Add method to verify OTP received via email (#620)

* Add method to verify OTP sent to email * Use only `email` property in `verifyEmailCode` method
auth0 · May 17, 2021 · 71f4dd0 · 71f4dd0
1 parent 8713a17
commit 71f4dd0
Show file tree

Hide file tree

Showing 2 changed files with 73 additions and 0 deletions.
diff --git a/src/auth/index.js b/src/auth/index.js
@@ -193,6 +193,57 @@ AuthenticationClient.prototype.requestEmailCode = function(data, cb) {
   return this.passwordless.sendEmail(data, cb);
 };
 
+/**
+ * Verify the given OTP which was sent on the given email.
+ *
+ * @method    verifyEmailCode
+ * @memberOf  module:auth.AuthenticationClient.prototype
+ *
+ * @example <caption>
+ *   Given the user credentials (`email` and `otp`), authenticates
+ *   with the provider using the `/oauth/token` endpoint. Upon successful
+ *   authentication, returns a JSON object containing the `access_token` and
+ *   `id_token`.
+ * </caption>
+ *
+ * var data = {
+ *   email: '{EMAIL}',
+ *   otp: '{VERIFICATION_CODE}'
+ * };
+ *
+ * auth0.verifyEmailCode(data, function (err) {
+ *   if (err) {
+ *     // Handle error.
+ *   }
+ * });
+ *
+ * @example <caption>
+ *   The user data object has the following structure.
+ * </caption>
+ *
+ * {
+ *   id_token: String,
+ *   access_token: String,
+ *   token_type: String
+ * }
+ *
+ * @param   {Object}    data              Credentials object.
+ * @param   {String}    data.email        Email.
+ * @param   {String}    data.otp          Verification code.
+ * @param   {Function}  [cb]              Method callback.
+ *
+ * @return  {Promise|undefined}
+ */
+AuthenticationClient.prototype.verifyEmailCode = function(data, cb) {
+  var translatedData = {
+    username: data.email,
+    realm: 'email',
+    otp: data.otp
+  };
+
+  return this.passwordless.signIn(translatedData, cb);
+};
+
 /**
  * Start passwordless flow sending an SMS.
  *

diff --git a/test/auth/authentication-client.tests.js b/test/auth/authentication-client.tests.js
@@ -221,4 +221,26 @@ describe('AuthenticationClient', function() {
       this.client.verifySMSCode({ phone_number: '123', password: 'code' }, this.callback);
     });
   });
+
+  describe(`verifyEmailCode`, () => {
+    before(function() {
+      this.client = new AuthenticationClient({ token: 'token', domain: 'auth0.com' });
+      this.passwordlessMock = sinon.mock(this.client.passwordless);
+      this.callback = function() {};
+    });
+    it('should call signIn with otp if provided', function() {
+      this.passwordlessMock
+        .expects('signIn')
+        .once()
+        .withExactArgs(
+          {
+            username: '123',
+            realm: 'email',
+            otp: 'code'
+          },
+          this.callback
+        );
+      this.client.verifyEmailCode({ email: '123', otp: 'code' }, this.callback);
+    });
+  });
 });