1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
// app/api/auth/verify-mfa/route.ts
import { NextRequest, NextResponse } from 'next/server';
import { z } from 'zod';
import { getServerSession } from 'next-auth';
import { authOptions } from '@/app/api/auth/[...nextauth]/route';
import { verifySmsToken } from '@/lib/users/auth/passwordUtil';
import { getUserByEmail } from '@/lib/users/repository';
const verifyMfaSchema = z.object({
userId: z.string(),
token: z.string().length(6, '6자리 인증번호를 입력해주세요'),
});
export async function POST(request: NextRequest) {
try {
// 세션 확인
const session = await getServerSession(authOptions);
if (!session?.user?.id) {
return NextResponse.json(
{ error: '인증이 필요합니다' },
{ status: 401 }
);
}
const body = await request.json();
const { userId, token } = verifyMfaSchema.parse(body);
console.log(userId)
// 본인 확인
if (session.user.email !== userId) {
return NextResponse.json(
{ error: '권한이 없습니다' },
{ status: 403 }
);
}
const user = await getUserByEmail(userId);
if (!user || !user.phone) {
return NextResponse.json(
{ error: '전화번호가 등록되지 않았습니다' },
{ status: 400 }
);
}
const userIdfromUsers = user.id
// MFA 토큰 검증
const result = await verifySmsToken(userIdfromUsers, token);
if (result.success) {
return NextResponse.json({
success: true,
message: 'MFA 인증이 완료되었습니다'
});
} else {
return NextResponse.json(
{ error: result.error },
{ status: 400 }
);
}
} catch (error) {
if (error instanceof z.ZodError) {
return NextResponse.json(
{ error: error.errors[0]?.message || '잘못된 요청입니다' },
{ status: 400 }
);
}
console.error('MFA verify API error:', error);
return NextResponse.json(
{ error: '서버 오류가 발생했습니다' },
{ status: 500 }
);
}
}
|
