Fix EmailAlreadyInUse issues #56
Conversation
| } | ||
| } | ||
|
|
||
| ident, err := authProvider.Verify(ctx, verifCtx, sess.ID, intent.Data.Answer) | ||
| if err != nil { | ||
| return nil, fmt.Errorf("verifying identity: %w", err) | ||
| if verifCtx != nil { |
There was a problem hiding this comment.
typo... verifCtx ... I think call it .. verifyCtx ..?
also, what is the code doing, and why..? it looks like its making multiple attempts to encrypt and update something..? is the underlining service prone to failing / timing out..?
There was a problem hiding this comment.
It's actually short for "verification context" 😄
The whole block comes directly from https://github.com/0xsequence/waas-authenticator/blob/master/rpc/sessions.go#L86.
For context, this is executed whenever the client/user responds with an answer to a challenge (e.g. after inputting code from email OR in commit/reveal flow, when the client provides the revealed auth proof). If we failed answer verification (e.g. incorrect code input by the user) AND if there is an existing verification context (always true for email flow), then we increment the attempts count in the verification context's encrypted data, re-encrypt that data, and store it back in the database.
This lets us keep track of failed attempts and prevent the user from trying every single code combination there is 😄
The one here is the same but for account federation/linking instead of authentication.
There was a problem hiding this comment.
understood :) thanks for explaining, sounds good
No description provided.