Add email verification

app.js

@@ -16,6 +16,7 @@ let orderRouter = require("./routes/order");
 let ordersRouter = require("./routes/orders");
 let sandwichesRouter = require("./routes/sandwiches");
 let profileRouter = require("./routes/profile");
+let checkRouter = require("./routes/check");
 let adminRouter = require("./routes/admin");
 let contactRouter = require("./routes/contact");
 
@@ -70,6 +71,7 @@ app.use("/order", orderRouter);
 app.use("/orders", ordersRouter);
 app.use("/sandwiches", sandwichesRouter);
 app.use("/profile", profileRouter);
+app.use("/check", checkRouter);
 app.use("/admin", adminRouter);
 app.use("/contact", contactRouter);
 

locales/en.json

@@ -40,7 +40,9 @@
 	},
 	"profile": {
 		"title": "Profile",
-		"infos": "Infos"
+		"infos": "Infos",
+		"emailCheck": "Email verification",
+		"emailCheckMessage": "We need to validate your email address, please click on the link below to validate it\n\n%s"
 	},
 	"admin": {
 		"title": "Administration",

locales/fr.json

@@ -40,7 +40,9 @@
 	},
 	"profile": {
 		"title": "Profil",
-		"infos": "Infos"
+		"infos": "Infos",
+		"emailCheck": "Vérification e-mail",
+		"emailCheckMessage": "Nous avons besoin de valider votre adresse email, merci de clicker sur le lien si dessous pour la valider\n\n%s"
 	},
 	"admin": {
 		"title": "Administration",

models/user.js

@@ -29,6 +29,15 @@ module.exports = (sequelize, DataTypes) => {
             },
             unique: true
         },
+        emailVerified : {
+            type: DataTypes.BOOLEAN,
+            defaultValue: false,
+            allowNull: false
+        },
+        emailToken: {
+            type: DataTypes.STRING,
+            unique: true
+        },
         firstName: {
             type: DataTypes.STRING,
             allowNull: false,

routes/check.js

@@ -0,0 +1,21 @@
+const express = require("express");
+const router = express.Router();
+const error = require("./utils/error");
+const models = require("../models");
+
+router.get("/", async (req, res) => {
+    if (!req.query.token)
+        return error(req, res, "Can't verify email", 400, "Missing args");
+
+    let user = await models.User.findOne({where: {emailToken: req.query.token}});
+    if (!user)
+        return error(req, res, "Can't verify email", 400, "Invalid token");
+
+    user.emailToken = null;
+    user.emailVerified = true;
+    await user.save();
+    req.session.user = user;
+    req.session.save(() => res.redirect("/profile"));
+});
+
+module.exports = router;

routes/profile.js

@@ -3,6 +3,8 @@ let router = express.Router();
 let sessionCheck = require("../middlewares/sessionCheck");
 let models = require("../models");
 let userUpdate = require("./utils/userUpdate");
+let emailCheck = require("./utils/emailCheck");
+let error = require("./utils/error");
 
 router.get("/", sessionCheck(0), async (req, res) => {
     res.render("profile", {
@@ -22,6 +24,11 @@ router.get("/", sessionCheck(0), async (req, res) => {
         req.session.user = user;
         res.redirect("/profile");
     }
+}).get("/resend", sessionCheck(0), async (req, res) => {
+    if (!req.session.user.emailVerified)
+        await emailCheck(req, res, await models.User.findByPk(req.session.user.username), () => res.redirect("/profile"));
+    else
+        return error(req, res, "Can't' resend email", 400, "Email already verified");
 });
 
 module.exports = router;

routes/utils/emailCheck.js

@@ -0,0 +1,28 @@
+let crypto = require("crypto");
+let models = require("../../models");
+let Message = require("emailjs").Message;
+let error = require("./error");
+
+
+module.exports = async (req, res, user, callBack) => {
+    let token = crypto.randomBytes(16).toString("hex");
+    let config = req.app.get("config");
+
+    while (await models.User.findOne({where: {emailToken: token}}))
+        token = crypto.randomBytes(16).toString("hex");
+    user.emailToken = token;
+    await user.save();
+
+    req.app.get("mailClient").send( new Message({
+        text: res.__("profile.emailCheckMessage", `${req.protocol}://${req.hostname}/check?token=${token}`),
+        from: config.email.from,
+        to: user.email,
+        subject: res.__("profile.emailCheck")
+    }), (err, message) => {
+        if (err)
+            return error(req, res, "Fail to send message !", 500,
+                req.app.get("env") !== "production" ? err : undefined);
+        else
+            callBack();
+    });
+};

routes/utils/userCreate.js

@@ -1,5 +1,6 @@
 let models = require("../../models");
 let error = require("../utils/error");
+let emailCheck = require("./emailCheck");
 
 
 module.exports = async (req, res) => {
@@ -38,6 +39,12 @@ module.exports = async (req, res) => {
                 UserUsername: null
             }}))
             await c.setUser(user);
+
+        if (!req.app.locals.test) {
+            new Promise(async done => await emailCheck(req, res, user, done));
+            await user.reload();
+        }
+
         return user;
     } catch (e) {
         error(req, res, "Registration fail !");

views/profile.pug

@@ -30,6 +30,11 @@ block content
                 each department in departments
                     option(value=department.name)
 
+        if (!user.emailVerified)
+            div.field
+                a(href="/profile/resend")
+                    input(type="button" value=__("profile.emailCheck"))
+
     div.card#userOrderList
         h1=__("orders")
         each order in orders