feat: email verification for document signing 2FA

2025-11-17 02:01:33 +10:00 · 2025-04-30 21:55:08 +00:00
parent 7a3763bb66
commit d48705024e
8 changed files with 524 additions and 68 deletions
--- a/packages/prisma/migrations/20250430202737_add_email_migration/migration.sql
+++ b/packages/prisma/migrations/20250430202737_add_email_migration/migration.sql
@ -0,0 +1,12 @@
+-- CreateTable
+CREATE TABLE "UserTwoFactorEmailVerification" (
+    "userId" INTEGER NOT NULL,
+    "verificationCode" TEXT NOT NULL,
+    "expiresAt" TIMESTAMP(3) NOT NULL,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "UserTwoFactorEmailVerification_pkey" PRIMARY KEY ("userId")
+);
+
+-- AddForeignKey
+ALTER TABLE "UserTwoFactorEmailVerification" ADD CONSTRAINT "UserTwoFactorEmailVerification_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User"("id") ON DELETE CASCADE ON UPDATE CASCADE;
--- a/packages/prisma/schema.prisma
+++ b/packages/prisma/schema.prisma
@ -53,18 +53,19 @@ model User {
  avatarImageId    String?
  disabled         Boolean          @default(false)

-  accounts             Account[]
-  sessions             Session[]
-  documents            Document[]
-  subscriptions        Subscription[]
-  passwordResetTokens  PasswordResetToken[]
-  ownedTeams           Team[]
-  ownedPendingTeams    TeamPending[]
-  teamMembers          TeamMember[]
-  twoFactorSecret      String?
-  twoFactorEnabled     Boolean              @default(false)
-  twoFactorBackupCodes String?
-  url                  String?              @unique
+  accounts                   Account[]
+  sessions                   Session[]
+  documents                  Document[]
+  subscriptions              Subscription[]
+  passwordResetTokens        PasswordResetToken[]
+  ownedTeams                 Team[]
+  ownedPendingTeams          TeamPending[]
+  teamMembers                TeamMember[]
+  twoFactorSecret            String?
+  twoFactorEnabled           Boolean                         @default(false)
+  twoFactorBackupCodes       String?
+  url                        String?                         @unique
+  twoFactorEmailVerification UserTwoFactorEmailVerification?

  profile            UserProfile?
  verificationTokens VerificationToken[]
@ -795,3 +796,12 @@ model AvatarImage {
  team Team[]
  user User[]
 }
+
+model UserTwoFactorEmailVerification {
+  userId           Int      @id
+  verificationCode String
+  expiresAt        DateTime
+  createdAt        DateTime @default(now())
+
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+}