Pause subscription renewals (#968)

2024-09-24 13:02:19 -07:00
parent edb7e5f323
commit f7d1cd2a4f
2 changed files with 30 additions and 9 deletions
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -259,15 +259,15 @@ pub fn app_setup(
    }

    let stripe_client = stripe::Client::new(dotenvy::var("STRIPE_API_KEY").unwrap());
-    {
-        let pool_ref = pool.clone();
-        let redis_ref = redis_pool.clone();
-        let stripe_client_ref = stripe_client.clone();
-
-        actix_rt::spawn(async move {
-            routes::internal::billing::task(stripe_client_ref, pool_ref, redis_ref).await;
-        });
-    }
+    // {
+    //     let pool_ref = pool.clone();
+    //     let redis_ref = redis_pool.clone();
+    //     let stripe_client_ref = stripe_client.clone();
+    //
+    //     actix_rt::spawn(async move {
+    //         routes::internal::billing::task(stripe_client_ref, pool_ref, redis_ref).await;
+    //     });
+    // }

    let ip_salt = Pepper {
        pepper: models::ids::Base62Id(models::ids::random_base62(11)).to_string(),
--- a/src/routes/internal/flows.rs
+++ b/src/routes/internal/flows.rs
@@ -1628,7 +1628,28 @@ async fn validate_2fa_code(
        .generate_current()
        .map_err(|_| AuthenticationError::InvalidCredentials)?;

+    const TOTP_NAMESPACE: &str = "used_totp";
+    let mut conn = redis.connect().await?;
+
+    // Check if TOTP has already been used
+    if conn
+        .get(TOTP_NAMESPACE, &format!("{}-{}", token, user_id.0))
+        .await?
+        .is_some()
+    {
+        return Err(AuthenticationError::InvalidCredentials);
+    }
+
    if input == token {
+        conn
+            .set(
+                TOTP_NAMESPACE,
+                &format!("{}-{}", token, user_id.0),
+                "",
+                Some(60),
+            )
+            .await?;
+
        Ok(true)
    } else if allow_backup {
        let backup_codes = crate::database::models::User::get_backup_codes(user_id, pool).await?;