feat: 2fa backup codes#3
Conversation
Co-authored-by: Peer Richelsen <peeroke@gmail.com>
|
Thank you for following the naming conventions! 🙏 |
1 similar comment
|
Thank you for following the naming conventions! 🙏 |
|
cursor review |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Bugbot free trial expires on August 11, 2025
Learn more in the Cursor dashboard.
| import { useLocale } from "@calcom/lib/hooks/useLocale"; | ||
| import { Label, TextField } from "@calcom/ui"; | ||
|
|
||
| export default function TwoFactor({ center = true }) { |
There was a problem hiding this comment.
Bug: Incorrect Default Function Name
The default exported function in apps/web/components/auth/BackupCode.tsx is incorrectly named TwoFactor. It should be BackupCode to match the file name and the component's purpose of handling backup codes. This copy-paste error causes confusion and inconsistency.
Locations (1)
| const backupCodes = JSON.parse(symmetricDecrypt(user.backupCodes, process.env.CALENDSO_ENCRYPTION_KEY)); | ||
|
|
||
| // check if user-supplied code matches one | ||
| const index = backupCodes.indexOf(req.body.backupCode.replaceAll("-", "")); |
There was a problem hiding this comment.
Bug: Case-Sensitive Backup Code Validation
Backup code validation is case-sensitive due to the use of indexOf(). This causes validation to fail if a user enters uppercase hex characters, as backup codes should be case-insensitive for a better user experience. The comparison should convert both the stored codes and user input to lowercase.
Locations (2)
|
This PR is being marked as stale due to inactivity. |
3 participants
Test 3