fix(auth): verify otp using token hash (#451)

Author: grdsdev

Examples/Examples/Profile/ProfileView.swift

@@ -19,7 +19,8 @@ struct ProfileView: View {
     NavigationStack {
       List {
         if let user,
-           let json = try? AnyJSON(user) {
+           let json = try? AnyJSON(user)
+        {
           Section {
             AnyJSONView(value: json)
           }

Examples/Examples/Profile/UpdateProfileView.swift

@@ -5,8 +5,8 @@
 //  Created by Guilherme Souza on 14/05/24.
 //
 
-import SwiftUI
 import Supabase
+import SwiftUI
 
 struct UpdateProfileView: View {
   let user: User
@@ -93,7 +93,7 @@ struct UpdateProfileView: View {
   }
 
   @MainActor
-  private func verifyTapped() async { 
+  private func verifyTapped() async {
     do {
       try await supabase.auth.verifyOTP(phone: phone, token: otp, type: .phoneChange)
     } catch {

Sources/Auth/AuthClient.swift

@@ -862,6 +862,25 @@ public final class AuthClient: Sendable {
     )
   }
 
+  /// Log in an user given a token hash received via email.
+  @discardableResult
+  public func verifyOTP(
+    tokenHash: String,
+    type: EmailOTPType
+  ) async throws -> AuthResponse {
+    try await _verifyOTP(
+      request: .init(
+        url: configuration.url.appendingPathComponent("verify"),
+        method: .post,
+        body: configuration.encoder.encode(
+          VerifyOTPParams.tokenHash(
+            VerifyTokenHashParams(tokenHash: tokenHash, type: type)
+          )
+        )
+      )
+    )
+  }
+
   private func _verifyOTP(request: HTTPRequest) async throws -> AuthResponse {
     let response = try await api.execute(request).decoded(
       as: AuthResponse.self,

Sources/Auth/Types.swift

@@ -371,6 +371,7 @@ struct OTPParams: Codable, Hashable, Sendable {
 enum VerifyOTPParams: Encodable {
   case email(VerifyEmailOTPParams)
   case mobile(VerifyMobileOTPParams)
+  case tokenHash(VerifyTokenHashParams)
 
   func encode(to encoder: any Encoder) throws {
     var container = encoder.singleValueContainer()
@@ -379,6 +380,8 @@ enum VerifyOTPParams: Encodable {
       try container.encode(value)
     case let .mobile(value):
       try container.encode(value)
+    case let .tokenHash(value):
+      try container.encode(value)
     }
   }
 }
@@ -390,6 +393,11 @@ struct VerifyEmailOTPParams: Encodable, Hashable, Sendable {
   var gotrueMetaSecurity: AuthMetaSecurity?
 }
 
+struct VerifyTokenHashParams: Encodable, Hashable, Sendable {
+  var tokenHash: String
+  var type: EmailOTPType
+}
+
 struct VerifyMobileOTPParams: Encodable, Hashable {
   var phone: String
   var token: String

Tests/AuthTests/RequestsTests.swift

@@ -273,6 +273,17 @@ final class RequestsTests: XCTestCase {
     }
   }
 
+  func testVerifyOTPUsingTokenHash() async {
+    let sut = makeSUT()
+
+    await assert {
+      try await sut.verifyOTP(
+        tokenHash: "abc-def",
+        type: .email
+      )
+    }
+  }
+
   func testUpdateUser() async throws {
     let sut = makeSUT()
 

Tests/AuthTests/__Snapshots__/RequestsTests/testVerifyOTPUsingTokenHash.1.txt

@@ -0,0 +1,7 @@
+curl \
+	--request POST \
+	--header "Apikey: dummy.api.key" \
+	--header "Content-Type: application/json" \
+	--header "X-Client-Info: gotrue-swift/x.y.z" \
+	--data "{\"token_hash\":\"abc-def\",\"type\":\"email\"}" \
+	"http://localhost:54321/auth/v1/verify"