fix: improve auth (#519)

* fix: improve auth

fix: verify email params issue in update email flow

fix: send email if email already used

fix: auth flows

* fix: remove useless function wrapper and add missing word in translations

---------

Co-authored-by: Renan Decamps <[email protected]>

Author: ivan-dalmet

.env.example

@@ -16,7 +16,6 @@ NEXT_PUBLIC_IS_DEMO="false"
 # DATABASE
 DATABASE_URL="postgres://${DOCKER_DATABASE_USERNAME}:${DOCKER_DATABASE_PASSWORD}@localhost:${DOCKER_DATABASE_PORT}/${DOCKER_DATABASE_NAME}"
 
-
 # EMAILS
 EMAIL_SERVER="smtp://username:[email protected]:1025"
 EMAIL_FROM="Start UI <[email protected]>"

CODE_OF_CONDUCT.md

@@ -52,7 +52,7 @@ decisions when appropriate.
 
 This Code of Conduct applies within all community spaces, and also applies when
 an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official e-mail address,
+Examples of representing our community include using an official email address,
 posting via an official social media account, or acting as an appointed
 representative at an online or offline event.
 

e2e/admin.spec.ts

@@ -2,17 +2,13 @@ import { expect, test } from '@playwright/test';
 import { pageUtils } from 'e2e/utils/pageUtils';
 import { ADMIN_EMAIL } from 'e2e/utils/users';
 
-import { env } from '@/env.mjs';
 import { ROUTES_ADMIN } from '@/features/admin/routes';
 
 test.describe('Admin access', () => {
   test(`Redirect to Admin (${ROUTES_ADMIN.root()})`, async ({ page }) => {
     const utils = pageUtils(page);
 
     await utils.loginAdmin({ email: ADMIN_EMAIL });
-    await page.waitForURL(
-      `${env.NEXT_PUBLIC_BASE_URL}${ROUTES_ADMIN.root()}**`
-    );
 
     await expect(page.getByTestId('admin-layout')).toBeVisible();
   });

e2e/register.spec.ts

@@ -8,8 +8,8 @@ import locales from '@/locales';
 
 test.describe('Register flow', () => {
   test('Success flow', async ({ page }) => {
-    await page.goto(ROUTES_AUTH.app.register());
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}`);
+    await page.goto(ROUTES_AUTH.register());
+    await page.waitForURL(`**${ROUTES_AUTH.register()}`);
 
     await page.getByLabel('Name').fill('Test user');
     const email = await getRandomEmail();
@@ -18,24 +18,24 @@ test.describe('Register flow', () => {
       .getByRole('button', { name: locales.en.auth.register.actions.create })
       .click();
 
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}/**`);
+    await page.waitForURL(`**${ROUTES_AUTH.register()}/**`);
     await page.getByText('Verification code').fill(VALIDATION_CODE_MOCKED);
     await expect(
       page.getByText(locales.en.auth.data.verificationCode.unknown)
     ).not.toBeVisible();
   });
 
   test('Register with existing email', async ({ page }) => {
-    await page.goto(ROUTES_AUTH.app.register());
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}`);
+    await page.goto(ROUTES_AUTH.register());
+    await page.waitForURL(`**${ROUTES_AUTH.register()}`);
 
     await page.getByLabel('Name').fill('Test user');
     await page.getByLabel('Email').fill(USER_EMAIL);
     await page
       .getByRole('button', { name: locales.en.auth.register.actions.create })
       .click();
 
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}/**`);
+    await page.waitForURL(`**${ROUTES_AUTH.register()}/**`);
     await page.getByText('Verification code').fill(VALIDATION_CODE_MOCKED);
     await expect(
       page.getByText(locales.en.auth.data.verificationCode.unknown)
@@ -44,8 +44,8 @@ test.describe('Register flow', () => {
 
   test('Login with a not verified account', async ({ page }) => {
     const utils = pageUtils(page);
-    await page.goto(ROUTES_AUTH.app.register());
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}`);
+    await page.goto(ROUTES_AUTH.register());
+    await page.waitForURL(`**${ROUTES_AUTH.register()}`);
 
     const email = await getRandomEmail();
 

e2e/utils/pageUtils.ts

@@ -2,7 +2,6 @@ import { Page } from '@playwright/test';
 
 import { ROUTES_AUTH } from '@/features/auth/routes';
 import { VALIDATION_CODE_MOCKED } from '@/features/auth/utils';
-import type { RouterInputs } from '@/lib/trpc/types';
 import locales from '@/locales';
 
 /**
@@ -25,9 +24,9 @@ export const pageUtils = (page: Page) => {
     /**
      * Utility used to authenticate a user on the app
      */
-    async loginApp(input: RouterInputs['auth']['login'] & { code?: string }) {
-      await page.goto(ROUTES_AUTH.app.login());
-      await page.waitForURL(`**${ROUTES_AUTH.app.login()}`);
+    async loginApp(input: { email: string; code?: string }) {
+      await page.goto(ROUTES_AUTH.login());
+      await page.waitForURL(`**${ROUTES_AUTH.login()}`);
 
       await page
         .getByPlaceholder(locales.en.auth.data.email.label)
@@ -36,7 +35,7 @@ export const pageUtils = (page: Page) => {
         .getByRole('button', { name: locales.en.auth.login.actions.login })
         .click();
 
-      await page.waitForURL(`**${ROUTES_AUTH.app.login()}/**`);
+      await page.waitForURL(`**${ROUTES_AUTH.login()}/**`);
       await page
         .getByText('Verification code')
         .fill(input.code ?? VALIDATION_CODE_MOCKED);
@@ -45,9 +44,9 @@ export const pageUtils = (page: Page) => {
     /**
      * Utility used to authenticate an admin on the app
      */
-    async loginAdmin(input: RouterInputs['auth']['login'] & { code?: string }) {
-      await page.goto(ROUTES_AUTH.admin.login());
-      await page.waitForURL(`**${ROUTES_AUTH.admin.login()}`);
+    async loginAdmin(input: { email: string; code?: string }) {
+      await page.goto(ROUTES_AUTH.login());
+      await page.waitForURL(`**${ROUTES_AUTH.login()}`);
 
       await page
         .getByPlaceholder(locales.en.auth.data.email.label)
@@ -56,7 +55,7 @@ export const pageUtils = (page: Page) => {
         .getByRole('button', { name: locales.en.auth.login.actions.login })
         .click();
 
-      await page.waitForURL(`**${ROUTES_AUTH.admin.login()}/**`);
+      await page.waitForURL(`**${ROUTES_AUTH.login()}/**`);
       await page
         .getByText('Verification code')
         .fill(input.code ?? VALIDATION_CODE_MOCKED);

pnpm-lock.yaml

@@ -1,9 +1,9 @@
 enum AccountStatus {
-  // User has registered and verified their email
+  // User has registered and verified
   ENABLED
   // User has been disabled and can't login anymore
   DISABLED
-  // User did register, but has not verified their email yet.
+  // User did register, but has not been verified
   NOT_VERIFIED
 }
 
@@ -13,15 +13,16 @@ enum UserRole {
 }
 
 model User {
-  id             String        @id @default(cuid())
-  createdAt      DateTime      @default(now())
-  updatedAt      DateTime      @updatedAt
-  name           String?
-  email          String        @unique
-  accountStatus  AccountStatus @default(NOT_VERIFIED)
-  image          String?
-  authorizations UserRole[]    @default([APP])
-  language       String        @default("en")
-  lastLoginAt    DateTime?
-  session        Session[]
+  id              String        @id @default(cuid())
+  createdAt       DateTime      @default(now())
+  updatedAt       DateTime      @updatedAt
+  name            String?
+  email           String?       @unique
+  isEmailVerified Boolean       @default(false)
+  accountStatus   AccountStatus @default(NOT_VERIFIED)
+  image           String?
+  authorizations  UserRole[]    @default([APP])
+  language        String        @default("en")
+  lastLoginAt     DateTime?
+  session         Session[]
 }

prisma/schema/user.prisma

@@ -13,7 +13,7 @@ export default function AuthenticatedLayout({
     <Suspense>
       <GuardAuthenticated
         authorizations={['ADMIN']}
-        loginPath={ROUTES_AUTH.admin.login()}
+        loginPath={ROUTES_AUTH.login()}
       >
         <AdminLayout>{children}</AdminLayout>
       </GuardAuthenticated>

src/app/app/(public-only)/layout.tsx renamed to src/app/(public-only)/layout.tsx

@@ -13,7 +13,7 @@ export default function AuthenticatedLayout({
     <Suspense>
       <GuardAuthenticated
         authorizations={['APP']}
-        loginPath={ROUTES_AUTH.app.login()}
+        loginPath={ROUTES_AUTH.login()}
       >
         <AppLayout>{children}</AppLayout>
       </GuardAuthenticated>

src/app/app/(public-only)/login/[token]/page.tsx renamed to src/app/(public-only)/login/[token]/page.tsx

@@ -0,0 +1,47 @@
+import { Container, Heading, Section, Text } from '@react-email/components';
+
+import { Footer } from '@/emails/components/Footer';
+import { Layout } from '@/emails/components/Layout';
+import { styles } from '@/emails/styles';
+import i18n from '@/lib/i18n/server';
+
+type EmailUpdateAlreadyUsedProps = {
+  language: string;
+  name: string;
+  email: string;
+};
+
+export const EmailUpdateAlreadyUsed = ({
+  language,
+  name,
+  email,
+}: EmailUpdateAlreadyUsedProps) => {
+  i18n.changeLanguage(language);
+  return (
+    <Layout
+      preview={i18n.t('emails:emailUpdateAlreadyUsed.preview')}
+      language={language}
+    >
+      <Container style={styles.container}>
+        <Heading style={styles.h1}>
+          {i18n.t('emails:emailUpdateAlreadyUsed.title')}
+        </Heading>
+        <Section style={styles.section}>
+          <Text style={styles.text}>
+            {i18n.t('emails:emailUpdateAlreadyUsed.hello', {
+              name,
+            })}
+            <br />
+            {i18n.t('emails:emailUpdateAlreadyUsed.intro', { email })}
+          </Text>
+          <Text style={styles.textMuted}>
+            {i18n.t('emails:emailUpdateAlreadyUsed.ignoreHelper')}
+          </Text>
+        </Section>
+        <Footer />
+      </Container>
+    </Layout>
+  );
+};
+
+export default EmailUpdateAlreadyUsed;

src/app/app/(public-only)/login/page.tsx renamed to src/app/(public-only)/login/page.tsx

@@ -6,40 +6,37 @@ import { styles } from '@/emails/styles';
 import { VALIDATION_TOKEN_EXPIRATION_IN_MINUTES } from '@/features/auth/utils';
 import i18n from '@/lib/i18n/server';
 
-type EmailAddressChangeProps = {
+type EmailUpdateCodeProps = {
   language: string;
   name: string;
   code: string;
 };
 
-export const EmailAddressChange = ({
+export const EmailUpdateCode = ({
   language,
   name,
   code,
-}: EmailAddressChangeProps) => {
+}: EmailUpdateCodeProps) => {
   i18n.changeLanguage(language);
   return (
-    <Layout
-      preview={i18n.t('emails:emailAddressChange.preview')}
-      language={language}
-    >
+    <Layout preview={i18n.t('emails:emailUpdate.preview')} language={language}>
       <Container style={styles.container}>
         <Heading style={styles.h1}>
-          {i18n.t('emails:emailAddressChange.title')}
+          {i18n.t('emails:emailUpdate.title')}
         </Heading>
         <Section style={styles.section}>
           <Text style={styles.text}>
-            {i18n.t('emails:emailAddressChange.hello', { name: name ?? '' })}
+            {i18n.t('emails:emailUpdate.hello', { name: name ?? '' })}
             <br />
-            {i18n.t('emails:emailAddressChange.intro')}
+            {i18n.t('emails:emailUpdate.intro')}
           </Text>
           <Text style={styles.code}>{code}</Text>
           <Text style={styles.textMuted}>
-            {i18n.t('emails:emailAddressChange.validityTime', {
+            {i18n.t('emails:emailUpdate.validityTime', {
               expiration: VALIDATION_TOKEN_EXPIRATION_IN_MINUTES,
             })}
             <br />
-            {i18n.t('emails:emailAddressChange.ignoreHelper')}
+            {i18n.t('emails:emailUpdate.ignoreHelper')}
           </Text>
         </Section>
         <Footer />
@@ -48,4 +45,4 @@ export const EmailAddressChange = ({
   );
 };
 
-export default EmailAddressChange;
+export default EmailUpdateCode;