overleaf/services/web/app/coffee/Features/User/UserEmailsConfirmationHandler.coffee

EmailHelper = require "../Helpers/EmailHelper"
EmailHandler = require "../Email/EmailHandler"
OneTimeTokenHandler = require "../Security/OneTimeTokenHandler"
settings = require 'settings-sharelatex'
Errors = require "../Errors/Errors"
logger = require "logger-sharelatex"
UserUpdater = require "./UserUpdater"

ONE_YEAR_IN_S = 365 * 24 * 60 * 60

module.exports = UserEmailsConfirmationHandler =
	sendConfirmationEmail: (user_id, email, emailTemplate, callback = (error) ->) ->
		if arguments.length == 3
			callback = emailTemplate
			emailTemplate = 'confirmEmail'
		email = EmailHelper.parseEmail(email)
		return callback(new Error('invalid email')) if !email?
		data = {user_id, email}
		OneTimeTokenHandler.getNewToken 'email_confirmation', data, {expiresIn: ONE_YEAR_IN_S}, (err, token)->
			return callback(err) if err?
			emailOptions =
				to: email
				confirmEmailUrl: "#{settings.siteUrl}/user/emails/confirm?token=#{token}"
				sendingUser_id: user_id
			EmailHandler.sendEmail emailTemplate, emailOptions, callback

	confirmEmailFromToken: (token, callback = (error) ->) ->
		logger.log {token_start: token.slice(0,8)}, 'confirming email from token'
		OneTimeTokenHandler.getValueFromTokenAndExpire 'email_confirmation', token, (error, data) ->
			return callback(error) if error?
			if !data?
				return callback(new Errors.NotFoundError('no token found'))
			{user_id, email} = data
			logger.log {data, user_id, email, token_start: token.slice(0,8)}, 'found data for email confirmation'
			if !user_id? or email != EmailHelper.parseEmail(email)
				return callback(new Errors.NotFoundError('invalid data'))
			UserUpdater.confirmEmail user_id, email, callback
Send out confirmation emails on register and record confirmedAt date 2018-06-19 08:55:34 -04:00			`EmailHelper = require "../Helpers/EmailHelper"`
			`EmailHandler = require "../Email/EmailHandler"`
			`OneTimeTokenHandler = require "../Security/OneTimeTokenHandler"`
			`settings = require 'settings-sharelatex'`
			`Errors = require "../Errors/Errors"`
			`logger = require "logger-sharelatex"`
			`UserUpdater = require "./UserUpdater"`

			`ONE_YEAR_IN_S = 365 * 24 * 60 * 60`

			`module.exports = UserEmailsConfirmationHandler =`
			`sendConfirmationEmail: (user_id, email, emailTemplate, callback = (error) ->) ->`
			`if arguments.length == 3`
			`callback = emailTemplate`
			`emailTemplate = 'confirmEmail'`
			`email = EmailHelper.parseEmail(email)`
			`return callback(new Error('invalid email')) if !email?`
Store OneTimeTokens in mongo rather than redis 2018-06-20 12:27:22 -04:00			`data = {user_id, email}`
			`OneTimeTokenHandler.getNewToken 'email_confirmation', data, {expiresIn: ONE_YEAR_IN_S}, (err, token)->`
Send out confirmation emails on register and record confirmedAt date 2018-06-19 08:55:34 -04:00			`return callback(err) if err?`
			`emailOptions =`
			`to: email`
			`confirmEmailUrl: "#{settings.siteUrl}/user/emails/confirm?token=#{token}"`
Merge pull request #1383 from sharelatex/spd-rate-limits Add rate limits to email-related endpoints GitOrigin-RevId: 05a8b40eb65a55aba35788e2401e6988b672b389 2019-01-11 09:14:27 -05:00			`sendingUser_id: user_id`
Send out confirmation emails on register and record confirmedAt date 2018-06-19 08:55:34 -04:00			`EmailHandler.sendEmail emailTemplate, emailOptions, callback`

			`confirmEmailFromToken: (token, callback = (error) ->) ->`
			`logger.log {token_start: token.slice(0,8)}, 'confirming email from token'`
			`OneTimeTokenHandler.getValueFromTokenAndExpire 'email_confirmation', token, (error, data) ->`
			`return callback(error) if error?`
			`if !data?`
			`return callback(new Errors.NotFoundError('no token found'))`
Store OneTimeTokens in mongo rather than redis 2018-06-20 12:27:22 -04:00			`{user_id, email} = data`
Send out confirmation emails on register and record confirmedAt date 2018-06-19 08:55:34 -04:00			`logger.log {data, user_id, email, token_start: token.slice(0,8)}, 'found data for email confirmation'`
			`if !user_id? or email != EmailHelper.parseEmail(email)`
			`return callback(new Errors.NotFoundError('invalid data'))`
			`UserUpdater.confirmEmail user_id, email, callback`