diff --git a/packages/core/src/routes/verification/index.openapi.json b/packages/core/src/routes/verification/index.openapi.json index 236886ecd..bfaf71ba9 100644 --- a/packages/core/src/routes/verification/index.openapi.json +++ b/packages/core/src/routes/verification/index.openapi.json @@ -29,7 +29,21 @@ }, "responses": { "201": { - "description": "The verification record was created successfully." + "description": "The verification record was created successfully.", + "content": { + "application/json": { + "schema": { + "properties": { + "verificationRecordId": { + "type": "string" + }, + "expiresAt": { + "type": "string" + } + } + } + } + } }, "422": { "description": "The password is invalid." @@ -57,7 +71,21 @@ }, "responses": { "201": { - "description": "The verification code has been successfully sent." + "description": "The verification code has been successfully sent.", + "content": { + "application/json": { + "schema": { + "properties": { + "verificationRecordId": { + "type": "string" + }, + "expiresAt": { + "type": "string" + } + } + } + } + } }, "501": { "description": "The connector for sending the verification code is not configured." diff --git a/packages/core/src/routes/verification/index.ts b/packages/core/src/routes/verification/index.ts index b2f9f2570..88fdf45cc 100644 --- a/packages/core/src/routes/verification/index.ts +++ b/packages/core/src/routes/verification/index.ts @@ -32,7 +32,7 @@ export default function verificationRoutes( '/verifications/password', koaGuard({ body: z.object({ password: z.string().min(1) }), - response: z.object({ verificationRecordId: z.string() }), + response: z.object({ verificationRecordId: z.string(), expiresAt: z.string() }), status: [201, 422], }), async (ctx, next) => { @@ -58,9 +58,12 @@ export default function verificationRoutes( passwordVerification.verify(password) ); - await insertVerificationRecord(passwordVerification, queries, userId); + const { expiresAt } = await insertVerificationRecord(passwordVerification, queries, userId); - ctx.body = { verificationRecordId: passwordVerification.id }; + ctx.body = { + verificationRecordId: passwordVerification.id, + expiresAt: new Date(expiresAt).toISOString(), + }; ctx.status = 201; return next(); @@ -73,7 +76,7 @@ export default function verificationRoutes( body: z.object({ identifier: verificationCodeIdentifierGuard, }), - response: z.object({ verificationRecordId: z.string() }), + response: z.object({ verificationRecordId: z.string(), expiresAt: z.string() }), status: [201, 501], }), async (ctx, next) => { @@ -92,7 +95,7 @@ export default function verificationRoutes( await codeVerification.sendVerificationCode(); - await insertVerificationRecord( + const { expiresAt } = await insertVerificationRecord( codeVerification, queries, // If the identifier is the primary email or phone, the verification record is associated with the user. @@ -102,7 +105,10 @@ export default function verificationRoutes( : undefined ); - ctx.body = { verificationRecordId: codeVerification.id }; + ctx.body = { + verificationRecordId: codeVerification.id, + expiresAt: new Date(expiresAt).toISOString(), + }; ctx.status = 201; return next(); diff --git a/packages/integration-tests/src/api/verification-record.ts b/packages/integration-tests/src/api/verification-record.ts index b4660aef9..29af8f799 100644 --- a/packages/integration-tests/src/api/verification-record.ts +++ b/packages/integration-tests/src/api/verification-record.ts @@ -4,13 +4,14 @@ import { type KyInstance } from 'ky'; import { readConnectorMessage } from '#src/helpers/index.js'; export const createVerificationRecordByPassword = async (api: KyInstance, password: string) => { - const { verificationRecordId } = await api + const { verificationRecordId, expiresAt } = await api .post('api/verifications/password', { json: { password, }, }) - .json<{ verificationRecordId: string }>(); + .json<{ verificationRecordId: string; expiresAt: string }>(); + expect(expiresAt).toBeTruthy(); return verificationRecordId; }; @@ -19,7 +20,7 @@ const createVerificationCode = async ( api: KyInstance, identifier: { type: SignInIdentifier; value: string } ) => { - const { verificationRecordId } = await api + const { verificationRecordId, expiresAt } = await api .post('api/verifications/verification-code', { json: { identifier: { @@ -28,7 +29,8 @@ const createVerificationCode = async ( }, }, }) - .json<{ verificationRecordId: string }>(); + .json<{ verificationRecordId: string; expiresAt: string }>(); + expect(expiresAt).toBeTruthy(); return verificationRecordId; };