api/account/sign_up/send_email_verification_link.json.jst

   1 let crypto = require('crypto')
   2 let nodemailer = require('nodemailer')
   3 let XDate = require('xdate')
   4
   5 return async env => {
   6   let post_request = await _require('/_lib/post_request.jst')
   7   let session_cookie = await _require('/_lib/session_cookie.jst')
   8   let Problem = await _require('/_lib/Problem.jst')
   9
  10   await post_request(
  11     // env
  12     env,
  13     // handler
  14     async email => {
  15       // coerce and/or validate
  16       email = email.slice(0, 256).toLowerCase()
  17       if (email.length === 0)
  18         throw new Problem(
  19           'Bad request',
  20           'Minimum length check failed',
  21           400
  22         )
  23
  24       let transaction = await env.site.database.Transaction()
  25       let link_code
  26       let nodemailer_noreply, site_url, noreply_from, noreply_signature
  27       let given_names, family_name
  28       try {
  29         // initialize env.session_key, set cookie in env.response
  30         await session_cookie(env, transaction)
  31
  32         let account = await (
  33           await (
  34             await transaction.get({})
  35           ).get('accounts', {})
  36         ).get(email)
  37         if (account === undefined)
  38           throw new Problem(
  39             'Account does not exist',
  40             `Please create the account for "${email}" before attempting to send an email verification link.`
  41             421
  42           )
  43
  44         if (await account.get_json('email_verified'))
  45           throw new Problem(
  46             'Email already verified',
  47             `Your email "${email}" is already verified. You can now sign in.`
  48             422
  49           )
  50
  51         link_code = crypto.randomBytes(16).toString('hex')
  52         let expires = new XDate()
  53         expires.addDays(1)
  54         account.set_json(
  55           'verify_email',
  56           {link_code, expires: expires.getTime()}
  57         )
  58
  59         let root = await transaction.get({})
  60         nodemailer_noreply = nodemailer.createTransport(
  61           await (await root.get('nodemailer')).get_json('noreply')
  62         )
  63         let globals = await root.get('globals')
  64         site_url = await globals.get_json('site_url')
  65         noreply_from = await globals.get_json('noreply_from')
  66         noreply_signature = await globals.get_json('noreply_signature')
  67
  68         given_names = await account.get_json('given_names', '')
  69         family_name = await account.get_json('family_name', '')
  70
  71         await transaction.commit()
  72       }
  73       catch (error) {
  74         transaction.rollback()
  75         throw error
  76       }
  77
  78       let name =
  79         family_name.length ? `${given_names} ${family_name}` : given_names
  80       await nodemailer_noreply.sendMail(
  81         {
  82           from: noreply_from,
  83           to: `${name} <${email}>`,
  84           subject: 'Email address verification',
  85           text: `Dear ${given_names},
  86
  87 We have received a request to sign up using your email address.
  88
  89 If this request is valid, please verify your email address by visiting the below link:
  90 ${site_url}/my_account/verify_email/index.html?email=${encodeURIComponent(email)}&link_code=${encodeURIComponent(link_code)}
  91
  92 The link is valid for 24 hours.
  93
  94 Thanks,
  95 ${noreply_signature}
  96 `
  97         }
  98       )
  99     }
 100   )
 101 }