2fa work slight refactor

- use existing access mechanisms for validation - adds swagger/schema and validation of incoming payload
2026-01-21 19:25:43 +00:00 · 2026-01-14 11:44:51 +10:00
parent b7dfaddbb1
commit 462c134751
14 changed files with 565 additions and 418 deletions
--- a/backend/routes/tokens.js
+++ b/backend/routes/tokens.js
@@ -66,16 +66,7 @@ router
 	 */
 	.post(async (req, res, next) => {
 		try {
-			const { challenge_token, code } = req.body;
-
-			if (!challenge_token || !code) {
-				return res.status(400).json({
-					error: {
-						message: "Missing challenge_token or code",
-					},
-				});
-			}
-
+			const { challenge_token, code } = await apiValidator(getValidationSchema("/tokens/2fa", "post"), req.body);
 			const result = await internalToken.verify2FA(challenge_token, code);
 			res.status(200).send(result);
 		} catch (err) {