Add support for resending verification email in case of expired token (#3617)

* -Defines new public API route /apps/:appId/resend_verification_email that will generate a new email verification link and email for a user identified by username in POST body -Add template and url support for invalidVerificationLink, linkSendSuccess, and linkSendFail pages. The invalidVerificationLink pages includes a button that allows the user to generate a new verification email if their current token has expired, using the new public API route -All three pages have default html that will be functional out of the box, but they can be customized in the customPages object. The custom page for invalidVerificationLink needs to handle the extraction of the username and appId from the url and the POST to generate the new link (this requires javascript) -Clicking a link for an email that has already been verified now routes to the emailVerifySuccess page instead of the invalidLink page * Fix package.json repo url to be parse-server againwq * Fix js lint issues * Update unit tests * Use arrow functions, change html page comments, use qs and a string template to construct location for invalidVerificationLink page, syntax fixes * Remember to pass result when using arrow function
2017-05-10 14:02:16 +01:00
parent 7b9ebc4e8e
commit 22ba39812b
9 changed files with 273 additions and 13 deletions
--- a/src/Config.js
+++ b/src/Config.js
@@ -234,6 +234,18 @@ export class Config {
    return this.customPages.invalidLink || `${this.publicServerURL}/apps/invalid_link.html`;
  }

+  get invalidVerificationLinkURL() {
+    return this.customPages.invalidVerificationLink || `${this.publicServerURL}/apps/invalid_verification_link.html`;
+  }
+
+  get linkSendSuccessURL() {
+    return this.customPages.linkSendSuccess || `${this.publicServerURL}/apps/link_send_success.html`
+  }
+
+  get linkSendFailURL() {
+    return this.customPages.linkSendFail || `${this.publicServerURL}/apps/link_send_fail.html`
+  }
+
  get verifyEmailSuccessURL() {
    return this.customPages.verifyEmailSuccess || `${this.publicServerURL}/apps/verify_email_success.html`;
  }
--- a/src/Controllers/UserController.js
+++ b/src/Controllers/UserController.js
@@ -60,11 +60,17 @@ export class UserController extends AdaptableController {
      updateFields._email_verify_token_expires_at = {__op: 'Delete'};
    }

-    return this.config.database.update('_User', query, updateFields).then((document) => {
-      if (!document) {
-        throw undefined;
+    var checkIfAlreadyVerified = new RestQuery(this.config, Auth.master(this.config), '_User', {username: username, emailVerified: true});
+    return checkIfAlreadyVerified.execute().then(result => {
+      if (result.results.length) {
+        return Promise.resolve(result.results.length[0]);
      }
-      return Promise.resolve(document);
+      return this.config.database.update('_User', query, updateFields).then((document) => {
+        if (!document) {
+          throw undefined
+        }
+        return Promise.resolve(document);
+      })
    });
  }

@@ -134,6 +140,18 @@ export class UserController extends AdaptableController {
    });
  }

+  resendVerificationEmail(username) {
+    return this.getUserIfNeeded({username: username}).then((aUser) => {
+      if (!aUser || aUser.emailVerified) {
+        throw undefined;
+      }
+      this.setEmailVerifyToken(aUser);
+      return this.config.database.update('_User', {username}, aUser).then(() => {
+        this.sendVerificationEmail(aUser);
+      });
+    });
+  }
+
  setPasswordResetToken(email) {
    const token = { _perishable_token: randomString(25) };

--- a/src/Routers/PublicAPIRouter.js
+++ b/src/Routers/PublicAPIRouter.js
@@ -31,7 +31,35 @@ export class PublicAPIRouter extends PromiseRouter {
        location: `${config.verifyEmailSuccessURL}?${params}`
      });
    }, ()=> {
+      return this.invalidVerificationLink(req);
+    })
+  }
+
+  resendVerificationEmail(req) {
+    const username = req.body.username;
+    const appId = req.params.appId;
+    const config = new Config(appId);
+
+    if (!config.publicServerURL) {
+      return this.missingPublicServerURL();
+    }
+
+    if (!username) {
      return this.invalidLink(req);
+    }
+
+    const userController = config.userController;
+
+    return userController.resendVerificationEmail(username).then(() => {
+      return Promise.resolve({
+        status: 302,
+        location: `${config.linkSendSuccessURL}`
+      });
+    }, ()=> {
+      return Promise.resolve({
+        status: 302,
+        location: `${config.linkSendFailURL}`
+      });
    })
  }

@@ -123,6 +151,19 @@ export class PublicAPIRouter extends PromiseRouter {
    });
  }

+  invalidVerificationLink(req) {
+    const config = req.config;
+    if (req.query.username && req.params.appId) {
+      const params = qs.stringify({username: req.query.username, appId: req.params.appId});
+      return Promise.resolve({
+        status: 302,
+        location: `${config.invalidVerificationLinkURL}?${params}`
+      });
+    } else {
+      return this.invalidLink(req);
+    }
+  }
+
  missingPublicServerURL() {
    return Promise.resolve({
      text:  'Not found.',
@@ -140,6 +181,10 @@ export class PublicAPIRouter extends PromiseRouter {
      req => { this.setConfig(req) },
      req => { return this.verifyEmail(req); });

+    this.route('POST', '/apps/:appId/resend_verification_email',
+      req => { this.setConfig(req); },
+      req => { return this.resendVerificationEmail(req); });
+
    this.route('GET','/apps/choose_password',
      req => { return this.changePassword(req); });