qr-menu/src/actions/auth/smsOTP/index.ts

import mongoose from "mongoose";
import {
    User
} from "../../../models/User";
import redis from "../../../config/redis";
import {
    SmsOTPResult,
    SmsOTPInput
} from "./types";

const smsOTP = async (input: SmsOTPInput): Promise<SmsOTPResult> => {
    try {
        const {
            userID,
            code
        } = input;

        if (!mongoose.Types.ObjectId.isValid(userID)) {
            return {
                message: "user-not-found",
                code: 404
            };
        }
        
        const user = await User.findById(userID);
        if (!user) {
            return {
                message: "user-not-found",
                code: 404
            };
        }

        const cachedCode = await redis.get(`sms-verify-${userID}`);
        if (!cachedCode) {
            return {
                message: "exceeded-time-limit-for-request",
                code: 400
            };
        }

        if (cachedCode !== code) {
            return {
                message: "invalid-code",
                code: 400
            };
        }
        
        await User.findByIdAndUpdate(userID, {
            isPhoneVerified: true
        });
        await redis.del(`sms-verify-${userID}`);

        return {
            message: "your-request-has-been-received-we-will-contact-you-shortly",
            code: 200
        };
        
    } catch (error) {
        console.error("smsOTP error:", error);
        return {
            message: "internal-server-error",
            code: 500
        };
    }
};

export default smsOTP;