Add support for OTPs and enhance sensitive apis with OTP verification (#191)

One-Time Password (OTP) package added with comprehensive token management, including OTP verification for team account deletion and ownership transfer.
2025-03-01 16:35:09 +07:00
parent 20f7fd2c22
commit d31f3eb993
60 changed files with 3543 additions and 1363 deletions
--- a/apps/e2e/tests/account/account.spec.ts
+++ b/apps/e2e/tests/account/account.spec.ts
@@ -1,6 +1,7 @@
 import { Page, expect, test } from '@playwright/test';

 import { AccountPageObject } from './account.po';
+import {AuthPageObject} from "../authentication/auth.po";

 test.describe('Account Settings', () => {
  let page: Page;
@@ -51,22 +52,22 @@ test.describe('Account Settings', () => {
 test.describe('Account Deletion', () => {
  test('user can delete their own account', async ({ page }) => {
    const account = new AccountPageObject(page);
+    const auth = new AuthPageObject(page);

-    await account.setup();
+    const { email } = await account.setup();

-    const request = account.deleteAccount();
+    await account.deleteAccount(email);

-    const response = page
-      .waitForResponse((resp) => {
-        return (
-          resp.url().includes('home/settings') &&
-          resp.request().method() === 'POST'
-        );
-      })
-      .then((response) => {
-        expect(response.status()).toBe(303);
-      });
+    await page.waitForURL('/');

-    await Promise.all([request, response]);
+    await page.goto('/auth/sign-in');
+
+    // sign in will now fail
+    await auth.signIn({
+      email,
+      password: 'testingpassword',
+    });
+
+    await expect(page.locator('[data-test="auth-error-message"]')).toBeVisible();
  });
 });