"419": "Verification code mismatch",
"420": "Account already exists",
"421": "Account does not exist",
+ "422": "Email already verified",
+ "423": "Link code missing",
+ "424": "Link code mismatch",
"500": "Internal server error",
"501": "Not implemented",
"502": "Bad gateway",
421
)
- let key = crypto.randomBytes(16).toString('hex')
+ let link_code = crypto.randomBytes(16).toString('hex')
let expires = new XDate()
expires.addDays(1)
account.set(
'verify_email',
- transaction.json_to_logjson({key, expires: expires.getTime()})
+ transaction.json_to_logjson({link_code, expires: expires.getTime()})
)
let given_names = await logjson.logjson_to_json(
We have received a request to sign up using your email address.
If this request is valid, please verify your email address by visiting the below link:
-${globals.site_url}/my_account/verify_email/index.html?email=${encodeURIComponent(email)}&key=${key}
+${globals.site_url}/my_account/verify_email/index.html?email=${encodeURIComponent(email)}&link_code=${encodeURIComponent(link_code)}
The link is valid for 24 hours.
--- /dev/null
+let crypto = require('crypto')
+let logjson = (await import('@ndcode/logjson')).default
+let XDate = require('xdate')
+
+return async env => {
+ let post_request = await _require('/_lib/post_request.jst')
+ let session_cookie = await _require('/_lib/session_cookie.jst')
+ let Problem = await _require('/_lib/Problem.jst')
+
+ post_request(
+ // env
+ env,
+ // endpoint
+ '/api/sign_up/verify_email',
+ // func
+ async (email, link_code) => {
+ // coerce and/or validate
+ email = email.slice(0, 256).toLowerCase()
+ link_code = link_code.slice(0, 256).toLowerCase()
+ if (email.length === 0 || link_code.length < 32)
+ throw new Problem(
+ 'Bad request',
+ 'Minimum length check failed',
+ 400
+ )
+
+ let transaction = await env.site.database.Transaction()
+ try {
+ // initialize env.session_key, set cookie in env.response
+ await session_cookie(env, transaction)
+
+ let account = await (
+ await (
+ await transaction.get({})
+ ).get('accounts', {})
+ ).get(email)
+ if (account === undefined)
+ throw new Problem(
+ 'Account does not exist',
+ `Please create the account for "${email}" before attempting to verify the email link.`
+ 421
+ )
+
+ if (
+ await logjson.logjson_to_json(
+ await account.get('email_verified')
+ )
+ )
+ throw new Problem(
+ 'Email already verified',
+ `Your email "${email}" is already verified. You can now sign in.`
+ 422
+ )
+
+ let verify_email = await account.get('verify_email')
+ if (
+ verify_email === undefined ||
+ XDate.now() >= await logjson.logjson_to_json(
+ await verify_email.get('expires')
+ )
+ )
+ throw new Problem(
+ 'Link code missing',
+ `Link code for email "${email}" does not exist or has expired.`,
+ 423
+ )
+ if (
+ link_code !== await logjson.logjson_to_json(
+ await verify_email.get('link_code')
+ )
+ )
+ throw new Problem(
+ 'Link code mismatch',
+ `Provided link code "${link_code}" does not match expected value.`,
+ 423
+ )
+
+ await account.delete('verify_email')
+ await account.set('email_verified', true)
+
+ await transaction.commit()
+ }
+ catch (error) {
+ transaction.rollback()
+ throw error
+ }
+ }
+ )
+}
img#verification-image(src="/api/verification_image.png?seq=0" width=300 height=150) {}
}
div.'col-md-2'.my-auto.text-center {
- input.btn.btn-outline-secondary#'new-code'(type="button" value="New code") {}
+ input.btn.btn-outline-secondary#'step-1-new-code'(type="button" value="New code") {}
}
}
div.card-body {
p#step-2-message {'Please enter your details first.'}
- input.btn.btn-outline-secondary.mr-3#step-2-back(type="button" value="Back") {}
- input.btn.btn-outline-secondary#step-2-continue(type="button" value="Continue") {}
+ input.btn.btn-outline-secondary#step-2-back(type="button" value="Back") {}
+ input.btn.btn-outline-secondary.ml-3#step-2-continue(type="button" value="Continue") {}
}
}
}
div.card-body {
p#step-3-message {'Please create your account first.'}
- input.btn.btn-outline-secondary.mr-3#step-3-back(type="button" value="Back") {}
- input.btn.btn-outline-secondary#step-3-resend-email(type="button" value="Resend email") {}
+ input.btn.btn-outline-secondary#step-3-back(type="button" value="Back") {}
+ input.btn.btn-outline-secondary.ml-3#step-3-resend-email(type="button" value="Resend email") {}
}
}
}
return true
}
- let step_3_email = ''
+ let step_2_details = ''
let step_2 = async () => {
$('#step-2-tick').hide()
$('#step-2-cross').hide()
$('#step-2-spinner').show()
try {
- let details = coerce_details()
+ step_2_details = coerce_details()
await sign_up_create_account(
// verification_code
document.getElementById('verification-code').value.slice(0, 6).toLowerCase(),
// details
- details
+ step_2_details
)
- step_3_email = details.email
}
catch (e) {
$('#step-2-tick').hide()
$('#step-2-cross').hide()
$('#step-2-spinner').hide()
- document.getElementById('step-2-message').textContent = `Your account with email "${document.getElementById('email').value}" has been created.`
+ document.getElementById('step-2-message').textContent = `Your account with email "${step_2_details.email}" has been created.`
return true
}
$('#step-3-cross').hide()
$('#step-3-spinner').show()
try {
- await sign_up_send_verification_email(step_3_email)
+ await sign_up_send_verification_email(step_2_details.email)
}
catch (e) {
$('#step-3-tick').hide()
$('#step-3-cross').hide()
$('#step-3-spinner').hide()
- document.getElementById('step-3-message').textContent = 'Verification email has been sent. Please check your email for next steps.'
+ document.getElementById('step-3-message').textContent = `Verification email has been sent to "${step_2_details.email}". Please check your email for next steps.`
return true
}
-
+
document.addEventListener(
- 'DOMContentLoaded',
+ 'DOMContentLoaded',
() => {
document.getElementById('given-names').addEventListener(
'change',
draft_change_handler
)
+ let image_seq = 1
+ document.getElementById('step-1-new-code').addEventListener(
+ 'click',
+ () => {
+ document.getElementById('verification-image').src = `/api/verification_image.png?seq=${image_seq}`
+ image_seq += 1
+ }
+ )
+
document.getElementById('step-1-continue').addEventListener(
'click',
async () => {
if (await step_3())
$('#step-3-collapse').collapse('show')
}
- )
+ )
document.getElementById('step-3-back').addEventListener(
'click',
$('#step-3-collapse').collapse('show')
}
)
-
- let image_seq = 1
- $('#new-code').click(
- () => {
- document.getElementById('verification-image').src = `/api/verification_image.png?seq=${image_seq}`
- image_seq += 1
- }
- )
}
)
}
--- /dev/null
+let logjson = (await import('@ndcode/logjson')).default
+
+return async env => {
+ let breadcrumbs = await _require('/_lib/breadcrumbs.jst')
+ let icon_cross = await env.site.get_min_svg('/_svg/icon_cross.svg')
+ let icon_tick = await env.site.get_min_svg('/_svg/icon_tick.svg')
+ let navbar = await _require('/_lib/navbar.jst')
+ let session_cookie = await _require('/_lib/session_cookie.jst')
+
+ // preload draft details if any
+ let details = {}
+ if (Object.prototype.hasOwnProperty.call(env.parsed_url.query, 'email'))
+ details.email = decodeURIComponent(env.parsed_url.query.email)
+ if (
+ Object.prototype.hasOwnProperty.call(
+ env.parsed_url.query,
+ 'link_code'
+ )
+ )
+ details.link_code =
+ decodeURIComponent(env.parsed_url.query.link_code)
+ console.log('details', JSON.stringify(details))
+
+ await navbar(
+ env,
+ // head
+ async _out => {},
+ // body
+ async _out => {
+ await breadcrumbs(env, _out)
+
+ p {'You will need to verify your email address via an email link before you can sign in to your account.'}
+
+ div.accordion#accordion.mb-5(role="tablist" aria-multiselectable="true") {
+ div.card {
+ div.card-header#step-1-heading(role="tab") {
+ span#step-1-tick(style="display: none;") {
+ span.icon-color.pr-3 {_out.push(icon_tick)}
+ }
+ span#step-1-cross(style="display: none;") {
+ span.icon-color.pr-3 {_out.push(icon_cross)}
+ }
+ //span#step-1-spinner(style="display: none;") {
+ // span.icon-color.pr-3 {
+ // div.spinner-border(role="status") {
+ // span.sr-only {'Loading...'}
+ // }
+ // }
+ //}
+ a.h5(data-toggle="collapse" data-parent="#accordion" href="#step-1-collapse" aria-expanded="true" aria-controls="step-1-collapse") {
+ 'Link details'
+ }
+ }
+ div#step-1-collapse.collapse.show(role="tabpanel" aria-labelledby="step-1-heading" data-parent="#accordion") {
+ div.card-body {
+ div.row {
+ div.col-md-6 {
+ div.form-group {
+ label.form-label(for="email") {'Email *'}
+ input.form-control#email(type="email" value=details.email || '' placeholder="Account email address" required="required" maxlength=256) {}
+ }
+ }
+ div.col-md-6 {
+ div.form-group {
+ label.form-label(for="link-code") {'Link code *'}
+ input.form-control#link-code(type="text" value=details.link_code || '' placeholder="Type the code from the email link" required="required" minlength=32 maxlength=32) {}
+ }
+ }
+ }
+
+ input.btn.btn-success#step-1-continue(type="button" value="Continue") {}
+ p.'mt-3'.mb-0 {'* These fields are required.'}
+ }
+ }
+ }
+ div.card {
+ div.card-header#step-2-heading(role="tab") {
+ span#step-2-tick(style="display: none;") {
+ span.icon-color.pr-3 {_out.push(icon_tick)}
+ }
+ span#step-2-cross(style="display: none;") {
+ span.icon-color.pr-3 {_out.push(icon_cross)}
+ }
+ span#step-2-spinner(style="display: none;") {
+ span.icon-color.pr-3 {
+ div.spinner-border(role="status") {
+ span.sr-only {'Loading...'}
+ }
+ }
+ }
+ a.h5.collapsed(data-toggle="collapse" data-parent="#accordion" href="#step-2-collapse" aria-expanded="false" aria-controls="step-2-collapse") {
+ 'Verify email'
+ }
+ }
+ div#step-2-collapse.collapse(role="tabpanel" aria-labelledby="step-2-heading" data-parent="#accordion") {
+ div.card-body {
+ p#step-2-message {'Please enter email link details first.'}
+
+ input.btn.btn-outline-secondary#step-2-back(type="button" value="Back") {}
+ input.btn.btn-outline-secondary.ml-2#step-2-sign-in(type="button" value="Sign in") {}
+ }
+ }
+ }
+ }
+ },
+ // scripts
+ async _out => {
+ script(src="/js/api_call.js") {}
+
+ script {
+ let sign_up_verify_email = async (...arguments) => api_call(
+ '/api/sign_up/verify_email.json',
+ ...arguments
+ )
+
+ let step_1 = async () => {
+ if (
+ !document.getElementById('email').reportValidity() ||
+ !document.getElementById('link-code').reportValidity()
+ ) {
+ $('#step-1-tick').hide()
+ $('#step-1-cross').show()
+ //$('#step-1-spinner').hide()
+ return false
+ }
+ $('#step-1-tick').show()
+ $('#step-1-cross').hide()
+ //$('#step-1-spinner').hide()
+ return true
+ }
+
+ let step_2 = async () => {
+ $('#step-2-tick').hide()
+ $('#step-2-cross').hide()
+ $('#step-2-spinner').show()
+ let email
+ try {
+ email = document.getElementById('email').value.slice(0, 256).toLowerCase()
+ await sign_up_verify_email(
+ // email
+ email,
+ // link_code
+ document.getElementById('link-code').value.slice(0, 32).toLowerCase()
+ )
+ }
+ catch (e) {
+ $('#step-2-tick').hide()
+ $('#step-2-cross').show()
+ $('#step-2-spinner').hide()
+
+ document.getElementById('step-2-message').textContent = e.message
+ $('#step-2-collapse').collapse('show')
+ return false
+ }
+ $('#step-2-tick').show()
+ $('#step-2-cross').hide()
+ $('#step-2-spinner').hide()
+
+ document.getElementById('step-2-message').textContent = `Your email "${email}" has been verified. You can now sign in.`
+ return true
+ }
+
+ document.addEventListener(
+ 'DOMContentLoaded',
+ () => {
+ document.getElementById('step-1-continue').addEventListener(
+ 'click',
+ async () => {
+ if (await step_1() && await step_2())
+ $('#step-2-collapse').collapse('show')
+ }
+ )
+
+ document.getElementById('step-2-back').addEventListener(
+ 'click',
+ () => {$('#step-1-collapse').collapse('show')}
+ )
+ }
+ )
+ }
+ }
+ )
+}