From 49ecfc1a2cf01e3bcdf195819657b463faf7e890 Mon Sep 17 00:00:00 2001
From: Catalin Pit <25515812+catalinpit@users.noreply.github.com>
Date: Thu, 25 Jan 2024 15:42:40 +0200
Subject: [PATCH] chore: refactor

---
 .../unverified-account/page.tsx               | 16 +++-------------
 apps/web/src/components/forms/signin.tsx      |  9 ++++-----
 apps/web/src/components/forms/signup.tsx      |  5 ++++-
 packages/lib/next-auth/auth-options.ts        | 10 +---------
 .../lib/server-only/user/get-user-by-email.ts |  3 ---
 .../user/get-user-by-verification-token.ts    | 17 -----------------
 packages/trpc/server/profile-router/router.ts | 19 +------------------
 7 files changed, 13 insertions(+), 66 deletions(-)
 delete mode 100644 packages/lib/server-only/user/get-user-by-verification-token.ts

diff --git a/apps/web/src/app/(unauthenticated)/unverified-account/page.tsx b/apps/web/src/app/(unauthenticated)/unverified-account/page.tsx
index 7a0a9c78d..456971a9f 100644
--- a/apps/web/src/app/(unauthenticated)/unverified-account/page.tsx
+++ b/apps/web/src/app/(unauthenticated)/unverified-account/page.tsx
@@ -20,25 +20,15 @@ export default function UnverifiedAccount() {
 
   const token = searchParams?.get('t') ?? '';
 
-  const { data: { email } = {} } = trpc.profile.getUserFromVerificationToken.useQuery({ token });
-
   const { mutateAsync: sendConfirmationEmail } = trpc.profile.sendConfirmationEmail.useMutation();
 
   const onResendConfirmationEmail = async () => {
-    if (!email) {
-      toast({
-        title: 'Unable to send confirmation email',
-        description: 'Something went wrong while sending the confirmation email. Please try again.',
-        variant: 'destructive',
-      });
-
-      return;
-    }
-
     try {
       setIsButtonDisabled(true);
 
-      await sendConfirmationEmail({ email: email });
+      //  TODO: decrypt email and send it
+
+      await sendConfirmationEmail({ email: token ?? '' });
 
       toast({
         title: 'Success',
diff --git a/apps/web/src/components/forms/signin.tsx b/apps/web/src/components/forms/signin.tsx
index c79021396..4e3701c84 100644
--- a/apps/web/src/components/forms/signin.tsx
+++ b/apps/web/src/components/forms/signin.tsx
@@ -62,6 +62,8 @@ export const SignInForm = ({ className, isGoogleSSOEnabled }: SignInFormProps) =
     useState(false);
   const router = useRouter();
 
+  const { mutateAsync: encryptSecondaryData } = trpc.crypto.encryptSecondaryData.useMutation();
+
   const [twoFactorAuthenticationMethod, setTwoFactorAuthenticationMethod] = useState<
     'totp' | 'backup'
   >('totp');
@@ -76,8 +78,6 @@ export const SignInForm = ({ className, isGoogleSSOEnabled }: SignInFormProps) =
     resolver: zodResolver(ZSignInFormSchema),
   });
 
-  const { mutateAsync: getUser } = trpc.profile.getUserByEmail.useMutation();
-
   const isSubmitting = form.formState.isSubmitting;
 
   const onCloseTwoFactorAuthenticationDialog = () => {
@@ -132,10 +132,9 @@ export const SignInForm = ({ className, isGoogleSSOEnabled }: SignInFormProps) =
         const errorMessage = ERROR_MESSAGES[result.error];
 
         if (result.error === ErrorCode.UNVERIFIED_EMAIL) {
-          const user = await getUser({ email });
-          const token = user?.VerificationToken[user.VerificationToken.length - 1].token;
+          const encryptedEmail = await encryptSecondaryData({ data: email });
 
-          router.push(`/unverified-account?t=${token}`);
+          router.push(`/unverified-account?t=${encryptedEmail}`);
 
           return;
         }
diff --git a/apps/web/src/components/forms/signup.tsx b/apps/web/src/components/forms/signup.tsx
index 6258dcdee..190084226 100644
--- a/apps/web/src/components/forms/signup.tsx
+++ b/apps/web/src/components/forms/signup.tsx
@@ -62,12 +62,15 @@ export const SignUpForm = ({ className, isGoogleSSOEnabled }: SignUpFormProps) =
   const isSubmitting = form.formState.isSubmitting;
 
   const { mutateAsync: signup } = trpc.auth.signup.useMutation();
+  const { mutateAsync: encryptSecondaryData } = trpc.crypto.encryptSecondaryData.useMutation();
 
   const onFormSubmit = async ({ name, email, password, signature }: TSignUpFormSchema) => {
     try {
       await signup({ name, email, password, signature });
 
-      router.push('/signin');
+      const encryptedEmail = await encryptSecondaryData({ data: email });
+
+      router.push(`/unverified-account?t=${encryptedEmail}`);
 
       toast({
         title: 'Registration Successful',
diff --git a/packages/lib/next-auth/auth-options.ts b/packages/lib/next-auth/auth-options.ts
index ed4aeaf44..37f1ed864 100644
--- a/packages/lib/next-auth/auth-options.ts
+++ b/packages/lib/next-auth/auth-options.ts
@@ -11,7 +11,6 @@ import GoogleProvider from 'next-auth/providers/google';
 import { prisma } from '@documenso/prisma';
 import { IdentityProvider } from '@documenso/prisma/client';
 
-import { ONE_DAY } from '../constants/time';
 import { isTwoFactorAuthenticationEnabled } from '../server-only/2fa/is-2fa-availble';
 import { validateTwoFactorAuthentication } from '../server-only/2fa/validate-2fa';
 import { getUserByEmail } from '../server-only/user/get-user-by-email';
@@ -71,14 +70,7 @@ export const NEXT_AUTH_OPTIONS: AuthOptions = {
           }
         }
 
-        const userCreationDate = user?.createdAt;
-        const createdWithinLast72Hours = userCreationDate > new Date(Date.now() - ONE_DAY * 3);
-
-        /*
-          avoid messing with the users who signed up before the email verification requirement
-          the error is thrown only if the user doesn't have a verified email and the account was created within the last 72 hours
-        */
-        if (!user.emailVerified && createdWithinLast72Hours) {
+        if (!user.emailVerified) {
           throw new Error(ErrorCode.UNVERIFIED_EMAIL);
         }
 
diff --git a/packages/lib/server-only/user/get-user-by-email.ts b/packages/lib/server-only/user/get-user-by-email.ts
index 8c61202a2..0a2ef8d16 100644
--- a/packages/lib/server-only/user/get-user-by-email.ts
+++ b/packages/lib/server-only/user/get-user-by-email.ts
@@ -9,8 +9,5 @@ export const getUserByEmail = async ({ email }: GetUserByEmailOptions) => {
     where: {
       email: email.toLowerCase(),
     },
-    include: {
-      VerificationToken: true,
-    },
   });
 };
diff --git a/packages/lib/server-only/user/get-user-by-verification-token.ts b/packages/lib/server-only/user/get-user-by-verification-token.ts
deleted file mode 100644
index b33506d6e..000000000
--- a/packages/lib/server-only/user/get-user-by-verification-token.ts
+++ /dev/null
@@ -1,17 +0,0 @@
-import { prisma } from '@documenso/prisma';
-
-export interface GetUserByVerificationTokenOptions {
-  token: string;
-}
-
-export const getUserByVerificationToken = async ({ token }: GetUserByVerificationTokenOptions) => {
-  return await prisma.user.findFirstOrThrow({
-    where: {
-      VerificationToken: {
-        some: {
-          token,
-        },
-      },
-    },
-  });
-};
diff --git a/packages/trpc/server/profile-router/router.ts b/packages/trpc/server/profile-router/router.ts
index 79c67ed0c..09ee0351f 100644
--- a/packages/trpc/server/profile-router/router.ts
+++ b/packages/trpc/server/profile-router/router.ts
@@ -3,7 +3,6 @@ import { TRPCError } from '@trpc/server';
 import { forgotPassword } from '@documenso/lib/server-only/user/forgot-password';
 import { getUserByEmail } from '@documenso/lib/server-only/user/get-user-by-email';
 import { getUserById } from '@documenso/lib/server-only/user/get-user-by-id';
-import { getUserByVerificationToken } from '@documenso/lib/server-only/user/get-user-by-verification-token';
 import { resetPassword } from '@documenso/lib/server-only/user/reset-password';
 import { sendConfirmationToken } from '@documenso/lib/server-only/user/send-confirmation-token';
 import { updatePassword } from '@documenso/lib/server-only/user/update-password';
@@ -16,7 +15,6 @@ import {
   ZResetPasswordFormSchema,
   ZRetrieveUserByEmailMutationSchema,
   ZRetrieveUserByIdQuerySchema,
-  ZRetrieveUserByVerificationTokenQuerySchema,
   ZUpdatePasswordMutationSchema,
   ZUpdateProfileMutationSchema,
 } from './schema';
@@ -50,21 +48,6 @@ export const profileRouter = router({
       }
     }),
 
-  getUserFromVerificationToken: procedure
-    .input(ZRetrieveUserByVerificationTokenQuerySchema)
-    .query(async ({ input }) => {
-      try {
-        const { token } = input;
-
-        return await getUserByVerificationToken({ token });
-      } catch (err) {
-        throw new TRPCError({
-          code: 'BAD_REQUEST',
-          message: 'We were unable to retrieve the specified account. Please try again.',
-        });
-      }
-    }),
-
   updateProfile: authenticatedProcedure
     .input(ZUpdateProfileMutationSchema)
     .mutation(async ({ input, ctx }) => {
@@ -153,7 +136,7 @@ export const profileRouter = router({
       try {
         const { email } = input;
 
-        return sendConfirmationToken({ email });
+        return await sendConfirmationToken({ email });
       } catch (err) {
         let message = 'We were unable to send a confirmation email. Please try again.';