Merge pull request #505 from curveball/verifiy-emails

Allow 'generate-token' to create identity-specific tokens.
curveball · Jul 26, 2024 · d2ff72f · d2ff72f
2 parents 81c1e9d + 7fa61b6
commit d2ff72f
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 5 deletions.
diff --git a/schemas/verification-token-generate.json b/schemas/verification-token-generate.json
@@ -11,6 +11,11 @@
     "expiresIn": {
       "description": "Specify how long the token is valid for, in seconds.",
       "type": "number"
+    },
+    "identity": {
+      "description": "If set, the token will be associated with a specific email address or phone number. When this token is validated later, the email address or phone number will be marked as 'verified' for the user.",
+      "type": "string",
+      "format": "uri"
     }
   }
 }
diff --git a/src/api-types.ts b/src/api-types.ts
@@ -328,4 +328,8 @@ export interface VerificationTokenGenerateRequest {
    * Specify how long the token is valid for, in seconds.
    */
   expiresIn?: number;
+  /**
+   * If set, the token will be associated with a specific email address or phone number. When this token is validated later, the email address or phone number will be marked as 'verified' for the user.
+   */
+  identity?: string;
 }
diff --git a/src/services.ts b/src/services.ts
@@ -5,3 +5,5 @@ export * as privilege from './privilege/service.js';
 export * as resetPassword from './reset-password/service.js';
 export * as log from './log/service.js';
 export * as appClient from './app-client/service.js';
+export * as oauth2 from './oauth2/service.js';
+export * as verificationToken from './verification-token/service.js';
diff --git a/src/verification-token/controller/generate.ts b/src/verification-token/controller/generate.ts
@@ -1,10 +1,9 @@
 import Controller from '@curveball/controller';
 import { Context } from '@curveball/core';
-import { PrincipalService } from '../../principal/service.js';
-import { createToken } from '../service.js';
 import * as hal from '../formats/hal.js';
 import { resolve } from 'url';
 import { VerificationTokenGenerateRequest } from '../../api-types.js';
+import * as services from '../../services.js';
 
 class OneTimeTokenController extends Controller {
 
@@ -13,13 +12,19 @@ class OneTimeTokenController extends Controller {
     ctx.request.validate<VerificationTokenGenerateRequest>('https://curveballjs.org/schemas/a12nserver/verification-token-generate.json');
     ctx.privileges.require('a12n:one-time-token:generate');
 
-    const principalService = new PrincipalService(ctx.privileges);
+    const principalService = new services.principal.PrincipalService(ctx.privileges);
     const user = await principalService.findByExternalId(ctx.params.id, 'user');
 
-    const token = await createToken(
+    let identity = null;
+
+    if (ctx.request.body.identity) {
+      identity = await services.principalIdentity.findByUri(user, ctx.request.body.identity);
+    }
+
+    const token = await services.verificationToken.createToken(
       user,
       ctx.request.body.expiresIn ?? null,
-      null,
+      identity,
     );
     const url = resolve(ctx.request.origin, 'reset-password/token/' + token.token);