verify_2fa

koprogo_api::infrastructure::web::handlers::two_factor_handlers

Function verify_2fa 

Source 
pub async fn verify_2fa(
    auth: AuthenticatedUser,
    dto: Json<Verify2FADto>,
    use_cases: Data<Arc<TwoFactorUseCases>>,
) -> HttpResponse
Expand description

Verify 2FA code during login

Validates a TOTP code or backup code during login. This endpoint is called after successful password authentication when 2FA is enabled for the user.

§Security

  • User must be authenticated (pre-2FA session)
  • Accepts 6-digit TOTP code OR 8-character backup code
  • Backup codes are one-time use (removed after verification)
  • Failed attempts are logged and rate-limited

§Request Body

{
  "totp_code": "123456"  // Or backup code like "ABCD-EFGH"
}

§Returns

  • 200 OK: Verification successful
  • 400 Bad Request: Invalid code
  • 401 Unauthorized: Not authenticated
  • 429 Too Many Requests: Rate limit exceeded (3 attempts per 5 min)
  • 500 Internal Server Error: Verification failed