+let crypto = require('crypto')
+let logjson = (await import('@ndcode/logjson')).default
+let XDate = require('xdate')
+
+return async env => {
+ let nodemailer_noreply = await env.site.get_nodemailer(
+ '/_config/nodemailer_noreply.json'
+ )
+ let globals = await env.site.get_json('/_config/globals.json')
+ let post_request = await _require('/_lib/post_request.jst')
+ let session_cookie = await _require('/_lib/session_cookie.jst')
+ let Problem = await _require('/_lib/Problem.jst')
+
+ post_request(
+ // env
+ env,
+ // endpoint
+ '/api/sign_up/send_verification_email',
+ // func
+ async email => {
+ // coerce and/or validate
+ email = email.slice(0, 256).toLowerCase()
+ if (email.length === 0)
+ throw new Problem(
+ 'Bad request',
+ 'Minimum length check failed',
+ 400
+ )
+
+ let transaction = await env.site.database.Transaction()
+ try {
+ // initialize env.session_key, set cookie in env.response
+ await session_cookie(env, transaction)
+
+ let account = await (
+ await (
+ await transaction.get({})
+ ).get('accounts', {})
+ ).get(email)
+ if (account === undefined)
+ throw new Problem(
+ 'Account does not exist',
+ `Please create the account for "${email}" before attempting to send a verification email.`
+ 421
+ )
+
+ let key = crypto.randomBytes(16).toString('hex')
+ let expires = new XDate()
+ expires.addDays(1)
+ account.set(
+ 'verify_email',
+ transaction.json_to_logjson({key, expires: expires.getTime()})
+ )
+
+ let given_names = await logjson.logjson_to_json(
+ await account.get('given_names', '')
+ )
+ let family_name = await logjson.logjson_to_json(
+ await account.get('family_name', '')
+ )
+ let name =
+ family_name.length ? `${given_names} ${family_name}` : given_names
+
+ await nodemailer_noreply.sendMail(
+ {
+ from: globals.noreply_from,
+ to: `${name} <${email}>`,
+ subject: 'Email address verification',
+ text: `Dear ${given_names},
+
+We have received a request to sign up using your email address.
+
+If this request is valid, please verify your email address by visiting the below link:
+${globals.site_url}/my_account/verify_email/index.html?email=${encodeURIComponent(email)}&key=${key}
+
+The link is valid for 24 hours.
+
+Thanks,
+${globals.noreply_signature}
+`
+ }
+ )
+
+ await transaction.commit()
+ }
+ catch (error) {
+ transaction.rollback()
+ throw error
+ }
+ }
+ )
+}