✨ Add JWT email verification

Author: AnandChowdhary

src/config.ts

@@ -14,6 +14,7 @@ export const DB_PASSWORD = process.env.DB_PASSWORD || "";
 export const DB_DATABASE = process.env.DB_DATABASE || "database";
 
 // Email
+export const FRONTEND_URL = process.env.FRONTEND_URL || "https://example.com";
 export const SES_EMAIL = process.env.SES_EMAIL || "";
 export const SES_REGION = process.env.SES_REGION || "eu-west-1";
 export const SES_ACCESS = process.env.SES_ACCESS || "";

src/crud/email.ts

@@ -1,5 +1,7 @@
-import { query, tableValues } from "../helpers/mysql";
+import { query, tableValues, setValues } from "../helpers/mysql";
 import { Email } from "../interfaces/tables/emails";
+import { dateToDateTime } from "../helpers/utils";
+import { KeyValue } from "../interfaces/general";
 
 export const createEmail = async (email: Email, sendVerification = true) => {
   // Clean up values
@@ -13,3 +15,11 @@ export const createEmail = async (email: Email, sendVerification = true) => {
     Object.values(email)
   );
 };
+
+export const updateEmail = async (id: number, email: KeyValue) => {
+  email.updatedAt = dateToDateTime(new Date());
+  return await query(`UPDATE emails SET ${setValues(email)} WHERE id = ?`, [
+    ...Object.values(email),
+    id
+  ]);
+};

src/crud/user.ts

@@ -2,6 +2,7 @@ import { query, tableValues, setValues } from "../helpers/mysql";
 import { User } from "../interfaces/tables/user";
 import { capitalizeFirstAndLastLetter, dateToDateTime } from "../helpers/utils";
 import { hash } from "bcrypt";
+import { KeyValue } from "../interfaces/general";
 
 export const listAllUsers = async () => {
   return <User[]>await query("SELECT * from users");
@@ -27,12 +28,8 @@ export const createUser = async (user: User) => {
   );
 };
 
-interface KV {
-  [index: string]: any;
-}
-export const updateUser = async (id: number, user: KV) => {
+export const updateUser = async (id: number, user: KeyValue) => {
   user.updatedAt = dateToDateTime(new Date());
-  // Create user
   return await query(`UPDATE users SET ${setValues(user)} WHERE id = ?`, [
     ...Object.values(user),
     id

src/helpers/jwt.ts

@@ -1,4 +1,4 @@
-import { sign, Secret } from "jsonwebtoken";
+import { sign, verify } from "jsonwebtoken";
 import { JWT_ISSUER, JWT_SECRET } from "../config";
 
 export const generateToken = (
@@ -22,5 +22,13 @@ export const generateToken = (
     );
   });
 
-export const emailVerificationToken = async (id: number) =>
+export const verifyToken = (token: string, subject: string) =>
+  new Promise((resolve, reject) => {
+    verify(token, JWT_SECRET, { subject }, (error, data) => {
+      if (error) return reject(error);
+      resolve(data);
+    });
+  });
+
+export const emailVerificationToken = (id: number) =>
   generateToken({ id }, "7d", "email-verify");

src/helpers/mail.ts

@@ -1,6 +1,12 @@
 import * as ses from "node-ses";
 import { Mail } from "../interfaces/mail";
-import { SES_SECRET, SES_ACCESS, SES_EMAIL, SES_REGION } from "../config";
+import {
+  SES_SECRET,
+  SES_ACCESS,
+  SES_EMAIL,
+  SES_REGION,
+  FRONTEND_URL
+} from "../config";
 import { readFile } from "fs-extra";
 import { join } from "path";
 import { render } from "mustache";
@@ -30,7 +36,7 @@ export const mail = async (
     (await readFile(
       join(__dirname, "..", "..", "src", "templates", `${template}.md`)
     )).toString(),
-    data
+    { ...data, frontendUrl: FRONTEND_URL }
   );
   const message = marked(altText);
   return await sendMail({

src/index.ts

@@ -1,6 +1,6 @@
 import express from "express";
 import { PORT } from "./config";
-import { register } from "./rest/auth";
+import { register, verifyEmail } from "./rest/auth";
 
 const app = express();
 
@@ -17,5 +17,13 @@ app.get("/create-account", async (req, res) => {
     res.json({ success: false });
   }
 });
+app.get("/verify-email/:token", async (req, res) => {
+  try {
+    res.json({ success: await verifyEmail(req.params.token) });
+  } catch (error) {
+    console.log("Error", error);
+    res.json({ success: false });
+  }
+});
 
 app.listen(PORT, () => console.log("App running"));

src/interfaces/error.ts src/interfaces/general.tssrc/interfaces/error.ts renamed to src/interfaces/general.ts

@@ -1,3 +1,7 @@
+export interface KeyValue {
+  [index: string]: any;
+}
+
 export interface HTTPError {
   status: number;
   code: string;

src/rest/auth.ts

@@ -1,9 +1,10 @@
 import { User } from "../interfaces/tables/user";
 import { createUser, updateUser } from "../crud/user";
 import { InsertResult } from "../interfaces/mysql";
-import { createEmail } from "../crud/email";
+import { createEmail, updateEmail } from "../crud/email";
 import { mail } from "../helpers/mail";
-import { emailVerificationToken } from "../helpers/jwt";
+import { emailVerificationToken, verifyToken } from "../helpers/jwt";
+import { KeyValue } from "../interfaces/general";
 
 export const register = async (
   user: User,
@@ -31,7 +32,12 @@ export const sendEmailVerification = async (
   email: string,
   user: User
 ) => {
-  const token = emailVerificationToken(id);
-  await mail(email, "verify-email", { name: user.name, email, token });
+  const token = await emailVerificationToken(id);
+  await mail(email, "email-verify", { name: user.name, email, token });
   return;
 };
+
+export const verifyEmail = async (token: string) => {
+  const emailId = (<KeyValue>await verifyToken(token, "email-verify")).id;
+  return await updateEmail(emailId, { isVerified: true });
+};

src/templates/email-verify.md

@@ -0,0 +1,12 @@
+# Verify your email
+
+Dear {{name}},
+
+Click on the following button to verify this email for your account.
+
+<a style="background: #555; padding: 1rem 2rem; font-size: 120%; color: #fff; display: inline-block; margin: 2rem auto; border-radius: 0.25rem" href="{{frontendUrl}}/auth/verify-email?token={{token}}">Verify your email</a>
+
+If the above link doesn't work, you can copy and paste this URL in your browser: {{frontendUrl}}/auth/verify-email?token={{token}}.
+
+If you didn't request this email, you can safely ignore it.
+