邮箱验证码校验失败时，抛出403错误

2023-03-02 15:16:50 +08:00 · 2023-03-02 15:16:50 +08:00 · faf34c241b
commit faf34c241b
parent 7e5a1c589d
1 changed files with 8 additions and 3 deletions
--- a/src/email/email.service.ts
+++ b/src/email/email.service.ts
@ -68,11 +68,16 @@ export class EmailService {
    return { token, userId: user?.id }
  }

+  // TODO： 邮箱使用缓存而不是jwt来验证正确性和时效性，校验成功后要让验证码失效。set-cookie而不是在body返回？
  async verifyEmailCode(data: EmailVerifycationDto) {
    const { token, verifyCode, email, scene } = data
-    const payload = this.jwtService.verify<EmailSendDto>(token, {
+    const payload = await this.jwtService
+      .verifyAsync<EmailSendDto>(token, {
        secret: this.getEmailJwtSecret(verifyCode, scene),
      })
+      .catch((err) => {
+        throw new ForbiddenException(err.message)
+      })
    if (payload.email !== email || payload.scene !== scene) {
      throw new ForbiddenException('邮箱验证码验证失败')
    }