@@ -525,7 +525,9 @@ export class ApiService {
525525
526526 async loginWithOtp ( loginDto : LoginDto , authHeader : null | string ) : Promise < SignupResponse > {
527527 /* Execution flow
528- 1. Verify OTP
528+ 1. Check if ALLOW_DEFAULT_OTP is set to true.
529+ 2. If true check if user number is listed in DEFAULT_OTP_USERS, if yes send sucess if OTP matches.
530+ 3. else; Verify OTP via fusion auth.
529531 2. If invalid OTP, throw error; else continue with next steps
530532 3. Check if user exists for the given applicationId.
531533 3.1. If existing user, reset the password.
@@ -544,6 +546,12 @@ export class ApiService {
544546 else
545547 verifyOTPResult = { status : SMSResponseStatus . failure }
546548 }
549+ else {
550+ verifyOTPResult = await this . otpService . verifyOTP ( {
551+ phone : loginDto . loginId ,
552+ otp : loginDto . password , // existing OTP
553+ } ) ;
554+ }
547555 } else {
548556 verifyOTPResult = await this . otpService . verifyOTP ( {
549557 phone : loginDto . loginId ,
@@ -564,11 +572,12 @@ export class ApiService {
564572 authHeader ,
565573 ) ;
566574 if ( statusFA === FAStatus . USER_EXISTS ) {
567- let registrationId = null ;
575+ let registrationId = null , registeredRoles = [ ] ;
568576 if ( user . registrations ) {
569577 user . registrations . map ( ( item ) => {
570578 if ( item . applicationId == loginDto . applicationId ) {
571579 registrationId = item . id ;
580+ registeredRoles = item . roles ;
572581 }
573582 } ) ;
574583 }
@@ -581,7 +590,7 @@ export class ApiService {
581590 registrations : [
582591 {
583592 applicationId : loginDto . applicationId ,
584- roles : loginDto . roles ?? [ ] ,
593+ roles : registeredRoles ,
585594 id : registrationId ,
586595 } ,
587596 ] ,
0 commit comments