cal.pub0.org/packages/features/auth/lib/verifyEmail.ts

import { randomBytes } from "crypto";

import { sendEmailVerificationLink } from "@calcom/emails/email-manager";
import { getFeatureFlagMap } from "@calcom/features/flags/server/utils";
import { WEBAPP_URL } from "@calcom/lib/constants";
import logger from "@calcom/lib/logger";
import rateLimiter from "@calcom/lib/rateLimit";
import { getTranslation } from "@calcom/lib/server/i18n";
import { prisma } from "@calcom/prisma";
import { TRPCError } from "@calcom/trpc/server";

const log = logger.getChildLogger({ prefix: [`[[Auth] `] });

interface VerifyEmailType {
  username?: string;
  email: string;
  language?: string;
}

export const sendEmailVerification = async ({ email, language, username }: VerifyEmailType) => {
  const token = randomBytes(32).toString("hex");
  const translation = await getTranslation(language ?? "en", "common");
  const flags = await getFeatureFlagMap(prisma);

  if (!flags["email-verification"]) {
    log.warn("Email verification is disabled - Skipping");
    return { ok: true, skipped: true };
  }

  await prisma.verificationToken.create({
    data: {
      identifier: email,
      token,
      expires: new Date(Date.now() + 24 * 3600 * 1000), // +1 day
    },
  });

  const params = new URLSearchParams({
    token,
  });

  const limiter = await rateLimiter();
  const rateLimit = await limiter({
    identifier: email,
  });

  if (!rateLimit.success) {
    throw new TRPCError({
      code: "TOO_MANY_REQUESTS",
      message: "An unexpected error occurred, please try again later.",
      cause: "Too many requests",
    });
  }

  await sendEmailVerificationLink({
    language: translation,
    verificationEmailLink: `${WEBAPP_URL}/api/auth/verify-email?${params.toString()}`,
    user: {
      email,
      name: username,
    },
  });

  return { ok: true, skipped: false };
};
feat: email verification (#9081) * Verify - inital email commit * Add token type - api redirect - migration * Redirect and valid api callback route * Update email design * Change signup URL to redirect to verify-email * Add feature flag - add a11y text to email - add top banner * Shell shouldnt redirect to onboarding if the user needs to verify account * Move flag check to server * Cleanup * Rate limit * Fix redirects * Remove api signup mess * Double negation for forced bool * Fix props * Update packages/emails/templates/account-verify-email.ts * Enable migration by default * Fix typos * Fix google verify issue * Update packages/features/auth/lib/verifyEmail.ts Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> * NITS: @harioms addressed * Remove schema changes * Fix NITs+ improvments * Update apps/web/pages/api/auth/verify-email.ts Co-authored-by: Omar López <zomars@me.com> * Update packages/features/ee/common/components/LicenseRequired.tsx Co-authored-by: Omar López <zomars@me.com> * Update apps/web/pages/api/auth/verify-email.ts Co-authored-by: Omar López <zomars@me.com> * Always preloads feature flags * Update verifyEmail.ts * Update schema.prisma * Type fix --------- Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> Co-authored-by: Omar López <zomars@me.com> 2023-06-07 07:27:48 +00:00			`import { randomBytes } from "crypto";`

			`import { sendEmailVerificationLink } from "@calcom/emails/email-manager";`
			`import { getFeatureFlagMap } from "@calcom/features/flags/server/utils";`
			`import { WEBAPP_URL } from "@calcom/lib/constants";`
			`import logger from "@calcom/lib/logger";`
feat: Upstash implementation for rate limiting/redis (#9514) * Introduce rate limiting that works on the edge * typo * Log once on init * Update rateLimit.ts --------- Co-authored-by: zomars <zomars@me.com> 2023-06-19 10:01:06 +00:00			`import rateLimiter from "@calcom/lib/rateLimit";`
feat: email verification (#9081) * Verify - inital email commit * Add token type - api redirect - migration * Redirect and valid api callback route * Update email design * Change signup URL to redirect to verify-email * Add feature flag - add a11y text to email - add top banner * Shell shouldnt redirect to onboarding if the user needs to verify account * Move flag check to server * Cleanup * Rate limit * Fix redirects * Remove api signup mess * Double negation for forced bool * Fix props * Update packages/emails/templates/account-verify-email.ts * Enable migration by default * Fix typos * Fix google verify issue * Update packages/features/auth/lib/verifyEmail.ts Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> * NITS: @harioms addressed * Remove schema changes * Fix NITs+ improvments * Update apps/web/pages/api/auth/verify-email.ts Co-authored-by: Omar López <zomars@me.com> * Update packages/features/ee/common/components/LicenseRequired.tsx Co-authored-by: Omar López <zomars@me.com> * Update apps/web/pages/api/auth/verify-email.ts Co-authored-by: Omar López <zomars@me.com> * Always preloads feature flags * Update verifyEmail.ts * Update schema.prisma * Type fix --------- Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> Co-authored-by: Omar López <zomars@me.com> 2023-06-07 07:27:48 +00:00			`import { getTranslation } from "@calcom/lib/server/i18n";`
			`import { prisma } from "@calcom/prisma";`
			`import { TRPCError } from "@calcom/trpc/server";`

			const log = logger.getChildLogger({ prefix: [`[[Auth] `] });

			`interface VerifyEmailType {`
			`username?: string;`
			`email: string;`
			`language?: string;`
			`}`

			`export const sendEmailVerification = async ({ email, language, username }: VerifyEmailType) => {`
			`const token = randomBytes(32).toString("hex");`
			`const translation = await getTranslation(language ?? "en", "common");`
			`const flags = await getFeatureFlagMap(prisma);`

			`if (!flags["email-verification"]) {`
			`log.warn("Email verification is disabled - Skipping");`
			`return { ok: true, skipped: true };`
			`}`

			`await prisma.verificationToken.create({`
			`data: {`
			`identifier: email,`
			`token,`
			`expires: new Date(Date.now() + 24 * 3600 * 1000), // +1 day`
			`},`
			`});`

			`const params = new URLSearchParams({`
			`token,`
			`});`

feat: Upstash implementation for rate limiting/redis (#9514) * Introduce rate limiting that works on the edge * typo * Log once on init * Update rateLimit.ts --------- Co-authored-by: zomars <zomars@me.com> 2023-06-19 10:01:06 +00:00			`const limiter = await rateLimiter();`
			`const rateLimit = await limiter({`
			`identifier: email,`
			`});`
feat: email verification (#9081) * Verify - inital email commit * Add token type - api redirect - migration * Redirect and valid api callback route * Update email design * Change signup URL to redirect to verify-email * Add feature flag - add a11y text to email - add top banner * Shell shouldnt redirect to onboarding if the user needs to verify account * Move flag check to server * Cleanup * Rate limit * Fix redirects * Remove api signup mess * Double negation for forced bool * Fix props * Update packages/emails/templates/account-verify-email.ts * Enable migration by default * Fix typos * Fix google verify issue * Update packages/features/auth/lib/verifyEmail.ts Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> * NITS: @harioms addressed * Remove schema changes * Fix NITs+ improvments * Update apps/web/pages/api/auth/verify-email.ts Co-authored-by: Omar López <zomars@me.com> * Update packages/features/ee/common/components/LicenseRequired.tsx Co-authored-by: Omar López <zomars@me.com> * Update apps/web/pages/api/auth/verify-email.ts Co-authored-by: Omar López <zomars@me.com> * Always preloads feature flags * Update verifyEmail.ts * Update schema.prisma * Type fix --------- Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> Co-authored-by: Omar López <zomars@me.com> 2023-06-07 07:27:48 +00:00
feat: Upstash implementation for rate limiting/redis (#9514) * Introduce rate limiting that works on the edge * typo * Log once on init * Update rateLimit.ts --------- Co-authored-by: zomars <zomars@me.com> 2023-06-19 10:01:06 +00:00			`if (!rateLimit.success) {`
feat: email verification (#9081) * Verify - inital email commit * Add token type - api redirect - migration * Redirect and valid api callback route * Update email design * Change signup URL to redirect to verify-email * Add feature flag - add a11y text to email - add top banner * Shell shouldnt redirect to onboarding if the user needs to verify account * Move flag check to server * Cleanup * Rate limit * Fix redirects * Remove api signup mess * Double negation for forced bool * Fix props * Update packages/emails/templates/account-verify-email.ts * Enable migration by default * Fix typos * Fix google verify issue * Update packages/features/auth/lib/verifyEmail.ts Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> * NITS: @harioms addressed * Remove schema changes * Fix NITs+ improvments * Update apps/web/pages/api/auth/verify-email.ts Co-authored-by: Omar López <zomars@me.com> * Update packages/features/ee/common/components/LicenseRequired.tsx Co-authored-by: Omar López <zomars@me.com> * Update apps/web/pages/api/auth/verify-email.ts Co-authored-by: Omar López <zomars@me.com> * Always preloads feature flags * Update verifyEmail.ts * Update schema.prisma * Type fix --------- Co-authored-by: Hariom Balhara <hariombalhara@gmail.com> Co-authored-by: Omar López <zomars@me.com> 2023-06-07 07:27:48 +00:00			`throw new TRPCError({`
			`code: "TOO_MANY_REQUESTS",`
			`message: "An unexpected error occurred, please try again later.",`
			`cause: "Too many requests",`
			`});`
			`}`

			`await sendEmailVerificationLink({`
			`language: translation,`
			verificationEmailLink: `${WEBAPP_URL}/api/auth/verify-email?${params.toString()}`,
			`user: {`
			`email,`
			`name: username,`
			`},`
			`});`

			`return { ok: true, skipped: false };`
			`};`