-
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
15 changed files
with
527 additions
and
175 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
/* eslint-disable camelcase */ | ||
import SQL from '@nearform/sql' | ||
|
||
// Delete any pendig email updates | ||
export async function deleteEmail (fastify, opts) { | ||
fastify.delete( | ||
'/', | ||
{ | ||
preHandler: fastify.auth([fastify.verifyJWT]) | ||
}, | ||
async function deleteEmailHandler (request, reply) { | ||
return fastify.pg.transact(async client => { | ||
const userID = request.user.id | ||
|
||
const updates = [ | ||
SQL`pending_email_update = null`, | ||
SQL`pending_email_update_token = null`, | ||
SQL`pending_email_update_token_exp = null` | ||
] | ||
|
||
const updateQuery = SQL` | ||
update users | ||
set ${SQL.glue(updates, ' , ')} | ||
where id = ${userID} | ||
returning username, email, pending_email_update, pending_email_update_token, pending_email_update_token_exp; | ||
` | ||
|
||
await client.query(updateQuery) | ||
|
||
reply.code(204) | ||
}) | ||
} | ||
) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,13 @@ | ||
import { confirmEmail } from './confirm-email.js' | ||
import { resendEmailVerification } from './resend-confirmation.js' | ||
import { postEmail } from './post-email.js' | ||
import { verifyEmail } from './verify-email.js' | ||
import { deleteEmail } from './delete-email.js' | ||
|
||
export default async function bookmarksRoutes (fastify, opts) { | ||
await Promise.all([ | ||
confirmEmail(fastify, opts), | ||
resendEmailVerification(fastify, opts), | ||
verifyEmail(fastify, opts), | ||
postEmail(fastify, opts), | ||
verifyEmail(fastify, opts) | ||
deleteEmail(fastify, opts) | ||
]) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
/* eslint-disable camelcase */ | ||
import SQL from '@nearform/sql' | ||
import { EMAIL_CONFIRM_TOKEN, EMAIL_CONFIRM_TOKEN_EXP } from './email-confirm-tokens.js' | ||
|
||
export async function resendAccountEmailVerificationHandler ({ | ||
userID, client, reply, fastify | ||
}) { | ||
const verifyQuery = SQL` | ||
select id, email, username, email_confirmed, email_verify_token, email_verify_token_exp | ||
from users | ||
where id = ${userID} | ||
fetch first row only; | ||
` | ||
|
||
const results = await client.query(verifyQuery) | ||
const user = results.rows.pop() | ||
|
||
if (user.email_confirmed) { | ||
return reply.unprocessableEntity('Email is already confirmed') | ||
} | ||
|
||
const updates = [ | ||
SQL`email_verify_token = ${EMAIL_CONFIRM_TOKEN}`, | ||
SQL`email_verify_token_exp = ${EMAIL_CONFIRM_TOKEN_EXP}` | ||
] | ||
|
||
const updateQuery = SQL` | ||
update users | ||
set ${SQL.glue(updates, ' , ')} | ||
where id = ${userID} | ||
returning username, email, email_verify_token, email_verify_token_exp; | ||
` | ||
|
||
const queryResults = await client.query(updateQuery) | ||
const updatedUser = queryResults.rows.pop() | ||
|
||
fastify.pqueue.add(async () => { | ||
const blackholeResults = await fastify.pg.query(SQL` | ||
select email, bounce_count, disabled | ||
from email_blackhole | ||
where email = ${updatedUser.email} | ||
fetch first row only; | ||
`) | ||
|
||
if (blackholeResults.rows.length === 0 || blackholeResults.rows[0].disabled === false) { | ||
return await Promise.allSettled([ | ||
fastify.email.sendMail({ | ||
from: `"Breadcrum.net 🥖" <${fastify.config.APP_EMAIL}>`, | ||
to: updatedUser.email, | ||
subject: 'Verify your email address', // Subject line | ||
text: verifyEmailBody({ | ||
username: updatedUser.username, | ||
transport: fastify.config.TRANSPORT, | ||
host: fastify.config.HOST, | ||
token: updatedUser.email_verify_token, | ||
oldEmail: updatedUser.email, | ||
newEmail: updatedUser.pending_email_update | ||
}) | ||
}) | ||
]) | ||
} else { | ||
fastify.log.warn({ email: updatedUser.email }, 'Skipping email for blocked email address') | ||
} | ||
}) | ||
|
||
reply.code(202) | ||
return { | ||
status: 'ok' | ||
} | ||
} | ||
|
||
export function verifyEmailBody ({ email, username, transport, host, token }) { | ||
return `Hi ${username}, | ||
Thanks for signing up for a Breadcrum.net account. Please verify your email address by clicking the link below. | ||
${transport}://${host}/email_confirm?token=${token} | ||
If you did not sign up for this account, please contact support@breadcrum.net or perform a password reset on the account associated with this email address and perform an account delete action if this is unwanted. | ||
Thank you!` | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
/* eslint-disable camelcase */ | ||
import { resendAccountEmailVerificationHandler } from './resend-account-confirmation.js' | ||
import { resendPendingEmailVerificationHandler } from './resend-pending-confirmation.js' | ||
|
||
// Request a email verification email | ||
export async function resendEmailVerification (fastify, opts) { | ||
fastify.post( | ||
'::resend', | ||
{ | ||
preHandler: fastify.auth([fastify.verifyJWT]), | ||
schema: { | ||
body: { | ||
type: 'object', | ||
properties: { | ||
update: { | ||
type: 'boolean' | ||
} | ||
} | ||
} | ||
}, | ||
respose: { | ||
202: { | ||
type: 'object', | ||
properties: { | ||
status: { | ||
type: 'string' | ||
} | ||
} | ||
} | ||
} | ||
}, | ||
async function resendEmailVerificationHandler (request, reply) { | ||
return fastify.pg.transact(async client => { | ||
const userID = request.user.id | ||
const { update } = request.body | ||
|
||
if (update) { | ||
return await resendPendingEmailVerificationHandler({ userID, client, reply, fastify }) | ||
} else { | ||
return await resendAccountEmailVerificationHandler({ userID, client, reply, fastify }) | ||
} | ||
}) | ||
} | ||
) | ||
} |
Oops, something went wrong.