text changes

backend/models/User.js

@@ -265,7 +265,7 @@ const User = sequelize.define(
         }
       },
     },
-  }
+  },
 );
 
 User.prototype.comparePassword = async function (password) {
@@ -457,7 +457,7 @@ User.prototype.unbanUser = async function () {
     bannedAt: null,
     bannedBy: null,
     banReason: null,
-    // Note: We don't increment jwtVersion on unban - user will need to log in fresh
+    // We don't increment jwtVersion on unban - user will need to log in fresh
   });
 };
 
@@ -467,7 +467,7 @@ const TwoFactorService = require("../services/TwoFactorService");
 // Store pending TOTP secret during setup
 User.prototype.storePendingTotpSecret = async function (
   encryptedSecret,
-  encryptedSecretIv
+  encryptedSecretIv,
 ) {
   return this.update({
     twoFactorSetupPendingSecret: encryptedSecret,
@@ -478,7 +478,7 @@ User.prototype.storePendingTotpSecret = async function (
 // Enable TOTP 2FA after verification
 User.prototype.enableTotp = async function (recoveryCodes) {
   const hashedCodes = await Promise.all(
-    recoveryCodes.map((code) => bcrypt.hash(code, 12))
+    recoveryCodes.map((code) => bcrypt.hash(code, 12)),
   );
 
   // Store in structured format
@@ -506,7 +506,7 @@ User.prototype.enableTotp = async function (recoveryCodes) {
 // Enable Email 2FA
 User.prototype.enableEmailTwoFactor = async function (recoveryCodes) {
   const hashedCodes = await Promise.all(
-    recoveryCodes.map((code) => bcrypt.hash(code, 12))
+    recoveryCodes.map((code) => bcrypt.hash(code, 12)),
   );
 
   // Store in structured format
@@ -563,7 +563,7 @@ User.prototype.verifyEmailOtp = function (inputCode) {
   return TwoFactorService.verifyEmailOtp(
     inputCode,
     this.emailOtpCode,
-    this.emailOtpExpiry
+    this.emailOtpExpiry,
   );
 };
 
@@ -603,7 +603,9 @@ User.prototype.markTotpCodeUsed = async function (code) {
   const codeHash = crypto.createHash("sha256").update(code).digest("hex");
   recentCodes.unshift(codeHash);
   // Keep only last 5 codes (covers about 2.5 minutes of 30-second windows)
-  await this.update({ recentTotpCodes: JSON.stringify(recentCodes.slice(0, 5)) });
+  await this.update({
+    recentTotpCodes: JSON.stringify(recentCodes.slice(0, 5)),
+  });
 };
 
 // Verify TOTP code with replay protection
@@ -615,18 +617,25 @@ User.prototype.verifyTotpCode = function (code) {
   if (this.hasUsedTotpCode(code)) {
     return false;
   }
-  return TwoFactorService.verifyTotpCode(this.totpSecret, this.totpSecretIv, code);
+  return TwoFactorService.verifyTotpCode(
+    this.totpSecret,
+    this.totpSecretIv,
+    code,
+  );
 };
 
 // Verify pending TOTP code (during setup)
 User.prototype.verifyPendingTotpCode = function (code) {
-  if (!this.twoFactorSetupPendingSecret || !this.twoFactorSetupPendingSecretIv) {
+  if (
+    !this.twoFactorSetupPendingSecret ||
+    !this.twoFactorSetupPendingSecretIv
+  ) {
     return false;
   }
   return TwoFactorService.verifyTotpCode(
     this.twoFactorSetupPendingSecret,
     this.twoFactorSetupPendingSecretIv,
-    code
+    code,
   );
 };
 
@@ -639,7 +648,7 @@ User.prototype.useRecoveryCode = async function (inputCode) {
   const recoveryData = JSON.parse(this.recoveryCodesHash);
   const { valid, index } = await TwoFactorService.verifyRecoveryCode(
     inputCode,
-    recoveryData
+    recoveryData,
   );
 
   if (valid) {
@@ -661,7 +670,8 @@ User.prototype.useRecoveryCode = async function (inputCode) {
 
   return {
     valid,
-    remainingCodes: TwoFactorService.getRemainingRecoveryCodesCount(recoveryData),
+    remainingCodes:
+      TwoFactorService.getRemainingRecoveryCodesCount(recoveryData),
   };
 };