Ilia Denisov
27 lines
964 B
Go
27 lines
964 B
Go
package challenge
|
|
|
|
import "time"
|
|
|
|
const (
|
|
// InitialTTL is the v1 lifetime of a newly created challenge before it
|
|
// becomes expired.
|
|
InitialTTL = 5 * time.Minute
|
|
|
|
// ResendThrottleCooldown is the fixed Stage-17 cooldown applied to repeated
|
|
// public send-email-code requests for the same normalized e-mail address.
|
|
ResendThrottleCooldown = time.Minute
|
|
|
|
// ConfirmedRetention is the v1 idempotency window kept after a successful
|
|
// challenge confirmation.
|
|
ConfirmedRetention = 5 * time.Minute
|
|
|
|
// MaxInvalidConfirmAttempts is the v1 threshold after which repeated invalid
|
|
// confirmation codes move a challenge into the failed state.
|
|
MaxInvalidConfirmAttempts = 5
|
|
)
|
|
|
|
// V1 resend policy keeps every public send-email-code request independent:
|
|
// each call creates a fresh challenge, existing challenges are not reused or
|
|
// deduplicated, and Stage 17 adds a fixed auth-side resend cooldown that may
|
|
// record the fresh challenge as delivery_throttled.
|