CZAPEX-9

package.json

@@ -17,6 +17,7 @@
     "@types/express": "^4.17.17",
     "@types/jsonwebtoken": "^9.0.1",
     "@types/node": "^18.15.11",
+    "@types/nodemailer": "^6.4.7",
     "@types/uuid": "^9.0.1",
     "@typescript-eslint/eslint-plugin": "^5.58.0",
     "@typescript-eslint/parser": "^5.58.0",
@@ -38,6 +39,7 @@
     "helmet": "^6.1.5",
     "http-status-codes": "^2.2.0",
     "jsonwebtoken": "^9.0.0",
+    "nodemailer": "^6.9.1",
     "prisma": "^4.12.0",
     "uuid": "^9.0.0"
   }

prisma/migrations/20230419184232_init/migration.sql

@@ -0,0 +1,21 @@
+-- RedefineTables
+PRAGMA foreign_keys=OFF;
+CREATE TABLE "new_Uzytkownik" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "password" TEXT NOT NULL,
+    "mail" TEXT NOT NULL,
+    "pin" INTEGER,
+    "token" TEXT,
+    "loginToken" TEXT,
+    "imienazwisko" TEXT NOT NULL,
+    "adres" TEXT NOT NULL,
+    "czysprzedawca" BOOLEAN NOT NULL,
+    "czyAdmin" BOOLEAN NOT NULL,
+    "aktywacja" TEXT NOT NULL DEFAULT '0'
+);
+INSERT INTO "new_Uzytkownik" ("adres", "czyAdmin", "czysprzedawca", "id", "imienazwisko", "loginToken", "mail", "password", "pin", "token") SELECT "adres", "czyAdmin", "czysprzedawca", "id", "imienazwisko", "loginToken", "mail", "password", "pin", "token" FROM "Uzytkownik";
+DROP TABLE "Uzytkownik";
+ALTER TABLE "new_Uzytkownik" RENAME TO "Uzytkownik";
+CREATE UNIQUE INDEX "Uzytkownik_mail_key" ON "Uzytkownik"("mail");
+PRAGMA foreign_key_check;
+PRAGMA foreign_keys=ON;

prisma/schema.prisma

@@ -21,7 +21,7 @@ model Uzytkownik {
     adres String
     czysprzedawca Boolean
     czyAdmin Boolean
-
+    aktywacja String @default("0")
     ocenyKto Ocena[] @relation("a")
     ocenyKomu Ocena[] @relation("b")
     produkty Produkt[]

src/backend/config.ts

@@ -19,5 +19,16 @@ export const config: TConfig = {
     },
 };
 
+export const mailconfig = {
+    host: 'h26.seohost.pl',
+    port: 465,
+    secure: true, // true for 465, false for other ports
+    auth: {
+        user: '[email protected]', // generated ethereal user
+        pass: 'czapexpol', // generated ethereal password
+    },
+};
 export const SALT = (process.env.PASSWORD_SALT as string) ?? 't4jn3h4slo';
+export const activateSALT =
+    (process.env.PASSWORD_SALT as string) ?? 't4jn3h4slo';
 export const SECRET = (process.env.TOKEN_SECRET as string) ?? 't4jn3h4slo';

src/backend/functions/users.ts

@@ -1,8 +1,9 @@
 import { createHash } from '../utils/hash.utils';
 import { prisma } from '../database';
 import { createToken } from '../utils/jwt.utils';
-import { SALT, SECRET } from '../config';
+import { activateSALT, SALT, SECRET } from '../config';
 import { ValidationError } from '../utils/customErrors';
+import { sendmail } from '../utils/mail';
 
 export async function login(mail: string, password: string, pin?: number) {
     const passwordHash = createHash(password, SALT);
@@ -33,6 +34,13 @@ export async function create(
     adres: string,
 ) {
     const passwordHash = createHash(password, SALT);
+    const token = createHash(mail, activateSALT);
+    sendmail(
+        mail,
+        `User Account Veryfication for user ${mail}`,
+        `Click this link to activate: http://localhost:3000/api/user/verify/${token}`,
+        `Click this link to activate: <a href='http://localhost:3000/api/user/verify/${token}'>LINK</a>`,
+    );
     return prisma.uzytkownik.create({
         data: {
             mail: mail,
@@ -41,12 +49,14 @@ export async function create(
             adres: adres,
             czysprzedawca: false,
             czyAdmin: false,
+            aktywacja: token,
         },
     });
 }
 
 export async function edit(
     id: number,
+    aktywacja?: string,
     password?: string,
     mail?: string,
     pin?: number,
@@ -61,6 +71,7 @@ export async function edit(
     if (!user) throw new ValidationError('User not found.');
 
     interface UpdateUserData {
+        aktywacja?: string;
         password?: string;
         mail?: string;
         pin?: number;
@@ -73,6 +84,7 @@ export async function edit(
     }
 
     const data: UpdateUserData = {};
+    if (aktywacja) data.aktywacja = aktywacja;
     if (password) data.password = createHash(password, SALT);
     if (mail) data.mail = mail;
     if (pin) data.pin = pin;
@@ -103,3 +115,14 @@ export async function list() {
 
     return users;
 }
+export async function verify(token: string) {
+    const user = await prisma.uzytkownik.findFirst({
+        where: { aktywacja: token },
+    });
+    if (user) {
+        await edit(user.id, '1');
+        return '<h1>User Succesfull Activated</h1>';
+    } else {
+        throw new ValidationError('Link is expired.');
+    }
+}

src/backend/functions/validation.ts

@@ -20,3 +20,12 @@ export async function IsSeller(token?: string) {
     }
     return found[0].czysprzedawca;
 }
+export async function IsVerified(mail?: string) {
+    if (mail == null) return false;
+    const found = await prisma.uzytkownik.findMany({
+        where: { mail: mail },
+    });
+    if (found.length == 0) {
+        return false;
+    } else return found[0].aktywacja == '1';
+}

src/backend/routes/index.ts

@@ -5,6 +5,7 @@ import loginUser from './user/login';
 import editUser from './user/edit';
 import deleteUser from './user/delete';
 import listUsers from './user/list';
+import verifyUsers from './user/verify';
 import createCategory from './category/create';
 import deleteCategory from './category/delete';
 import getCategory from './category/get';
@@ -34,6 +35,7 @@ const apiRoutes = [
     deleteProduct,
     getProduct,
     editProduct,
+    verifyUsers,
 ];
 apiRoutes.forEach((route) =>
     router[route.method](route.path, route.validators, route.handler),

src/backend/routes/user/login.ts

@@ -4,6 +4,8 @@ import { StatusCodes } from 'http-status-codes';
 import { TRoute } from '../types';
 import { handleRequest } from '../../utils/request.utils';
 import { login } from '../../functions/users';
+import { ValidationError } from '../../utils/customErrors';
+import { IsVerified } from '../../functions/validation';
 
 export default {
     method: 'get',
@@ -19,7 +21,15 @@ export default {
             res,
             responseDefaultStatus: StatusCodes.OK,
             execute: async () => {
-                return login(req.body.mail, req.body.password, req.body.pin);
+                if (await IsVerified(req.body.mail)) {
+                    return login(
+                        req.body.mail,
+                        req.body.password,
+                        req.body.pin,
+                    );
+                } else {
+                    throw new ValidationError('User not Verified.');
+                }
             },
         }),
 } as TRoute;

src/backend/routes/user/verify.ts

@@ -0,0 +1,21 @@
+import { Request, Response } from 'express';
+import { body } from 'express-validator';
+import { StatusCodes } from 'http-status-codes';
+import { TRoute } from '../types';
+import { handleRequest } from '../../utils/request.utils';
+import { verify } from '../../functions/users';
+
+export default {
+    method: 'get',
+    path: '/api/user/verify/:token',
+    validators: [],
+    handler: async (req: Request, res: Response) =>
+        handleRequest({
+            req,
+            res,
+            responseDefaultStatus: StatusCodes.OK,
+            execute: async () => {
+                return verify(req.params.token);
+            },
+        }),
+} as TRoute;

src/backend/utils/mail.ts

@@ -0,0 +1,26 @@
+import nodemailer from 'nodemailer';
+import { mailconfig } from '../config';
+export async function sendmail(
+    to: string,
+    subject: string,
+    text: string,
+    html: string,
+) {
+    const transporter = nodemailer.createTransport(mailconfig);
+
+    const info = await transporter.sendMail({
+        from: '"CZEPEXPOL" <[email protected]>', // sender address
+        to: to, // list of receivers
+        subject: subject, // Subject line
+        text: text, // plain text body
+        html: html, // html body
+    });
+
+    //from: '"CZEPEXPOL" <[email protected]>',
+    //to: '[email protected]',
+    //subject: 'Hello ✔',
+    //text: 'Hello world',
+    //html: '<b>Hello world</b>',
+
+    console.log('Message sent: %s', info.messageId);
+}