refactor(user): add account verification check in signin (#3082)

juspay · Dec 7, 2023 · f7d6e3c · f7d6e3c
1 parent 1f8116d
commit f7d6e3c
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 10 deletions.
diff --git a/crates/router/src/core/errors/user.rs b/crates/router/src/core/errors/user.rs
@@ -18,6 +18,8 @@ pub enum UserErrors {
     UserExists,
     #[error("LinkInvalid")]
     LinkInvalid,
+    #[error("UnverifiedUser")]
+    UnverifiedUser,
     #[error("InvalidOldPassword")]
     InvalidOldPassword,
     #[error("EmailParsingError")]
@@ -81,6 +83,12 @@ impl common_utils::errors::ErrorSwitch<api_models::errors::types::ApiErrorRespon
             Self::LinkInvalid => {
                 AER::Unauthorized(ApiError::new(sub_code, 4, "Invalid or expired link", None))
             }
+            Self::UnverifiedUser => AER::Unauthorized(ApiError::new(
+                sub_code,
+                5,
+                "Kindly verify your account",
+                None,
+            )),
             Self::InvalidOldPassword => AER::BadRequest(ApiError::new(
                 sub_code,
                 6,

diff --git a/crates/router/src/core/user.rs b/crates/router/src/core/user.rs
@@ -91,10 +91,11 @@ pub async fn signup(
             UserStatus::Active,
         )
         .await?;
-    let token = utils::user::generate_jwt_auth_token(state, &user_from_db, &user_role).await?;
+    let token =
+        utils::user::generate_jwt_auth_token(state.clone(), &user_from_db, &user_role).await?;
 
     Ok(ApplicationResponse::Json(
-        utils::user::get_dashboard_entry_response(user_from_db, user_role, token),
+        utils::user::get_dashboard_entry_response(state, user_from_db, user_role, token)?,
     ))
 }
 
@@ -118,10 +119,11 @@ pub async fn signin(
     user_from_db.compare_password(request.password)?;
 
     let user_role = user_from_db.get_role_from_db(state.clone()).await?;
-    let token = utils::user::generate_jwt_auth_token(state, &user_from_db, &user_role).await?;
+    let token =
+        utils::user::generate_jwt_auth_token(state.clone(), &user_from_db, &user_role).await?;
 
     Ok(ApplicationResponse::Json(
-        utils::user::get_dashboard_entry_response(user_from_db, user_role, token),
+        utils::user::get_dashboard_entry_response(state, user_from_db, user_role, token)?,
     ))
 }
 
@@ -661,9 +663,10 @@ pub async fn verify_email(
 
     let user_from_db: domain::UserFromStorage = user.into();
     let user_role = user_from_db.get_role_from_db(state.clone()).await?;
-    let jwt_token = utils::user::generate_jwt_auth_token(state, &user_from_db, &user_role).await?;
+    let token =
+        utils::user::generate_jwt_auth_token(state.clone(), &user_from_db, &user_role).await?;
 
     Ok(ApplicationResponse::Json(
-        utils::user::get_dashboard_entry_response(user_from_db, user_role, jwt_token),
+        utils::user::get_dashboard_entry_response(state, user_from_db, user_role, token)?,
     ))
 }
diff --git a/crates/router/src/types/domain/user.rs b/crates/router/src/types/domain/user.rs
@@ -736,6 +736,29 @@ impl UserFromStorage {
             .await
             .change_context(UserErrors::InternalServerError)
     }
+
+    #[cfg(feature = "email")]
+    pub fn get_verification_days_left(&self, state: AppState) -> UserResult<Option<i64>> {
+        if self.0.is_verified {
+            return Ok(None);
+        }
+
+        let allowed_unverified_duration =
+            time::Duration::days(state.conf.email.allowed_unverified_days);
+
+        let user_created = self.0.created_at.date();
+        let last_date_for_verification = user_created
+            .checked_add(allowed_unverified_duration)
+            .ok_or(UserErrors::InternalServerError)?;
+
+        let today = common_utils::date_time::now().date();
+        if today >= last_date_for_verification {
+            return Err(UserErrors::UnverifiedUser.into());
+        }
+
+        let days_left_for_verification = last_date_for_verification - today;
+        Ok(Some(days_left_for_verification.whole_days()))
+    }
 }
 
 impl TryFrom<info::ModuleInfo> for user_role_api::ModuleInfo {

diff --git a/crates/router/src/utils/user.rs b/crates/router/src/utils/user.rs
@@ -104,18 +104,25 @@ pub async fn generate_jwt_auth_token_with_custom_merchant_id(
     Ok(Secret::new(token))
 }
 
+#[allow(unused_variables)]
 pub fn get_dashboard_entry_response(
+    state: AppState,
     user: UserFromStorage,
     user_role: UserRole,
     token: Secret<String>,
-) -> user_api::DashboardEntryResponse {
-    user_api::DashboardEntryResponse {
+) -> UserResult<user_api::DashboardEntryResponse> {
+    #[cfg(feature = "email")]
+    let verification_days_left = user.get_verification_days_left(state)?;
+    #[cfg(not(feature = "email"))]
+    let verification_days_left = None;
+
+    Ok(user_api::DashboardEntryResponse {
         merchant_id: user_role.merchant_id,
         token,
         name: user.get_name(),
         email: user.get_email(),
         user_id: user.get_user_id().to_string(),
-        verification_days_left: None,
+        verification_days_left,
         user_role: user_role.role_id,
-    }
+    })
 }