feat: Trim OTP input and update verification logic in host and user services

2026-02-25 15:56:18 +05:30
parent c4fd797e31
commit 23bbb39af3
3 changed files with 13 additions and 8 deletions
--- a/src/modules/host/services/host.service.ts
+++ b/src/modules/host/services/host.service.ts
@@ -383,7 +383,9 @@ export class HostService {
  }

  async verifyHostOtp(email: string, otp: string): Promise<boolean> {
-    const user = await this.prisma.user.findUnique({
+    const trimmedOtp = (otp || '').toString().trim();
+
+    const user = await this.prisma.user.findFirst({
      where: { emailAddress: email, isActive: true },
      select: {
        id: true,
@@ -410,7 +412,7 @@ export class HostService {
      throw new ApiError(400, 'OTP has expired.');
    }

-    const isMatch = await bcrypt.compare(otp, userOtp.otpCode);
+    const isMatch = await bcrypt.compare(trimmedOtp, userOtp.otpCode);

    if (!isMatch) {
      throw new ApiError(400, 'Invalid OTP.');
--- a/src/modules/minglaradmin/services/minglar.service.ts
+++ b/src/modules/minglaradmin/services/minglar.service.ts
@@ -23,10 +23,9 @@ import {
 import { PaginationOptions } from '@/common/utils/pagination/pagination.types';
 import config from '@/config/config';
 import { Injectable } from '@nestjs/common';
-import { User } from '@prisma/client';
+import { PrismaClient, User } from '@prisma/client';
 import * as bcrypt from 'bcryptjs';
 import { PrismaService } from '../../../common/database/prisma.service';
-import { PrismaClient } from '@prisma/client';
 import ApiError from '../../../common/utils/helper/ApiError';
 import { CreateMinglarDto, UpdateMinglarDto } from '../dto/minglar.dto';
 import { sendAMEmailForHostAssign } from './AMEmail.service';
@@ -154,8 +153,10 @@ export class MinglarService {
  }

  async verifyHostOtp(email: string, otp: string): Promise<boolean> {
-    const user = await this.prisma.user.findUnique({
-      where: { emailAddress: email },
+    const trimmedOtp = (otp || '').toString().trim();
+
+    const user = await this.prisma.user.findFirst({
+      where: { emailAddress: email, isActive: true },
      select: {
        id: true,
        emailAddress: true,
@@ -181,7 +182,7 @@ export class MinglarService {
      throw new ApiError(400, 'OTP has expired.');
    }

-    const isMatch = await bcrypt.compare(otp, userOtp.otpCode);
+    const isMatch = await bcrypt.compare(trimmedOtp, userOtp.otpCode);

    if (!isMatch) {
      throw new ApiError(400, 'Invalid OTP.');
--- a/src/modules/user/services/user.service.ts
+++ b/src/modules/user/services/user.service.ts
@@ -413,6 +413,8 @@ export class UserService {
  }

  async verifyHostOtp(mobileNumber: string, otp: string): Promise<boolean> {
+    const trimmedOtp = (otp || '').toString().trim();
+
    const user = await this.prisma.user.findFirst({
      where: { mobileNumber: mobileNumber, isActive: true },
      select: {
@@ -440,7 +442,7 @@ export class UserService {
      throw new ApiError(400, 'OTP has expired.');
    }

-    const isMatch = await bcrypt.compare(otp, userOtp.otpCode);
+    const isMatch = await bcrypt.compare(trimmedOtp, userOtp.otpCode);

    if (!isMatch) {
      throw new ApiError(400, 'Invalid OTP.');