Skip to content

Issue #3: Backend API Endpoints (Node.js) #3

@achneerov

Description

@achneerov

Description: Implement three core API endpoints for transaction processing and MFA verification.
Endpoints:

  1. processTransaction(hashCC, amount, location, merchantApiKey, emailAddress)
    Logic Flow:
  2. Validate merchant API key
  3. Check if user exists in system
  4. If user doesn't exist → return AUTH_REQUIRED
  5. If user exists → evaluate transaction rules
  6. Return response based on rules evaluation
    Response Types:
  • SUCCESS: Transaction approved
  • AUTH_REQUIRED: Include array of enabled auth method IDs (e.g., [1, 3] for email and phone)
  • FAILURE: Transaction denied
  1. requestCode(hashCC, authMode)
    Logic Flow:
  2. Identify authentication method from authMode parameter
  3. Generate random 6-digit code
  4. Update userTable.authCode with generated code
  5. Send code via selected method (email, SMS, etc.)
  6. Return confirmation status
  7. verifyMFA(hashCC, code)
    Logic Flow:
  8. Retrieve stored auth code from userTable.authCode
  9. Compare with submitted code
  10. Return SUCCESS if match, AUTH_REQUIRED if mismatch, FAILURE for errors
    Technical Requirements:
  • All endpoints return standardized status codes
  • Implement proper error handling
  • Log all attempts to mfa_events table
  • Support multiple authentication methods (email, phone, etc.)

Metadata

Metadata

Assignees

Labels

No labels
No labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions