Changed emails templates and link from application validation expiration time

Co-authored-by: Daniel Ferreira <dsantosferreira@users.noreply.github.com>

Author: FranciscoCardoso913

.env

@@ -20,8 +20,8 @@ JWT_SECRET=Lendas contam que o Rui foi membro do IEEE.
 # Frontend Password Recovery Base Route
 PASSWORD_RECOVERY_LINK=https://localhost:3000/recover
 
-# Froantend Application Confirmation Base Route
-APPLICATION_CONFIRMATION_LINK=https://localhost:8087/apply/company/validate/
+# Frontend Application Confirmation Base Route
+APPLICATION_CONFIRMATION_LINK=https://localhost:3000/apply/company/validate/
 
 # Specifies the port in which the app will be exposed
 PORT=8087
@@ -43,10 +43,10 @@ ACCESS_CONTROL_ALLOW_ORIGIN=
 # Check this for details on how to configure your personal account for testing (https://support.google.com/accounts/answer/185833?p=InvalidSecondFactor&visit_id=637446218993181653-2339409452&rd=1)
 
 # The email address from which the emails are sent
-MAIL_FROM=jacky88@ethereal.email
+MAIL_FROM=
 
 # Password for email above
-MAIL_FROM_PASSWORD=PgAnnVsAa6Sg8zJp6t
+MAIL_FROM_PASSWORD=
 
 # Cloudinary API URL to save images
 CLOUDINARY_URL=

src/api/middleware/application.js

@@ -1,17 +1,15 @@
 import CompanyApplication, { CompanyApplicationRules } from "../../models/CompanyApplication.js";
 import { APIError, ErrorTypes } from "./errorHandler.js";
 import { StatusCodes as HTTPStatus } from "http-status-codes/build/cjs/status-codes.js";
-export const exceededCreationTimeLimit = async (email) => {
-    const cursor = await CompanyApplication.findOne({ email, isVerified: false }).exec();
-    if (cursor !== null && Date.now() - cursor.submittedAt < 5000 * 60) {
-        throw new APIError(HTTPStatus.FORBIDDEN, ErrorTypes.FORBIDDEN, CompanyApplicationRules.APPLICATION_RECENTLY_CREATED);
+import { VALIDATION_LINK_EXPIRATION } from "../../models/constants/ApplicationStatus.js";
+import { SECOND_IN_MS } from "../../models/constants/TimeConstants.js";
+
+export const exceededCreationTimeLimit = async (req, res, next) => {
+    const application = await CompanyApplication.findOne({ email:req.body.email, isVerified: false });
+    if (application !== null && Date.now() < application.submittedAt.getTime() + VALIDATION_LINK_EXPIRATION * SECOND_IN_MS) {
+        return next( new APIError(HTTPStatus.FORBIDDEN, ErrorTypes.FORBIDDEN, CompanyApplicationRules.APPLICATION_RECENTLY_CREATED.msg));
     }
-    return true;
+    return next();
 };
 
-export const deleteApplications = async (email) => {
-    await CompanyApplication.deleteMany({ email: email, isVerified: false }).catch(function(error) {
-        console.error(error);
-        throw (error); // Failure
-    });
-};
+

src/api/middleware/auth.js

@@ -78,16 +78,11 @@ export const hasAdminPrivileges = async (req, res, next) => {
 };
 
 export const validToken = (req, res, next) => {
-    try {
-        const decoded = verifyAndDecodeToken(req.params.token, config.jwt_secret, next);
+    const decoded = verifyAndDecodeToken(req.params.token, config.jwt_secret, next);
 
-        storeInLocals(req, {
-            token: decoded,
-        });
+    storeInLocals(req, {
+        token: decoded,
+    });
 
-        return next();
-    } catch (err) {
-        console.log(err);
-        return next(err);
-    }
+    return next();
 };

src/api/middleware/validators/validationReasons.js

@@ -49,7 +49,6 @@ const ValidationReasons = Object.freeze({
     IMAGE_FORMAT: "formats-supported-png-jpeg-jpg",
     OFFER_BLOCKED_ADMIN: "offer-blocked-by-admin",
     OFFER_HIDDEN: "offer-is-hidden",
-    ALREADY_VALIDATED: "application-already-validated",
     NON_EXISTING_APPLICATION: "application-does-not-exist",
     FILE_TOO_LARGE: (max) => `file-cant-be-larger-than-${max}MB`
 });

src/api/routes/application.js

@@ -13,11 +13,10 @@ export default (app) => {
     /**
      * Creates a new Company Application
      */
-    router.post("/", validators.create, async (req, res, next) => {
+    router.post("/", validators.create, applicationMiddleware.exceededCreationTimeLimit, async (req, res, next) => {
         try {
-            await applicationMiddleware.exceededCreationTimeLimit(req.body.email);
-            await applicationMiddleware.deleteApplications(req.body.email);
             const applicationService = new ApplicationService();
+            await applicationService.deleteApplications(req.body.email);
             // This is safe since the service is destructuring the passed object and the fields have been validated
             const application = await applicationService.create(req.body);
             return res.json(application);

src/email-templates/companyApplicationApproval.js

@@ -23,4 +23,3 @@ export const REJECTION_NOTIFICATION = (companyName) => ({
     template: "rejection_notification",
     context: { companyName },
 });
-

src/email-templates/confirm-application.handlebars

@@ -1,5 +1,6 @@
 <h1>Confirm your NIJobs application</h1>
-<p>Please follow this <a href="{{link}}" target="_blank">link</a> to finish the process. Note that the link will be expired in 5 minutes.</p>    
+<p>We have successfully received your application!</p>
+<p>Please follow this <a href="{{link}}" target="_blank">link</a> to finish the process. Note that the link will expire in 10 minutes.</p>    
 <br>
 <p>If you did not request this or need anything else, please contact us at <a href="mailto:nijobs@aefeup.pt">nijobs@aefeup.pt</a>!</p><br>
 <p>Sincerely,</p>

src/email-templates/new_company_application_company.handlebars

@@ -1,8 +1,9 @@
-<h1>We have successfully received your application!</h1>
-<p>We will now review your application, and in case you're approved, you will receive another email with further instructions in order to complete your registration.</p>    
+<h1>Your application has been validated!</h1>
+<p>We will now review your application, and in case you're approved, you will receive another email with further instructions in order to complete your registration.</p>
 <p>Your Application ID is {{applicationId}} and you registered {{companyName}}</p>
+<p>Once you're approved, you will receive an email, and then you can log into NIJobs! Do not forget your password, you will need it on the first login.</p>
 <br>
 <p>If you did not request this or if you need anything else, don't hesitate to contact us at <a href="mailto:nijobs@aefeup.pt">nijobs@aefeup.pt</a>!</p>
 <br>
 <p>Sincerely,</p>
-<p>NIJobs team at NIAEFEUP</p>
+<p>NIJobs team at NIAEFEUP</p>

src/lib/emailService.js

@@ -6,7 +6,7 @@ export class EmailService {
 
     async init({ email: user, password: pass }) {
         this.email = user;
-        /* const transporter = await nodemailer.createTransport({
+        const transporter = await nodemailer.createTransport({
             pool: true,
             host: "smtp.gmail.com",
             port: 465,
@@ -17,15 +17,6 @@ export class EmailService {
             },
             connectionTimeout: 30000
         });
-        console.log("transporter");*/
-        const transporter = nodemailer.createTransport({
-            host: "smtp.ethereal.email",
-            port: 587,
-            auth: {
-                user: "naomie.koelpin2@ethereal.email",
-                pass: "NGEVbMnTZzyA3MQD3V"
-            }
-        });
 
         transporter.use("compile", hbs({
             viewEngine: {

src/models/CompanyApplication.js

@@ -37,8 +37,11 @@ export const CompanyApplicationRules = Object.freeze({
         msg: "company-application-already-reviewed",
     },
     APPLICATION_RECENTLY_CREATED: {
-        msg: "company-application-already-created-less-than-5-minutes-ago",
+        msg: "company-application-recently-created",
     },
+    APPLICATION_ALREADY_VALIDATED: {
+        msg: "application-already-validated",
+    }
 });
 
 export const CompanyApplicationProps = {
@@ -127,9 +130,8 @@ function validateMutuallyExclusiveEvents(field) {
 export const applicationUniqueness = async (email) => {
     const existingApplications = await CompanyApplication.find({ email });
     if (existingApplications.some((application) =>
-        (application.state === ApplicationStatus.PENDING ||
-            application.state === ApplicationStatus.APPROVED) &&
-        application.isVerified)
+        application.state === ApplicationStatus.PENDING ||
+            application.state === ApplicationStatus.APPROVED)
     ) {
         throw new Error(CompanyApplicationRules.ONLY_ONE_APPLICATION_ACTIVE_PER_EMAIL.msg);
     }
@@ -164,7 +166,7 @@ export const isRejectable = (application) => {
 
 
 CompanyApplicationSchema.methods.companyValidation = function() {
-    if (this.isVerified) throw new APIError(HTTPStatus.FORBIDDEN, ErrorTypes.FORBIDDEN, ValidationReasons.ALREADY_VALIDATED);
+    if (this.isVerified) throw new Error(HTTPStatus.FORBIDDEN, ErrorTypes.FORBIDDEN, CompanyApplicationRules.APPLICATION_ALREADY_VALIDATED);
     this.isVerified = true;
     return this.save({ validateModifiedOnly: true });
 };