Add support to resend verification email

LibrePass · Nov 12, 2023 · ed61ca5 · ed61ca5
1 parent ea44847
commit ed61ca5
Show file tree

Hide file tree

Showing 3 changed files with 58 additions and 1 deletion.
diff --git a/client/src/main/kotlin/dev/medzik/librepass/client/api/Auth.kt b/client/src/main/kotlin/dev/medzik/librepass/client/api/Auth.kt
@@ -169,6 +169,16 @@ class AuthClient(apiUrl: String = Server.PRODUCTION) {
     fun requestPasswordHint(email: String) {
         client.get("$API_ENDPOINT/passwordHint?email=$email")
     }
+
+    /**
+     * Request a new email verification email.
+     *
+     * @param email The email address of the user.
+     */
+    @Throws(ClientException::class, ApiException::class)
+    fun resendVerificationEmail(email: String) {
+        client.get("$API_ENDPOINT/resendVerificationEmail?email=$email")
+    }
 }
 
 /**

diff --git a/client/src/test/kotlin/dev/medzik/librepass/client/api/AuthClientTests.kt b/client/src/test/kotlin/dev/medzik/librepass/client/api/AuthClientTests.kt
@@ -25,7 +25,12 @@ class AuthClientTests {
     }
 
     @Test
-    fun `request password hint`() {
+    fun requestPasswordHint() {
         authClient.requestPasswordHint(EMAIL)
     }
+
+    @Test
+    fun resendVerificationEmail() {
+        authClient.resendVerificationEmail(EMAIL)
+    }
 }
diff --git a/server/src/main/kotlin/dev/medzik/librepass/server/controllers/api/Auth.kt b/server/src/main/kotlin/dev/medzik/librepass/server/controllers/api/Auth.kt
@@ -326,6 +326,48 @@ class AuthController
             return ResponseHandler.redirectResponse("$webUrl/verification/email")
         }
 
+        @GetMapping("/resendVerificationEmail")
+        fun resendVerificationEmail(
+            @RequestIP ip: String,
+            @RequestParam("email") emailParam: String
+        ): Response {
+            val email = emailParam.lowercase()
+
+            consumeRateLimit(ip)
+            consumeRateLimit(email)
+
+            consumeRateLimit(ip, rateLimitEmail)
+            consumeRateLimit(email, rateLimitEmail)
+
+            val user =
+                userRepository.findByEmail(email)
+                    ?: return ResponseError.INVALID_BODY.toResponse()
+
+            // check if user email is already verified
+            if (user.emailVerified)
+                return ResponseError.INVALID_BODY.toResponse()
+
+            userRepository.save(
+                user.copy(
+                    emailVerificationCodeExpiresAt = Date()
+                )
+            )
+
+            coroutineScope.launch {
+                try {
+                    emailService.sendEmailVerification(
+                        to = email,
+                        user = user.id.toString(),
+                        code = user.emailVerificationCode.toString()
+                    )
+                } catch (e: Throwable) {
+                    logger.error("Error sending email verification", e)
+                }
+            }
+
+            return ResponseHandler.generateResponse(HttpStatus.OK)
+        }
+
         private fun consumeRateLimit(
             key: String,
             rateLimitConfig: BaseRateLimitConfig = rateLimit