } = req.validatedBody;
+    const actorType = req.params.actor_type;
+    const configModule = req.scope.resolve(utils_1.ContainerRegistrationKeys.CONFIG_MODULE);
+    const pluginOptions = (0, get_plugin_options_1.default)(configModule);
+    try {
+        const { result } = await (0, verify_otp_1.default)(req.scope).run({
+            input: {
+                identifier,
+                otp,
+                actorType,
+                accessorsPerActor: pluginOptions.accessorsPerActor[actorType]
+            }
+        });
+        if (result.isValid) {
+            const { http } = configModule.projectConfig;
+            const token = (0, generate_jwt_token_1.generateJwtTokenForAuthIdentity)({ authIdentity: result.authIdentity, actorType }, {
+                secret: http.jwtSecret,
+                expiresIn: http.jwtExpiresIn
+            });
+            res.send({
+                token
+            });
+        }
+        else {
+            throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, `Invalid OTP`);
+        }
+    }
+    catch (error) {
+        if (pluginOptions.http?.alwaysReturnSuccess) {
+            if (pluginOptions.http.warnOnError) {
+                framework_1.logger.error(error);
+            }
+            throw new utils_1.MedusaError(utils_1.MedusaError.Types.INVALID_DATA, `Invalid OTP`);
+        }
+        throw error;
+    }
+};
+exports.POST = POST;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi8uLi8uLi8uLi9zcmMvYXBpL2F1dGgvW2FjdG9yX3R5cGVdL290cC92ZXJpZnkvcm91dGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBS0EscURBQWtGO0FBQ2xGLGlHQUFzRTtBQUN0RSxxRkFBbUU7QUFDbkUsMkZBQW9HO0FBQ3BHLG1EQUE0QztBQUVyQyxNQUFNLElBQUksR0FBRyxLQUFLLEVBQ3ZCLEdBQW9ELEVBQ3BELEdBQW1CLEVBQ25CLEVBQUU7SUFDRixNQUFNLEVBQUUsVUFBVSxFQUFFLEdBQUcsRUFBRSxHQUFHLEdBQUcsQ0FBQyxhQUFhLENBQUE7SUFDN0MsTUFBTSxTQUFTLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUE7SUFFdkMsTUFBTSxZQUFZLEdBQUcsR0FBRyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsaUNBQXlCLENBQUMsYUFBYSxDQUFDLENBQUE7SUFDL0UsTUFBTSxhQUFhLEdBQUcsSUFBQSw0QkFBZ0IsRUFBQyxZQUFZLENBQUMsQ0FBQTtJQUVwRCxJQUFJLENBQUM7UUFHSCxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsTUFBTSxJQUFBLG9CQUFpQixFQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLENBQUM7WUFDeEQsS0FBSyxFQUFFO2dCQUNMLFVBQVU7Z0JBQ1YsR0FBRztnQkFDSCxTQUFTO2dCQUNULGlCQUFpQixFQUFFLGFBQWEsQ0FBQyxpQkFBa0IsQ0FBQyxTQUFTLENBQUM7YUFDL0Q7U0FDRixDQUFDLENBQUE7UUFFRixJQUFJLE1BQU0sQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUNuQixNQUFNLEVBQUUsSUFBSSxFQUFFLEdBQUcsWUFBWSxDQUFDLGFBQWEsQ0FBQTtZQUMzQyxNQUFNLEtBQUssR0FBRyxJQUFBLG9EQUErQixFQUFDLEVBQUUsWUFBWSxFQUFFLE1BQU0sQ0FBQyxZQUFhLEVBQUUsU0FBUyxFQUFFLEVBQUU7Z0JBQy9GLE1BQU0sRUFBRSxJQUFJLENBQUMsU0FBUztnQkFDdEIsU0FBUyxFQUFFLElBQUksQ0FBQyxZQUFZO2FBQzdCLENBQUMsQ0FBQTtZQUVGLEdBQUcsQ0FBQyxJQUFJLENBQUM7Z0JBQ1AsS0FBSzthQUNOLENBQUMsQ0FBQTtRQUNKLENBQUM7YUFBTSxDQUFDO1lBQ04sTUFBTSxJQUFJLG1CQUFXLENBQUMsbUJBQVcsQ0FBQyxLQUFLLENBQUMsWUFBWSxFQUFFLGFBQWEsQ0FBQyxDQUFBO1FBQ3RFLENBQUM7SUFDSCxDQUFDO0lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztRQUNmLElBQUksYUFBYSxDQUFDLElBQUksRUFBRSxtQkFBbUIsRUFBRSxDQUFDO1lBQzVDLElBQUksYUFBYSxDQUFDLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztnQkFDbkMsa0JBQU0sQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUE7WUFDckIsQ0FBQztZQUNELE1BQU0sSUFBSSxtQkFBVyxDQUFDLG1CQUFXLENBQUMsS0FBSyxDQUFDLFlBQVksRUFBRSxhQUFhLENBQUMsQ0FBQTtRQUN0RSxDQUFDO1FBQ0QsTUFBTSxLQUFLLENBQUE7SUFDYixDQUFDO0FBRUgsQ0FBQyxDQUFBO0FBN0NZLFFBQUEsSUFBSSxRQTZDaEIifQ==

package/.medusa/server/src/api/auth/[actor_type]/otp/verify/validators.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PostAuthActorTypeOtpVerifySchema = void 0;
+const zod_1 = require("zod");
+exports.PostAuthActorTypeOtpVerifySchema = zod_1.z.object({
+    identifier: zod_1.z.string().min(1),
+    otp: zod_1.z.string().min(1),
+});
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidmFsaWRhdG9ycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uLy4uLy4uL3NyYy9hcGkvYXV0aC9bYWN0b3JfdHlwZV0vb3RwL3ZlcmlmeS92YWxpZGF0b3JzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZCQUF1QjtBQUdWLFFBQUEsZ0NBQWdDLEdBQUcsT0FBQyxDQUFDLE1BQU0sQ0FBQztJQUN2RCxVQUFVLEVBQUUsT0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7SUFDN0IsR0FBRyxFQUFFLE9BQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO0NBQ3ZCLENBQUMsQ0FBQSJ9

package/.medusa/server/src/api/middlewares.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const http_1 = require("@medusajs/framework/http");
+const validators_1 = require("./auth/[actor_type]/otp/generate/validators");
+const validators_2 = require("./auth/[actor_type]/otp/verify/validators");
+const validators_3 = require("./auth/[actor_type]/otp/pre-register/validators");
+exports.default = (0, http_1.defineMiddlewares)({
+    routes: [
+        {
+            matcher: "/auth/:actor_type/otp/generate",
+            method: "POST",
+            middlewares: [
+                (0, http_1.validateAndTransformBody)(validators_1.PostAuthActorTypeOtpGenerateSchema),
+            ],
+        },
+        {
+            matcher: "/auth/:actor_type/otp/verify",
+            method: "POST",
+            middlewares: [
+                (0, http_1.validateAndTransformBody)(validators_2.PostAuthActorTypeOtpVerifySchema),
+            ],
+        },
+        {
+            matcher: "/auth/:actor_type/otp/pre-register",
+            method: "POST",
+            middlewares: [
+                (0, http_1.validateAndTransformBody)(validators_3.PostAuthActorTypeOtpPreRegisterSchema),
+            ],
+        },
+    ],
+});
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWlkZGxld2FyZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYXBpL21pZGRsZXdhcmVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsbURBR2lDO0FBQ2pDLDRFQUFnRztBQUNoRywwRUFBNEY7QUFDNUYsZ0ZBQXVHO0FBRXZHLGtCQUFlLElBQUEsd0JBQWlCLEVBQUM7SUFDL0IsTUFBTSxFQUFFO1FBQ047WUFDRSxPQUFPLEVBQUUsZ0NBQWdDO1lBQ3pDLE1BQU0sRUFBRSxNQUFNO1lBQ2QsV0FBVyxFQUFFO2dCQUNYLElBQUEsK0JBQXdCLEVBQUMsK0NBQWtDLENBQUM7YUFDN0Q7U0FDRjtRQUNEO1lBQ0UsT0FBTyxFQUFFLDhCQUE4QjtZQUN2QyxNQUFNLEVBQUUsTUFBTTtZQUNkLFdBQVcsRUFBRTtnQkFDWCxJQUFBLCtCQUF3QixFQUFDLDZDQUFnQyxDQUFDO2FBQzNEO1NBQ0Y7UUFDRDtZQUNFLE9BQU8sRUFBRSxvQ0FBb0M7WUFDN0MsTUFBTSxFQUFFLE1BQU07WUFDZCxXQUFXLEVBQUU7Z0JBQ1gsSUFBQSwrQkFBd0IsRUFBQyxrREFBcUMsQ0FBQzthQUNoRTtTQUNGO0tBQ0Y7Q0FDRixDQUFDLENBQUEifQ==

package/.medusa/server/src/providers/otp/index.d.ts

@@ -0,0 +1,2 @@
+declare const _default: import("@medusajs/types").ModuleProviderExports;
+export default _default;

package/.medusa/server/src/providers/otp/index.js

@@ -0,0 +1,12 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const otp_1 = __importDefault(require("./services/otp"));
+const utils_1 = require("@medusajs/framework/utils");
+const services = [otp_1.default];
+exports.default = (0, utils_1.ModuleProvider)(utils_1.Modules.AUTH, {
+    services
+});
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9zcmMvcHJvdmlkZXJzL290cC9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLHlEQUFtRDtBQUNuRCxxREFHa0M7QUFFbEMsTUFBTSxRQUFRLEdBQUcsQ0FBQyxhQUFzQixDQUFDLENBQUE7QUFFekMsa0JBQWUsSUFBQSxzQkFBYyxFQUFDLGVBQU8sQ0FBQyxJQUFJLEVBQUU7SUFDMUMsUUFBUTtDQUNULENBQUMsQ0FBQSJ9

package/.medusa/server/src/providers/otp/services/otp.d.ts

@@ -0,0 +1,17 @@
+import { AuthenticationInput, AuthIdentityProviderService, AuthenticationResponse, ICacheService, Logger } from "@medusajs/framework/types";
+import { AbstractAuthModuleProvider, ContainerRegistrationKeys, Modules } from "@medusajs/framework/utils";
+type InjectedDependencies = {
+    [Modules.CACHE]: ICacheService;
+    [ContainerRegistrationKeys.LOGGER]: Logger;
+};
+export declare const OTP_RETURN_KEY = "otp_generated";
+export declare const RECENTLY_REGISTERED_KEY = "recently_registered";
+export declare class OtpAuthProviderService extends AbstractAuthModuleProvider {
+    static identifier: string;
+    protected cacheService_: ICacheService;
+    protected logger_: Logger;
+    constructor(container: InjectedDependencies);
+    authenticate(data: AuthenticationInput, authIdentityProviderService: AuthIdentityProviderService): Promise<AuthenticationResponse>;
+    register(data: AuthenticationInput, authIdentityProviderService: AuthIdentityProviderService): Promise<AuthenticationResponse>;
+}
+export default OtpAuthProviderService;

package/.medusa/server/src/providers/otp/services/otp.js

@@ -0,0 +1,130 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OtpAuthProviderService = exports.RECENTLY_REGISTERED_KEY = exports.OTP_RETURN_KEY = void 0;
+const utils_1 = require("@medusajs/framework/utils");
+exports.OTP_RETURN_KEY = "otp_generated";
+// Special key used to store recently registered identifiers for direct authentication
+exports.RECENTLY_REGISTERED_KEY = "recently_registered";
+class OtpAuthProviderService extends utils_1.AbstractAuthModuleProvider {
+    constructor(container) {
+        super();
+        this.cacheService_ = container[utils_1.Modules.CACHE];
+        this.logger_ = container[utils_1.ContainerRegistrationKeys.LOGGER];
+    }
+    async authenticate(data, authIdentityProviderService) {
+        if (!(0, utils_1.isDefined)(data.body?.identifier)) {
+            return {
+                success: false,
+                error: "Identifier is required"
+            };
+        }
+        const identifier = data.body.identifier;
+        try {
+            // Check if this is a recently registered user (within the TTL window)
+            const isRecentlyRegistered = await this.cacheService_.get(`${exports.RECENTLY_REGISTERED_KEY}:${identifier}:${data.body.otp}`);
+            if (isRecentlyRegistered === "true") {
+                // If recently registered, allow direct authentication without OTP
+                try {
+                    const authIdentity = await authIdentityProviderService.retrieve({
+                        entity_id: identifier,
+                    });
+                    await this.cacheService_.invalidate(`${exports.RECENTLY_REGISTERED_KEY}:${identifier}`);
+                    return {
+                        success: true,
+                        authIdentity
+                    };
+                }
+                catch (error) {
+                    return {
+                        success: false,
+                        error: "Authentication failed"
+                    };
+                }
+            }
+            // If not recently registered and no OTP provided, we need to generate a new OTP
+            if (!(0, utils_1.isDefined)(data.body?.otp)) {
+                return {
+                    success: false,
+                    error: "OTP is required for authentication"
+                };
+            }
+            // Verify the OTP
+            const otp = await this.cacheService_.get(`otp:${identifier}`);
+            if (otp !== data.body.otp) {
+                return {
+                    success: false,
+                    error: "Invalid OTP"
+                };
+            }
+            // OTP is valid, retrieve the auth identity
+            const authIdentity = await authIdentityProviderService.retrieve({
+                entity_id: identifier,
+            });
+            return {
+                success: true,
+                authIdentity
+            };
+        }
+        catch (error) {
+            this.logger_.error(error);
+            return {
+                success: false,
+                error: "Authentication failed"
+            };
+        }
+    }
+    async register(data, authIdentityProviderService) {
+        if (!(0, utils_1.isDefined)(data.body?.identifier)) {
+            return {
+                success: false,
+                error: "Identifier is required"
+            };
+        }
+        if (!(0, utils_1.isDefined)(data.body?.otp)) {
+            return {
+                success: false,
+                error: "OTP is required"
+            };
+        }
+        const otp = await this.cacheService_.get(`otp:pre-register:${data.body.identifier}`);
+        if (otp !== data.body.otp) {
+            return {
+                success: false,
+                error: "Invalid OTP"
+            };
+        }
+        let authIdentity;
+        try {
+            authIdentity = await authIdentityProviderService.retrieve({
+                entity_id: data.body.identifier,
+            });
+        }
+        catch (error) {
+            if (!(error instanceof utils_1.MedusaError))
+                return { success: false, error: JSON.stringify(error) };
+            if (error.type !== utils_1.MedusaError.Types.NOT_FOUND)
+                return { success: false, error: error.message };
+            // If the identity is not found, we create it
+            authIdentity = await authIdentityProviderService.create({
+                entity_id: data.body.identifier
+            });
+        }
+        if (!authIdentity) {
+            return {
+                success: false,
+                error: "Failed to create identity"
+            };
+        }
+        const REGISTER_TTL = 60; // seconds
+        // Mark this identifier as recently registered to allow direct one time authentication
+        await this.cacheService_.set(`${exports.RECENTLY_REGISTERED_KEY}:${data.body.identifier}:${otp}`, "true", REGISTER_TTL);
+        return {
+            success: true,
+            authIdentity
+        };
+    }
+}
+exports.OtpAuthProviderService = OtpAuthProviderService;
+OtpAuthProviderService.identifier = "otp";
+exports.default = OtpAuthProviderService;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3RwLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vc3JjL3Byb3ZpZGVycy9vdHAvc2VydmljZXMvb3RwLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHFEQUFrSTtBQU9ySCxRQUFBLGNBQWMsR0FBRyxlQUFlLENBQUE7QUFDN0Msc0ZBQXNGO0FBQ3pFLFFBQUEsdUJBQXVCLEdBQUcscUJBQXFCLENBQUE7QUFFNUQsTUFBYSxzQkFBdUIsU0FBUSxrQ0FBMEI7SUFNcEUsWUFBWSxTQUErQjtRQUN6QyxLQUFLLEVBQUUsQ0FBQTtRQUNQLElBQUksQ0FBQyxhQUFhLEdBQUcsU0FBUyxDQUFDLGVBQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQTtRQUM3QyxJQUFJLENBQUMsT0FBTyxHQUFHLFNBQVMsQ0FBQyxpQ0FBeUIsQ0FBQyxNQUFNLENBQUMsQ0FBQTtJQUM1RCxDQUFDO0lBRUQsS0FBSyxDQUFDLFlBQVksQ0FDaEIsSUFBeUIsRUFDekIsMkJBQXdEO1FBRXhELElBQUksQ0FBQyxJQUFBLGlCQUFTLEVBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxVQUFVLENBQUMsRUFBRSxDQUFDO1lBQ3RDLE9BQU87Z0JBQ0wsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsS0FBSyxFQUFFLHdCQUF3QjthQUNoQyxDQUFBO1FBQ0gsQ0FBQztRQUVELE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFLLENBQUMsVUFBVSxDQUFBO1FBRXhDLElBQUksQ0FBQztZQUNILHNFQUFzRTtZQUN0RSxNQUFNLG9CQUFvQixHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FBQyxHQUFHLENBQUMsR0FBRywrQkFBdUIsSUFBSSxVQUFVLElBQUksSUFBSSxDQUFDLElBQUssQ0FBQyxHQUFHLEVBQUUsQ0FBQyxDQUFBO1lBRXZILElBQUksb0JBQW9CLEtBQUssTUFBTSxFQUFFLENBQUM7Z0JBQ3BDLGtFQUFrRTtnQkFDbEUsSUFBSSxDQUFDO29CQUNILE1BQU0sWUFBWSxHQUFHLE1BQU0sMkJBQTJCLENBQUMsUUFBUSxDQUFDO3dCQUM5RCxTQUFTLEVBQUUsVUFBVTtxQkFDdEIsQ0FBQyxDQUFBO29CQUVGLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FBQyxVQUFVLENBQUMsR0FBRywrQkFBdUIsSUFBSSxVQUFVLEVBQUUsQ0FBQyxDQUFBO29CQUUvRSxPQUFPO3dCQUNMLE9BQU8sRUFBRSxJQUFJO3dCQUNiLFlBQVk7cUJBQ2IsQ0FBQTtnQkFDSCxDQUFDO2dCQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7b0JBQ2YsT0FBTzt3QkFDTCxPQUFPLEVBQUUsS0FBSzt3QkFDZCxLQUFLLEVBQUUsdUJBQXVCO3FCQUMvQixDQUFBO2dCQUNILENBQUM7WUFDSCxDQUFDO1lBRUQsZ0ZBQWdGO1lBQ2hGLElBQUksQ0FBQyxJQUFBLGlCQUFTLEVBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUMvQixPQUFPO29CQUNMLE9BQU8sRUFBRSxLQUFLO29CQUNkLEtBQUssRUFBRSxvQ0FBb0M7aUJBQzVDLENBQUE7WUFDSCxDQUFDO1lBRUQsaUJBQWlCO1lBQ2pCLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FBQyxHQUFHLENBQUMsT0FBTyxVQUFVLEVBQUUsQ0FBQyxDQUFBO1lBRTdELElBQUksR0FBRyxLQUFLLElBQUksQ0FBQyxJQUFLLENBQUMsR0FBRyxFQUFFLENBQUM7Z0JBQzNCLE9BQU87b0JBQ0wsT0FBTyxFQUFFLEtBQUs7b0JBQ2QsS0FBSyxFQUFFLGFBQWE7aUJBQ3JCLENBQUE7WUFDSCxDQUFDO1lBRUQsMkNBQTJDO1lBQzNDLE1BQU0sWUFBWSxHQUFHLE1BQU0sMkJBQTJCLENBQUMsUUFBUSxDQUFDO2dCQUM5RCxTQUFTLEVBQUUsVUFBVTthQUN0QixDQUFDLENBQUE7WUFFRixPQUFPO2dCQUNMLE9BQU8sRUFBRSxJQUFJO2dCQUNiLFlBQVk7YUFDYixDQUFBO1FBQ0gsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixJQUFJLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQTtZQUN6QixPQUFPO2dCQUNMLE9BQU8sRUFBRSxLQUFLO2dCQUNkLEtBQUssRUFBRSx1QkFBdUI7YUFDL0IsQ0FBQTtRQUNILENBQUM7SUFDSCxDQUFDO0lBRUQsS0FBSyxDQUFDLFFBQVEsQ0FDWixJQUF5QixFQUN6QiwyQkFBd0Q7UUFFeEQsSUFBSSxDQUFDLElBQUEsaUJBQVMsRUFBQyxJQUFJLENBQUMsSUFBSSxFQUFFLFVBQVUsQ0FBQyxFQUFFLENBQUM7WUFDdEMsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxLQUFLLEVBQUUsd0JBQXdCO2FBQ2hDLENBQUE7UUFDSCxDQUFDO1FBRUQsSUFBSSxDQUFDLElBQUEsaUJBQVMsRUFBQyxJQUFJLENBQUMsSUFBSSxFQUFFLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDL0IsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxLQUFLLEVBQUUsaUJBQWlCO2FBQ3pCLENBQUE7UUFDSCxDQUFDO1FBRUQsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLEdBQUcsQ0FBQyxvQkFBb0IsSUFBSSxDQUFDLElBQUssQ0FBQyxVQUFVLEVBQUUsQ0FBQyxDQUFBO1FBRXJGLElBQUksR0FBRyxLQUFLLElBQUksQ0FBQyxJQUFLLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDM0IsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxLQUFLLEVBQUUsYUFBYTthQUNyQixDQUFBO1FBQ0gsQ0FBQztRQUVELElBQUksWUFBeUMsQ0FBQTtRQUM3QyxJQUFJLENBQUM7WUFDSCxZQUFZLEdBQUcsTUFBTSwyQkFBMkIsQ0FBQyxRQUFRLENBQUM7Z0JBQ3hELFNBQVMsRUFBRSxJQUFJLENBQUMsSUFBSyxDQUFDLFVBQVU7YUFDakMsQ0FBQyxDQUFBO1FBQ0osQ0FBQztRQUFDLE9BQU8sS0FBYyxFQUFFLENBQUM7WUFDeEIsSUFBSSxDQUFDLENBQUMsS0FBSyxZQUFZLG1CQUFXLENBQUM7Z0JBQUUsT0FBTyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsS0FBSyxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQTtZQUU1RixJQUFJLEtBQUssQ0FBQyxJQUFJLEtBQUssbUJBQVcsQ0FBQyxLQUFLLENBQUMsU0FBUztnQkFBRSxPQUFPLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxLQUFLLEVBQUUsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFBO1lBRS9GLDZDQUE2QztZQUM3QyxZQUFZLEdBQUcsTUFBTSwyQkFBMkIsQ0FBQyxNQUFNLENBQUM7Z0JBQ3RELFNBQVMsRUFBRSxJQUFJLENBQUMsSUFBSyxDQUFDLFVBQVU7YUFDakMsQ0FBQyxDQUFBO1FBQ0osQ0FBQztRQUVELElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUNsQixPQUFPO2dCQUNMLE9BQU8sRUFBRSxLQUFLO2dCQUNkLEtBQUssRUFBRSwyQkFBMkI7YUFDbkMsQ0FBQTtRQUNILENBQUM7UUFFRCxNQUFNLFlBQVksR0FBRyxFQUFFLENBQUEsQ0FBQyxVQUFVO1FBQ2xDLHNGQUFzRjtRQUN0RixNQUFNLElBQUksQ0FBQyxhQUFhLENBQUMsR0FBRyxDQUFDLEdBQUcsK0JBQXVCLElBQUksSUFBSSxDQUFDLElBQUssQ0FBQyxVQUFVLElBQUksR0FBRyxFQUFFLEVBQUUsTUFBTSxFQUFFLFlBQVksQ0FBQyxDQUFBO1FBRWhILE9BQU87WUFDTCxPQUFPLEVBQUUsSUFBSTtZQUNiLFlBQVk7U0FDYixDQUFBO0lBQ0gsQ0FBQzs7QUFoSkgsd0RBaUpDO0FBaEpRLGlDQUFVLEdBQUcsS0FBSyxDQUFBO0FBa0ozQixrQkFBZSxzQkFBc0IsQ0FBQSJ9

package/.medusa/server/src/types/index.d.ts

@@ -0,0 +1,111 @@
+/**
+ * Configuration options for the OTP authentication plugin.
+ *
+ * @property {number} digits - The number of digits the OTP should have. Default is 6.
+ *
+ * @property {number} ttl - The time-to-live of the OTP in seconds. Default is 300 (5 minutes).
+ *
+ * @property {Object} accessorsPerActor - Maps actor types (e.g., 'customer', 'user') to their identifier accessors.
+ *   This configuration tells the OTP system how to find and identify different types of actors in your system.
+ *   Only used when `mode` is `secondary`, as the `main` mode will create a new auth identity regardless of the identifier.
+ *
+ *   For example, if you want customers to authenticate using their phone number instead of email:
+ *   ```
+ *   {
+ *     customer: {
+ *       accessor: 'phone',       // Will look up customers by their phone field
+ *       entityIdAccessor: 'email'   // Will look up for an AuthIdentity with the customer's email as the `entity_id`
+ *     }
+ *   }
+ *   ```
+ *
+ * You can also use an array of accessors to look up an actor by multiple fields.
+ * For example, if you want to look up a customer by multiple fields:
+ *   ```
+ *   {
+ *     customer: { accessor: ['phone', 'email'], entityIdAccessor: 'id' }
+ *   }
+ *   ```
+ *
+ *   The `accessor` defines which field to use when looking up an actor by the provided identifier.
+ *   For example, with `accessor: 'phone'`, the system will check `customer.phone` to find matching customers.
+ *
+ *   The `entityIdAccessor` defines which field to use as the entity ID when looking up
+ *   an AuthIdentity.
+ *
+ *   When using the `emailpass` auth provider for example, the `entityIdAccessor` will be the `email` field.
+ *   This is because the `emailpass` auth provider uses the `email` field when creating an auth identity.
+ *
+ *   Default is: { customer: { accessor: 'email', entityIdAccessor: 'id' }, user: { accessor: 'email', entityIdAccessor: 'id' } }
+ */
+export type OtpOptions = {
+    /** The number of digits the OTP should have. @default 6 */
+    digits: number;
+    /** The time to live of the OTP in seconds. @default 60 * 5 (5 minutes) */
+    ttl: number;
+    /**
+     * Maps actor types to their identifier accessors for authentication.
+     * This tells the system which fields to use when looking up actors and creating auth identities.
+     *
+     * Only used when `mode` is `secondary`, as the `main` mode will create a new auth identity
+     * regardless of the identifier value passed.
+     *
+     * @example
+     * // Allow customers to authenticate using phone numbers:
+     * {
+     *   customer: {
+     *     accessor: 'phone',       // Will look up customers by their phone field
+     *     entityIdAccessor: 'email'   // Will look up for an AuthIdentity with the customer's email as the `entity_id`
+     *   }
+     * }
+     *
+     * @default { customer: { accessor: 'email', entityIdAccessor: 'id' }, user: { accessor: 'email', entityIdAccessor: 'id' } }
+     */
+    accessorsPerActor?: {
+        [actorType: string]: {
+            /**
+             * The field name used to look up an actor by the provided identifier.
+             * For example, with `accessor: 'phone'`, the system will check `customer.phone` to find matching customers.
+             *
+             * @example
+             * accessor: 'phone' // Will use the `phone` column of the actor as the identifier
+             * accessor: ['phone', 'email'] // Will use the `phone` or `email` column of the actor as the identifier
+             */
+            accessor: string | string[];
+            /**
+             * The field name used to get the entity ID when looking up an AuthIdentity.
+             *
+             * @example
+             * entityIdAccessor: 'email' // Will use the `email` column of the actor as the entity ID in AuthIdentity
+             */
+            entityIdAccessor: string;
+        };
+    };
+    http?: {
+        /**
+         * Controls how errors are handled in HTTP responses when generating OTPs.
+         *
+         * @property {boolean} alwaysReturnSuccess - When true, always returns a success response regardless of errors
+         * to prevent data leakage. When false, actual errors will be returned in the response.
+         * @default true
+         *
+         * @property {boolean} throwOnError - When true, throws errors that occur during OTP generation.
+         * When false, errors are caught and handled according to alwaysReturnSuccess.
+         * @default false
+         */
+        alwaysReturnSuccess?: boolean;
+        /**
+         * When true, logs a warning when an error occurs during OTP generation.
+         * @default true
+         */
+        warnOnError?: boolean;
+    };
+};
+export declare enum Events {
+    OTP_GENERATED = "otp.generated",
+    PRE_REGISTER_OTP_GENERATED = "pre-register.otp.generated"
+}
+export type OtpGeneratedEvent = {
+    identifier: string;
+    otp: string;
+};

package/.medusa/server/src/types/index.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Events = void 0;
+var Events;
+(function (Events) {
+    Events["OTP_GENERATED"] = "otp.generated";
+    Events["PRE_REGISTER_OTP_GENERATED"] = "pre-register.otp.generated";
+})(Events || (exports.Events = Events = {}));
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvdHlwZXMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBMkdBLElBQVksTUFHWDtBQUhELFdBQVksTUFBTTtJQUNoQix5Q0FBK0IsQ0FBQTtJQUMvQixtRUFBeUQsQ0FBQTtBQUMzRCxDQUFDLEVBSFcsTUFBTSxzQkFBTixNQUFNLFFBR2pCIn0=

package/.medusa/server/src/utils/get-plugin-options.d.ts

@@ -0,0 +1,20 @@
+import { type ConfigModule } from "@medusajs/framework";
+/**
+ * Get the options for the OTP plugin
+ * @param configModule The config module
+ * @returns The options for the OTP plugin based on the default options and the options from the plugin
+ */
+export default function getPluginOptions(configModule: ConfigModule): {
+    accessorsPerActor: {
+        [x: string]: {
+            accessor: string | string[];
+            entityIdAccessor: string;
+        };
+    };
+    http: {
+        alwaysReturnSuccess?: boolean;
+        warnOnError?: boolean;
+    };
+    digits: number;
+    ttl: number;
+};

package/.medusa/server/src/utils/get-plugin-options.js

@@ -0,0 +1,31 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = getPluginOptions;
+const otp_1 = __importDefault(require("./otp"));
+/**
+ * Get the options for the OTP plugin
+ * @param configModule The config module
+ * @returns The options for the OTP plugin based on the default options and the options from the plugin
+ */
+function getPluginOptions(configModule) {
+    const isPluginWithOptions = (plugin) => {
+        return typeof plugin === 'object' && "resolve" in plugin && "options" in plugin;
+    };
+    const pluginOptions = configModule.plugins.filter(isPluginWithOptions).find((plugin) => plugin.resolve.includes('@perseidesjs/auth-otp'))?.options;
+    return {
+        ...otp_1.default.DEFAULT_OPTIONS,
+        ...pluginOptions,
+        accessorsPerActor: {
+            ...otp_1.default.DEFAULT_OPTIONS.accessorsPerActor,
+            ...pluginOptions?.accessorsPerActor
+        },
+        http: {
+            ...otp_1.default.DEFAULT_OPTIONS.http,
+            ...pluginOptions?.http
+        }
+    };
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ2V0LXBsdWdpbi1vcHRpb25zLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL3V0aWxzL2dldC1wbHVnaW4tb3B0aW9ucy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQVNBLG1DQW1CQztBQTFCRCxnREFBNkI7QUFFN0I7Ozs7R0FJRztBQUNILFNBQXdCLGdCQUFnQixDQUFDLFlBQTBCO0lBQ2pFLE1BQU0sbUJBQW1CLEdBQUcsQ0FBQyxNQUFXLEVBQW1FLEVBQUU7UUFDM0csT0FBTyxPQUFPLE1BQU0sS0FBSyxRQUFRLElBQUksU0FBUyxJQUFJLE1BQU0sSUFBSSxTQUFTLElBQUksTUFBTSxDQUFBO0lBQ2pGLENBQUMsQ0FBQTtJQUVELE1BQU0sYUFBYSxHQUFHLFlBQVksQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLG1CQUFtQixDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyx1QkFBdUIsQ0FBQyxDQUFDLEVBQUUsT0FBaUMsQ0FBQTtJQUU1SyxPQUFPO1FBQ0wsR0FBRyxhQUFRLENBQUMsZUFBZTtRQUMzQixHQUFHLGFBQWE7UUFDaEIsaUJBQWlCLEVBQUU7WUFDakIsR0FBRyxhQUFRLENBQUMsZUFBZSxDQUFDLGlCQUFpQjtZQUM3QyxHQUFHLGFBQWEsRUFBRSxpQkFBaUI7U0FDcEM7UUFDRCxJQUFJLEVBQUU7WUFDSixHQUFHLGFBQVEsQ0FBQyxlQUFlLENBQUMsSUFBSTtZQUNoQyxHQUFHLGFBQWEsRUFBRSxJQUFJO1NBQ3ZCO0tBQ0YsQ0FBQTtBQUNILENBQUMifQ==

package/.medusa/server/src/utils/otp.d.ts

@@ -0,0 +1,14 @@
+import { OtpOptions } from '../types';
+/**
+ * Static utility class for OTP operations
+ */
+export declare class OtpUtils {
+    static DEFAULT_OPTIONS: OtpOptions;
+    /**
+     * Generate a random numeric OTP of specified length
+     * @param digits The number of digits the OTP should have
+     * @returns {string} The OTP
+     */
+    static generateRandomOTP(digits: number): string;
+}
+export default OtpUtils;

package/.medusa/server/src/utils/otp.js

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OtpUtils = void 0;
+const node_crypto_1 = require("node:crypto");
+/**
+ * Static utility class for OTP operations
+ */
+class OtpUtils {
+    /**
+     * Generate a random numeric OTP of specified length
+     * @param digits The number of digits the OTP should have
+     * @returns {string} The OTP
+     */
+    static generateRandomOTP(digits) {
+        const timeStep = 30;
+        const secret = (0, node_crypto_1.randomBytes)(32).toString('hex');
+        const time = Math.floor(Date.now() / 1000 / timeStep);
+        const hmac = (0, node_crypto_1.createHmac)('sha1', Buffer.from(secret, 'hex'));
+        hmac.update(Buffer.from(time.toString(), 'utf-8'));
+        const hmacResult = hmac.digest();
+        const offset = hmacResult[hmacResult.length - 1] & 0xf;
+        const binary = ((hmacResult[offset] & 0x7f) << 24) |
+            ((hmacResult[offset + 1] & 0xff) << 16) |
+            ((hmacResult[offset + 2] & 0xff) << 8) |
+            (hmacResult[offset + 3] & 0xff);
+        return (binary % Math.pow(10, digits)).toString().padStart(digits, '0');
+    }
+}
+exports.OtpUtils = OtpUtils;
+OtpUtils.DEFAULT_OPTIONS = {
+    digits: 6, // 6 digits
+    ttl: 60 * 5, // 5 minutes
+    accessorsPerActor: {
+        customer: { accessor: 'email', entityIdAccessor: 'email' },
+        user: { accessor: 'email', entityIdAccessor: 'email' }
+    },
+    http: {
+        alwaysReturnSuccess: true, // Always return success to prevent data leakage
+        warnOnError: true // Warn when an error occurs during OTP generation
+    }
+};
+exports.default = OtpUtils;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3RwLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL3V0aWxzL290cC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBcUQ7QUFHckQ7O0dBRUc7QUFDSCxNQUFhLFFBQVE7SUFjbkI7Ozs7T0FJRztJQUNILE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxNQUFjO1FBQ3JDLE1BQU0sUUFBUSxHQUFHLEVBQUUsQ0FBQTtRQUNuQixNQUFNLE1BQU0sR0FBRyxJQUFBLHlCQUFXLEVBQUMsRUFBRSxDQUFDLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFBO1FBQzlDLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLEdBQUcsRUFBRSxHQUFHLElBQUksR0FBRyxRQUFRLENBQUMsQ0FBQTtRQUVyRCxNQUFNLElBQUksR0FBRyxJQUFBLHdCQUFVLEVBQUMsTUFBTSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLEtBQUssQ0FBQyxDQUFDLENBQUE7UUFDM0QsSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsRUFBRSxPQUFPLENBQUMsQ0FBQyxDQUFBO1FBQ2xELE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQTtRQUVoQyxNQUFNLE1BQU0sR0FBRyxVQUFVLENBQUMsVUFBVSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsR0FBRyxHQUFHLENBQUE7UUFDdEQsTUFBTSxNQUFNLEdBQ1YsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUMsR0FBRyxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDbkMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLEdBQUcsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ3ZDLENBQUMsQ0FBQyxVQUFVLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUN0QyxDQUFDLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLEdBQUcsSUFBSSxDQUFDLENBQUE7UUFFakMsT0FBTyxDQUFDLE1BQU0sR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsRUFBRSxNQUFNLENBQUMsQ0FBQyxDQUFDLFFBQVEsRUFBRSxDQUFDLFFBQVEsQ0FBQyxNQUFNLEVBQUUsR0FBRyxDQUFDLENBQUE7SUFDekUsQ0FBQzs7QUFwQ0gsNEJBcUNDO0FBcENRLHdCQUFlLEdBQWU7SUFDbkMsTUFBTSxFQUFFLENBQUMsRUFBRSxXQUFXO0lBQ3RCLEdBQUcsRUFBRSxFQUFFLEdBQUcsQ0FBQyxFQUFFLFlBQVk7SUFDekIsaUJBQWlCLEVBQUU7UUFDakIsUUFBUSxFQUFFLEVBQUUsUUFBUSxFQUFFLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxPQUFPLEVBQUU7UUFDMUQsSUFBSSxFQUFFLEVBQUUsUUFBUSxFQUFFLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxPQUFPLEVBQUU7S0FDdkQ7SUFDRCxJQUFJLEVBQUU7UUFDSixtQkFBbUIsRUFBRSxJQUFJLEVBQUUsZ0RBQWdEO1FBQzNFLFdBQVcsRUFBRSxJQUFJLENBQUMsa0RBQWtEO0tBQ3JFO0NBQ0YsQ0FBQTtBQTJCSCxrQkFBZSxRQUFRLENBQUEifQ==

package/.medusa/server/src/workflows/generate-otp.d.ts

@@ -0,0 +1,16 @@
+import { OtpOptions } from "../types";
+/**
+ * Generates an OTP for a given identifier and actor type.
+ *
+ * @param input - The input for the workflow.
+ * @param input.identifier - The identifier of the actor to generate the OTP for.
+ * @param input.actorType - The type of actor to generate the OTP for.
+ * @param input.accessorsPerActor - The accessors per actor to use for the workflow.
+ *
+ */
+declare const generateOtpWorkflow: import("@medusajs/framework/workflows-sdk").ReturnWorkflow<{
+    identifier: string;
+    actorType: string;
+    accessorsPerActor: Required<OtpOptions>["accessorsPerActor"][string];
+}, "OK", []>;
+export default generateOtpWorkflow;