Merge pull request #20383 from mozilla/fxa-13321

feat(passwordless): switch OTP from 8 digits to 6 and harden rate limits

Author: vbudhram

libs/accounts/email-renderer/src/renderer/__snapshots__/fxa-email-renderer.spec.ts.snap

@@ -6701,8 +6701,8 @@ exports[`FxA Email Renderer should render renderPasswordlessSigninOtp strapi: ma
               <tr>
                 <td align="left" class="text-body" style="font-size:0px;padding:10px 25px;word-break:break-word;">
 
-      <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:13px;line-height:1;text-align:left;color:#000000;"><span data-l10n-id="passwordless-signin-otp-code">
-        Use this confirmation code:
+      <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:13px;line-height:1;text-align:left;color:#000000;"><span data-l10n-id="passwordless-signin-otp-code-v2">
+        Your verification code is
       </span></div>
 
                 </td>
@@ -7110,8 +7110,8 @@ exports[`FxA Email Renderer should render renderPasswordlessSigninOtp: matches f
               <tr>
                 <td align="left" class="text-body" style="font-size:0px;padding:10px 25px;word-break:break-word;">
 
-      <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:13px;line-height:1;text-align:left;color:#000000;"><span data-l10n-id="passwordless-signin-otp-code">
-        Use this confirmation code:
+      <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:13px;line-height:1;text-align:left;color:#000000;"><span data-l10n-id="passwordless-signin-otp-code-v2">
+        Your verification code is
       </span></div>
 
                 </td>
@@ -7515,8 +7515,8 @@ exports[`FxA Email Renderer should render renderPasswordlessSignupOtp strapi: ma
               <tr>
                 <td align="left" class="text-body" style="font-size:0px;padding:10px 25px;word-break:break-word;">
 
-      <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:13px;line-height:1;text-align:left;color:#000000;"><span data-l10n-id="passwordless-signup-otp-code">
-        Use this confirmation code:
+      <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:13px;line-height:1;text-align:left;color:#000000;"><span data-l10n-id="passwordless-signup-otp-code-v2">
+        Your verification code is
       </span></div>
 
                 </td>
@@ -7924,8 +7924,8 @@ exports[`FxA Email Renderer should render renderPasswordlessSignupOtp: matches f
               <tr>
                 <td align="left" class="text-body" style="font-size:0px;padding:10px 25px;word-break:break-word;">
 
-      <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:13px;line-height:1;text-align:left;color:#000000;"><span data-l10n-id="passwordless-signup-otp-code">
-        Use this confirmation code:
+      <div style="font-family:Ubuntu, Helvetica, Arial, sans-serif;font-size:13px;line-height:1;text-align:left;color:#000000;"><span data-l10n-id="passwordless-signup-otp-code-v2">
+        Your verification code is
       </span></div>
 
                 </td>

libs/accounts/email-renderer/src/templates/passwordlessSigninOtp/en.ftl

@@ -5,5 +5,5 @@ passwordless-signin-otp-subject = Use { $code } to finish sign in
 passwordless-signin-otp-preview = Code expires in { $codeExpiryMinutes } minutes
 passwordless-signin-otp-title = Finish your sign in 
 passwordless-signin-otp-request = This email was used to sign in from:
-passwordless-signin-otp-code = Use this confirmation code:
+passwordless-signin-otp-code-v2 = Your verification code is
 passwordless-signin-otp-expiry-notice = It expires in { $codeExpiryMinutes } minutes.

libs/accounts/email-renderer/src/templates/passwordlessSigninOtp/index.mjml

@@ -22,8 +22,8 @@ can obtain one at http://mozilla.org/MPL/2.0/. %>
   <mj-column>
 
     <mj-text css-class="text-body">
-      <span data-l10n-id="passwordless-signin-otp-code">
-        Use this confirmation code:
+      <span data-l10n-id="passwordless-signin-otp-code-v2">
+        Your verification code is
       </span>
     </mj-text>
 

libs/accounts/email-renderer/src/templates/passwordlessSigninOtp/index.stories.ts

@@ -13,7 +13,7 @@ export default {
 
 const data: TemplateData = {
   ...MOCK_USER_INFO,
-  code: '96318398',
+  code: '963183',
   codeExpiryMinutes: 10,
   supportUrl: 'https://support.mozilla.org',
   target: 'index',

libs/accounts/email-renderer/src/templates/passwordlessSigninOtp/index.txt

@@ -4,7 +4,7 @@ passwordless-signin-otp-request = "This email was used to sign in from:"
 
 <%- include('/partials/userInfo/index.txt') %>
 
-passwordless-signin-otp-code = "Use this confirmation code:"
+passwordless-signin-otp-code-v2 = "Your verification code is"
 
 <%- code %>
 

libs/accounts/email-renderer/src/templates/passwordlessSigninOtp/strapi.mjml

@@ -20,8 +20,8 @@
   <mj-column>
 
     <mj-text css-class="text-body">
-      <span data-l10n-id="passwordless-signin-otp-code">
-        Use this confirmation code:
+      <span data-l10n-id="passwordless-signin-otp-code-v2">
+        Your verification code is
       </span>
     </mj-text>
 

libs/accounts/email-renderer/src/templates/passwordlessSigninOtp/strapi.stories.ts

@@ -13,7 +13,7 @@ export default {
 
 const data: TemplateData = {
   ...MOCK_USER_INFO,
-  code: '12345678',
+  code: '123456',
   codeExpiryMinutes: 10,
   supportUrl: 'https://support.mozilla.org',
   time: '11:45 AM',

libs/accounts/email-renderer/src/templates/passwordlessSigninOtp/strapi.txt

@@ -4,7 +4,7 @@
 
 <%- include('/partials/userInfo/index.txt') %>
 
-passwordless-signin-otp-code = "Use this confirmation code:"
+passwordless-signin-otp-code-v2 = "Your verification code is"
 
 <%- code %>
 

libs/accounts/email-renderer/src/templates/passwordlessSignupOtp/en.ftl

@@ -5,5 +5,5 @@ passwordless-signup-otp-subject = Use { $code } to finish sign up
 passwordless-signup-otp-preview = Code expires in { $codeExpiryMinutes } minutes
 passwordless-signup-otp-title = Finish your sign up
 passwordless-signup-otp-request = An account was created using this email address from:
-passwordless-signup-otp-code = Use this confirmation code:
+passwordless-signup-otp-code-v2 = Your verification code is
 passwordless-signup-otp-expiry-notice = It expires in { $codeExpiryMinutes } minutes.

libs/accounts/email-renderer/src/templates/passwordlessSignupOtp/index.mjml

@@ -22,8 +22,8 @@ can obtain one at http://mozilla.org/MPL/2.0/. %>
   <mj-column>
 
     <mj-text css-class="text-body">
-      <span data-l10n-id="passwordless-signup-otp-code">
-        Use this confirmation code:
+      <span data-l10n-id="passwordless-signup-otp-code-v2">
+        Your verification code is
       </span>
     </mj-text>