# `AshAuthentication.Strategy.Otp.SignInPreparation`
[🔗](https://github.com/team-alembic/ash_authentication/blob/main/lib/ash_authentication/strategies/otp/sign_in_preparation.ex#L5)

Prepare a query for OTP sign in.

This preparation:
1. Filters the query by the identity field.
2. After the query, computes the deterministic JTI from the submitted OTP code.
3. Looks up the stored OTP token by JTI with a SELECT FOR UPDATE lock to prevent
   concurrent requests consuming the same code.
4. If found and valid, optionally revokes it (single-use), generates an auth JWT,
   and returns the user with the token in metadata. Otherwise returns an
   `AuthenticationFailed` error so the audit log records the attempt as a
   failure.

# `init`

# `supports`

---

*Consult [api-reference.md](api-reference.md) for complete listing*