verifyOTP method
Log in a user given a User supplied OTP received via mobile.
phone
is the user's phone number WITH international prefix
token
is the token that user was sent to their mobile phone
tokenHash
is the token used in an email link
Implementation
Future<AuthResponse> verifyOTP({
String? email,
String? phone,
required String token,
required OtpType type,
String? redirectTo,
String? captchaToken,
String? tokenHash,
}) async {
assert((email != null && phone == null) || (email == null && phone != null),
'`email` or `phone` needs to be specified.');
if (type != OtpType.emailChange && type != OtpType.phoneChange) {
_removeSession();
}
final body = {
if (email != null) 'email': email,
if (phone != null) 'phone': phone,
'token': token,
'type': type.snakeCase,
'redirect_to': redirectTo,
'gotrue_meta_security': {'captchaToken': captchaToken},
if (tokenHash != null) 'token_hash': tokenHash,
};
final fetchOptions = GotrueRequestOptions(headers: _headers, body: body);
final response = await _fetch
.request('$_url/verify', RequestMethodType.post, options: fetchOptions);
final authResponse = AuthResponse.fromJson(response);
if (authResponse.session == null) {
throw AuthException(
'An error occurred on token verification.',
);
}
_saveSession(authResponse.session!);
notifyAllSubscribers(type == OtpType.recovery
? AuthChangeEvent.passwordRecovery
: AuthChangeEvent.signedIn);
return authResponse;
}