Created
January 12, 2022 05:25
-
-
Save rishabhpoddar/6fe2b98ac1e09aafcba4a7307027097e to your computer and use it in GitHub Desktop.
Email password lockout functionality
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
EmailPassword.init({ | |
override: { | |
functions: (oI) => { | |
return { | |
...oI, | |
signIn: async function (input) { | |
let email = input.email; | |
if (await isLockedOut(email)) { | |
return { | |
status: "WRONG_CREDENTIALS_ERROR" | |
}; | |
// OR | |
// You can even throw an error here and catch it in your error handler and | |
// return a custom response to the frontend. | |
} | |
let response = await oI.signIn(input); | |
if (response.status === "OK") { | |
// sign in successful... | |
await clearLoginAttemptCount(email); | |
} else { | |
// wrong credentials, so we should increment the attempts | |
let currentLoginAttemptCount = await getLoginAttemptCount(email); | |
currentLoginAttemptCount++; | |
if (currentLoginAttemptCount >= 5) { | |
await lockOutEmail(email); | |
} else { | |
await setLoginAttemptCount(email, currentLoginAttemptCount); | |
} | |
} | |
return response; | |
} | |
} | |
} | |
} | |
}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment