feat: magic links

Author: Bccorb

src/controllers/authentication.ts

@@ -36,7 +36,7 @@ const AUTH_MODE = process.env.AUTH_MODE;
 
 export const login = async (req: Request, res: Response) => {
   // For the initial login step, user either passes in an email or a phone number
-  const { identifier } = req.body;
+  const { identifier, passkeyAvailable } = req.body;
   let user, identifierType;
 
   if (!identifier) {
@@ -142,7 +142,7 @@ export const login = async (req: Request, res: Response) => {
 
     const credential = await Credential.findOne({ where: { userId: user.id } });
 
-    if (!credential) {
+    if (passkeyAvailable && !credential) {
       logger.error(`Login attempt for a verified users, but no passkey. ${identifier}`);
       await AuthEvent.create({
         user_id: user.id,

src/routes/magicLink.ts

@@ -22,7 +22,7 @@ router.get(
   requestMagicLink,
 );
 
-router.get('/poll', attachAuthMiddleware('ephemeral'), pollMagicLinkConfirmation);
+router.get('/check', attachAuthMiddleware('ephemeral'), pollMagicLinkConfirmation);
 router.get('/verify/:token', verifyMagicLink);
 
 export default router;

src/services/messagingService.ts

@@ -25,7 +25,7 @@ export const sendOTPSMS = async (to: string, token: number) => {
 };
 
 export const sendMagicLinkEmail = async (to: string, token: string, safeRedirect: string) => {
-  logger.debug(`Sedning magic link to: ${to}. URL: ${safeRedirect}`);
+  logger.debug(`Sending magic link to: ${to}. URL: ${safeRedirect}`);
 
   if (isDevelopment) {
     return;