Added verification email things to settings

Author: GigaElk

backend/scripts/checkUnverifiedUsers.js

@@ -0,0 +1,40 @@
+const { PrismaClient } = require('@prisma/client');
+
+const prisma = new PrismaClient();
+
+async function checkUnverifiedUsers() {
+  try {
+    const users = await prisma.user.findMany({
+      where: { emailVerified: false },
+      select: {
+        email: true,
+        createdAt: true,
+        welcomeEmailSentAt: true,
+      }
+    });
+
+    console.log('📧 Unverified users:');
+    users.forEach((user, index) => {
+      console.log(`${index + 1}. ${user.email}`);
+      console.log(`   Created: ${user.createdAt}`);
+      console.log(`   Welcome email sent: ${user.welcomeEmailSentAt || 'Not sent'}`);
+      
+      if (user.welcomeEmailSentAt) {
+        const hoursSinceEmail = (Date.now() - new Date(user.welcomeEmailSentAt).getTime()) / (1000 * 60 * 60);
+        console.log(`   Hours since email: ${hoursSinceEmail.toFixed(1)}`);
+        if (hoursSinceEmail > 1) {
+          console.log(`   ⚠️  Token likely expired (sent ${hoursSinceEmail.toFixed(1)} hours ago)`);
+        }
+      }
+      console.log('');
+    });
+
+    console.log(`Total unverified users: ${users.length}`);
+  } catch (error) {
+    console.error('❌ Failed to check unverified users:', error);
+  } finally {
+    await prisma.$disconnect();
+  }
+}
+
+checkUnverifiedUsers();

backend/scripts/manuallyVerifyEmail.js

@@ -0,0 +1,70 @@
+/**
+ * Utility script to manually verify a user's email (emergency use)
+ * Usage: node scripts/manuallyVerifyEmail.js <email>
+ */
+
+const { PrismaClient } = require('@prisma/client');
+
+const prisma = new PrismaClient();
+
+async function manuallyVerifyEmail(email) {
+  try {
+    console.log(`🔍 Looking for user with email: ${email}`);
+    
+    const user = await prisma.user.findUnique({
+      where: { email },
+      select: {
+        id: true,
+        email: true,
+        username: true,
+        emailVerified: true,
+      }
+    });
+
+    if (!user) {
+      console.error(`❌ User with email ${email} not found`);
+      process.exit(1);
+    }
+
+    console.log(`👤 Found user:`, user);
+
+    if (user.emailVerified) {
+      console.log(`✅ User ${email} is already verified`);
+      process.exit(0);
+    }
+
+    console.log(`🔄 Manually verifying email for ${email}...`);
+
+    const updatedUser = await prisma.user.update({
+      where: { email },
+      data: { emailVerified: true },
+      select: {
+        id: true,
+        email: true,
+        username: true,
+        emailVerified: true,
+      }
+    });
+
+    console.log(`✅ Successfully verified email:`, updatedUser);
+    console.log(`🎉 ${email} can now access all features!`);
+
+  } catch (error) {
+    console.error('❌ Failed to verify email:', error);
+    process.exit(1);
+  } finally {
+    await prisma.$disconnect();
+  }
+}
+
+// Get email from command line arguments
+const email = process.argv[2];
+
+if (!email) {
+  console.error('❌ Please provide an email address');
+  console.log('Usage: node scripts/manuallyVerifyEmail.js <email>');
+  console.log('Example: node scripts/manuallyVerifyEmail.js [email protected]');
+  process.exit(1);
+}
+
+manuallyVerifyEmail(email);

backend/scripts/resendVerificationEmails.js

@@ -0,0 +1,72 @@
+/**
+ * Utility script to resend verification emails to unverified users
+ * Usage: node scripts/resendVerificationEmails.js
+ */
+
+const { PrismaClient } = require('@prisma/client');
+const { generateEmailVerificationToken } = require('../src/utils/jwt');
+const { sendVerificationEmail } = require('../src/utils/email');
+
+const prisma = new PrismaClient();
+
+async function resendVerificationEmails() {
+  try {
+    console.log('🔍 Looking for unverified users...');
+    
+    const unverifiedUsers = await prisma.user.findMany({
+      where: { emailVerified: false },
+      select: {
+        id: true,
+        email: true,
+        createdAt: true,
+        welcomeEmailSentAt: true,
+      }
+    });
+
+    if (unverifiedUsers.length === 0) {
+      console.log('✅ No unverified users found!');
+      return;
+    }
+
+    console.log(`📧 Found ${unverifiedUsers.length} unverified users. Resending verification emails...`);
+
+    for (const user of unverifiedUsers) {
+      try {
+        console.log(`📤 Sending verification email to ${user.email}...`);
+        
+        // Generate new verification token (24h expiry)
+        const verificationToken = generateEmailVerificationToken(user.id);
+        
+        // Send verification email
+        await sendVerificationEmail(user.email, verificationToken);
+        
+        // Update the welcomeEmailSentAt timestamp
+        await prisma.user.update({
+          where: { id: user.id },
+          data: { 
+            welcomeEmailSentAt: new Date(),
+            welcomeEmailSent: true 
+          }
+        });
+
+        console.log(`✅ Verification email sent to ${user.email}`);
+        
+        // Add delay to avoid rate limits
+        await new Promise(resolve => setTimeout(resolve, 2000));
+        
+      } catch (error) {
+        console.error(`❌ Failed to send email to ${user.email}:`, error.message);
+      }
+    }
+
+    console.log('🎉 Finished resending verification emails!');
+    console.log('📝 Note: New tokens are valid for 24 hours instead of 1 hour.');
+
+  } catch (error) {
+    console.error('❌ Failed to resend verification emails:', error);
+  } finally {
+    await prisma.$disconnect();
+  }
+}
+
+resendVerificationEmails();

backend/scripts/testResendEndpoint.js

@@ -0,0 +1,40 @@
+/**
+ * Test script to verify the resend verification email endpoint works
+ * Usage: node scripts/testResendEndpoint.js
+ */
+
+const { generateEmailVerificationToken, verifyEmailVerificationToken } = require('../src/utils/jwt');
+
+function testResendEndpoint() {
+  try {
+    console.log('🧪 Testing resend verification email functionality...');
+    
+    // Test token generation and verification
+    const testUserId = 'test-user-123';
+    const token = generateEmailVerificationToken(testUserId);
+    console.log('✅ Generated email verification token');
+    
+    const { userId } = verifyEmailVerificationToken(token);
+    console.log('✅ Verified email verification token');
+    
+    if (userId === testUserId) {
+      console.log('🎉 Email verification token system is working!');
+      console.log('📧 The resend endpoint should work correctly');
+      console.log('⏰ Tokens are valid for 24 hours');
+      console.log('');
+      console.log('📝 To test the full flow:');
+      console.log('1. Deploy this code to production');
+      console.log('2. User goes to Settings page');
+      console.log('3. User sees email verification status');
+      console.log('4. User clicks "Resend Email" if not verified');
+      console.log('5. User receives new email with 24-hour token');
+    } else {
+      console.error('❌ Token verification failed - user ID mismatch');
+    }
+    
+  } catch (error) {
+    console.error('❌ Test failed:', error.message);
+  }
+}
+
+testResendEndpoint();

backend/scripts/testVerificationToken.js

@@ -0,0 +1,35 @@
+/**
+ * Test script to verify the new email verification tokens work correctly
+ */
+
+const { generateEmailVerificationToken, verifyEmailVerificationToken } = require('../src/utils/jwt');
+
+function testVerificationTokens() {
+  try {
+    console.log('🧪 Testing email verification tokens...');
+    
+    const testUserId = 'test-user-123';
+    
+    // Generate token
+    console.log('📝 Generating verification token...');
+    const token = generateEmailVerificationToken(testUserId);
+    console.log('✅ Token generated:', token.substring(0, 20) + '...');
+    
+    // Verify token
+    console.log('🔍 Verifying token...');
+    const { userId } = verifyEmailVerificationToken(token);
+    console.log('✅ Token verified! User ID:', userId);
+    
+    if (userId === testUserId) {
+      console.log('🎉 Email verification system is working correctly!');
+      console.log('📅 Tokens are valid for 24 hours');
+    } else {
+      console.error('❌ Token verification failed - user ID mismatch');
+    }
+    
+  } catch (error) {
+    console.error('❌ Token test failed:', error.message);
+  }
+}
+
+testVerificationTokens();

backend/src/controllers/authController.ts

@@ -274,6 +274,36 @@ export class AuthController {
     }
   }
 
+  async resendVerificationEmail(req: Request, res: Response) {
+    try {
+      if (!req.user) {
+        return res.status(401).json({
+          error: {
+            code: 'UNAUTHORIZED',
+            message: 'Authentication required',
+          },
+          timestamp: new Date().toISOString(),
+          path: req.path,
+        });
+      }
+
+      await authService.resendVerificationEmail(req.user.userId);
+
+      res.json({
+        message: 'Verification email sent successfully',
+      });
+    } catch (error: any) {
+      res.status(400).json({
+        error: {
+          code: 'RESEND_VERIFICATION_FAILED',
+          message: error.message,
+        },
+        timestamp: new Date().toISOString(),
+        path: req.path,
+      });
+    }
+  }
+
   async logout(req: Request, res: Response) {
     // For JWT tokens, logout is handled client-side by removing the token
     // In a more complex setup, you might maintain a blacklist of tokens

backend/src/routes/auth.ts

@@ -16,6 +16,7 @@ router.get('/verify-email', authController.verifyEmail);
 // Protected routes
 router.post('/logout', authenticateToken, authController.logout);
 router.get('/profile', authenticateToken, authController.getProfile);
+router.post('/resend-verification', authenticateToken, authController.resendVerificationEmail);
 
 // Debug routes
 router.get('/check-token', authController.checkToken);

backend/src/services/authService.ts

@@ -1,7 +1,7 @@
 import bcrypt from 'bcryptjs';
 import { PrismaClient } from '@prisma/client';
 import { RegisterRequest, LoginRequest, AuthResponse } from '../types/auth';
-import { generateTokens, generatePasswordResetToken } from '../utils/jwt';
+import { generateTokens, generatePasswordResetToken, generateEmailVerificationToken, verifyEmailVerificationToken } from '../utils/jwt';
 import { sendVerificationEmail, sendPasswordResetEmail } from '../utils/email';
 
 const prisma = new PrismaClient();
@@ -72,7 +72,7 @@ export class AuthService {
 
     // Send verification email (don't await to avoid blocking)
     if (process.env.EMAIL_HOST && process.env.EMAIL_USER) {
-      const verificationToken = generatePasswordResetToken(user.id);
+      const verificationToken = generateEmailVerificationToken(user.id);
       sendVerificationEmail(user.email, verificationToken)
         .then(async () => {
           // Mark welcome email as sent
@@ -228,8 +228,7 @@ export class AuthService {
 
   async verifyEmail(token: string): Promise<void> {
     try {
-      const { verifyPasswordResetToken } = await import('../utils/jwt');
-      const { userId } = verifyPasswordResetToken(token);
+      const { userId } = verifyEmailVerificationToken(token);
 
       await prisma.user.update({
         where: { id: userId },
@@ -240,6 +239,36 @@ export class AuthService {
     }
   }
 
+  async resendVerificationEmail(userId: string): Promise<void> {
+    const user = await prisma.user.findUnique({
+      where: { id: userId },
+      select: { email: true, emailVerified: true }
+    });
+
+    if (!user) {
+      throw new Error('User not found');
+    }
+
+    if (user.emailVerified) {
+      throw new Error('Email is already verified');
+    }
+
+    // Generate new verification token
+    const verificationToken = generateEmailVerificationToken(userId);
+    
+    // Send verification email
+    await sendVerificationEmail(user.email, verificationToken);
+    
+    // Update the welcomeEmailSentAt timestamp
+    await prisma.user.update({
+      where: { id: userId },
+      data: { 
+        welcomeEmailSentAt: new Date(),
+        welcomeEmailSent: true 
+      }
+    });
+  }
+
   async getUserById(userId: string) {
     return await prisma.user.findUnique({
       where: { id: userId },

backend/src/services/welcomeEmailService.ts

@@ -1,6 +1,6 @@
 import { PrismaClient } from '@prisma/client';
 import { sendVerificationEmail } from '../utils/email';
-import { generatePasswordResetToken } from '../utils/jwt';
+import { generateEmailVerificationToken } from '../utils/jwt';
 
 const prisma = new PrismaClient();
 
@@ -43,7 +43,7 @@ export class WelcomeEmailService {
 
       for (const user of usersWithoutWelcomeEmail) {
         try {
-          const verificationToken = generatePasswordResetToken(user.id);
+          const verificationToken = generateEmailVerificationToken(user.id);
 
           // Add longer delay between emails to avoid rate limits
           if (successCount > 0) {