feat: verify flow

Author: Lorezz

lib/db.ts

@@ -111,10 +111,34 @@ export async function createCode(userId: string) {
       userId,
     },
   });
-  return prisma.codes.create({
+  await prisma.codes.create({
     data: {
       userId,
       code,
     },
   });
+  return code;
+}
+
+export async function setVerifyed(id: string) {
+  return prisma.user.update({
+    where: {
+      id,
+    },
+    data: {
+      verifyed: true,
+    },
+  });
+}
+
+export async function changePassword(id: string, newPassword: string) {
+  const password = bcrypt.hashSync(newPassword, 12);
+  return prisma.user.update({
+    where: {
+      id,
+    },
+    data: {
+      password,
+    },
+  });
 }

lib/email.ts

@@ -1,36 +1,47 @@
+import type { User } from "@prisma/client";
 import { Resend } from "resend";
 
-const resend = new Resend(process.env.RESEND_API_KEY || "");
+const RESEND_API_KEY = process.env.RESEND_API_KEY || "";
+console.log("RESEND_API_KEY", RESEND_API_KEY);
+const resend = new Resend(RESEND_API_KEY);
 const SENDER_EMAIL = process.env.SENDER_EMAIL || "";
-const HOST = process.env.HOST || "/";
+const HOST = process.env.HOST_URL || "/";
+const APP_URL = process.env.APP_URL || "/";
 const COPY = "Dataviz";
 
 async function sendMail(addresses: string[], html: string) {
-  await resend.emails.send({
+  const obj = {
     from: SENDER_EMAIL,
     to: addresses.join(";"),
     subject: "Activate Account",
+  };
+  const result = await resend.emails.send({
+    ...obj,
     html,
   });
+  console.log("RESULT", result);
+  return result;
 }
 
 function compileTemplate(template: string, data: any) {
   return template.replace(/\${(.*?)}/g, (_, key) => data[key]);
 }
 
-export async function sendActivationEmail(recipeint: string, pin: string[]) {
-  const html = activationTemplate(HOST, pin);
-  await sendMail([recipeint], html);
+export function sendActivationEmail(user: User, pin: string) {
+  const html = activationTemplate(user.id, pin);
+  console.log("html", html);
+  return sendMail([user.email], html);
 }
 
-export async function sendResetPasswordEmail(recipeint: string, pin: string[]) {
-  const html = resetTemplate(HOST, pin);
-  await sendMail([recipeint], html);
+export async function sendResetPasswordEmail(user: User, pin: string) {
+  const html = resetTemplate(user.id, pin);
+  return sendMail([user.email], html);
 }
 
-function resetTemplate(baseUrl: string, pin: string[]) {
-  const url = `${baseUrl}/auth/reset?pin=${pin.join("")}`;
+function resetTemplate(uid: string, pin: string) {
+  const url = `${APP_URL}/verify/${uid}?action=reset`;
   const code = pin
+    .split("")
     .map((item: string) => {
       return `<span><code style="display:inline;padding:16px 4.5%;width:auto;margin:0 4px;background-color:#f4f4f4;border-radius:5px;border:1px solid #eee;color:#333">${item}</code></span>`;
     })
@@ -40,9 +51,10 @@ function resetTemplate(baseUrl: string, pin: string[]) {
   `;
 }
 
-function activationTemplate(baseUrl: string, pin: string[]) {
-  const url = `${baseUrl}/auth/activate?pin=${pin.join("")}`;
+function activationTemplate(uid: string, pin: string) {
+  const url = `${APP_URL}/verify/${uid}?action=init`;
   const code = pin
+    .split("")
     .map((item: string) => {
       return `<span><code style="display:inline;padding:16px 4.5%;width:auto;margin:0 4px;background-color:#f4f4f4;border-radius:5px;border:1px solid #eee;color:#333">${item}</code></span>`;
     })

prisma/schema.prisma

@@ -14,11 +14,14 @@ datasource db {
 }
 
 model User {
-  id        String      @id @default(cuid())
-  email     String      @unique
-  password  String
-  createdAt DateTime    @default(now())
-  updatedAt DateTime    @updatedAt
+  id       String  @id @default(cuid())
+  email    String  @unique
+  password String
+  verifyed Boolean @default(false)
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+
   Chart     Chart[]
   Dashboard Dashboard[]
 }

routes/auth.ts

@@ -4,7 +4,6 @@ import * as db from "../lib/db";
 import { generateTokens, sendAccessToken } from "../lib/jwt";
 import { validateRequest } from "../lib/middlewares";
 import * as z from "zod";
-import generatePin from "../lib/pin";
 import { sendActivationEmail } from "../lib/email";
 
 const registerSchema = z.object({
@@ -47,20 +46,19 @@ router.post(
       }
       const existingUser = await db.findUserByEmail(email);
       if (existingUser) {
-        res.status(400);
-        throw new Error("Email already in use.");
+        res.status(409);
+        return res.json({ error: { message: "Email already in use." } });
       }
       const user = await db.createUserByEmailAndPassword({ email, password });
-
       //@TODO SEND EMAIL TO ACTIVATE USER
-      const pin = generatePin();
-
-      sendActivationEmail(email, pin);
+      const pin = await db.createCode(user.id);
+      console.log("pin", pin);
+      await sendActivationEmail(user, pin);
 
       // const { accessToken } = generateTokens(user);
       // sendAccessToken(res, accessToken);
 
-      res.json({ auth: true });
+      return res.json({ auth: true });
     } catch (err) {
       next(err);
     }
@@ -113,4 +111,39 @@ router.get("/logout", (req: any, res) => {
   return res.status(204);
 });
 
+router.post("/verify", (req: any, res) => {
+  const { uid, code } = req.body;
+  console.log("uid", uid);
+  console.log("code", code);
+  return res.json({ uid, code });
+});
+
+// router.get("/mail/:uid", async (req, res) => {
+//   const uid = req.params.uid;
+//   const pin = await db.createCode(uid);
+//   const email = "[email protected]";
+//   console.log("pin", pin);
+//   console.log("email", email);
+//   await sendActivationEmail(email, pin);
+//   return res.status(204);
+// });
+
+router.get("/init", (req: any, res) => {
+  const user = req.user;
+  if (!user) {
+    return res.status(400).json({ error: "User and password are required." });
+  }
+  return res.status(204);
+});
+
+router.put("/pwd", async (req: any, res) => {
+  const user = req.user;
+  const { password } = req.body;
+  if (!user || !password) {
+    return res.status(400).json({ error: "User and password are required." });
+  }
+  await db.changePassword(user.id, password);
+  return res.status(204);
+});
+
 export default router;