finalized password reset + code refactoring

2024-05-20 19:23:11 -04:00
parent 73dda21573
commit 329019b34e
12 changed files with 239 additions and 118 deletions
@@ -65,6 +65,7 @@ import ZohoProvider from "next-auth/providers/zoho";
 import ZoomProvider from "next-auth/providers/zoom";
 import * as process from "process";
 import type { NextApiRequest, NextApiResponse } from "next";
+import { randomBytes } from "crypto";

 const emailEnabled =
  process.env.EMAIL_FROM && process.env.EMAIL_SERVER ? true : false;
@@ -105,13 +106,54 @@ if (
                    email: username?.toLowerCase(),
                  },
                ],
-                emailVerified: { not: null },
              }
            : {
                username: username.toLowerCase(),
              },
        });

+        if (!user) throw Error("Invalid credentials.");
+        else if (!user?.emailVerified && emailEnabled) {
+          const identifier = user?.email as string;
+          const token = randomBytes(32).toString("hex");
+          const url = `${
+            process.env.NEXTAUTH_URL
+          }/callback/email?token=${token}&email=${encodeURIComponent(
+            identifier
+          )}`;
+          const from = process.env.EMAIL_FROM as string;
+
+          const recentVerificationRequestsCount =
+            await prisma.verificationToken.count({
+              where: {
+                identifier,
+                createdAt: {
+                  gt: new Date(new Date().getTime() - 1000 * 60 * 5), // 5 minutes
+                },
+              },
+            });
+
+          if (recentVerificationRequestsCount >= 4)
+            throw Error("Too many requests. Please try again later.");
+
+          sendVerificationRequest({
+            identifier,
+            url,
+            from,
+            token,
+          });
+
+          await prisma.verificationToken.create({
+            data: {
+              identifier,
+              token,
+              expires: new Date(Date.now() + 24 * 3600 * 1000), // 1 day
+            },
+          });
+
+          throw Error("Email not verified. Verification email sent.");
+        }
+
        let passwordMatches: boolean = false;

        if (user?.password) {
@@ -120,7 +162,7 @@ if (

        if (passwordMatches && user?.password) {
          return { id: user?.id };
-        } else return null as any;
+        } else throw Error("Invalid credentials.");
      },
    })
  );
@@ -132,8 +174,26 @@ if (emailEnabled) {
      server: process.env.EMAIL_SERVER,
      from: process.env.EMAIL_FROM,
      maxAge: 1200,
-      sendVerificationRequest(params) {
-        sendVerificationRequest(params);
+      async sendVerificationRequest({ identifier, url, provider, token }) {
+        const recentVerificationRequestsCount =
+          await prisma.verificationToken.count({
+            where: {
+              identifier,
+              createdAt: {
+                gt: new Date(new Date().getTime() - 1000 * 60 * 5), // 5 minutes
+              },
+            },
+          });
+
+        if (recentVerificationRequestsCount >= 4)
+          throw Error("Too many requests. Please try again later.");
+
+        sendVerificationRequest({
+          identifier,
+          url,
+          from: provider.from as string,
+          token,
+        });
      },
    })
  );