Implement Email Verification for New Users

[fati-Onchain]

Description: Users can register and immediately authenticate without verifying their email address. Add an email verification step to prevent fake account creation.

Tasks:

• Generate a signed verification token on user registration
• Send a verification email using a mail service (e.g., Nodemailer + SMTP or SendGrid)
• Create a GET /auth/verify-email?token= endpoint to confirm the address
• Block login for unverified accounts (or return a clear error)
• Add isEmailVerified boolean field to the User entity

Acceptance Criteria:

• New users receive a verification email upon registration
• Unverified users cannot log in until they confirm their email
• Expired or tampered tokens are rejected

ETA: 1 day

---

[OkpunTakem]

@OkpunTakem has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

can you please assign me to this task?

ℹ️ Repo Maintainers: To accept this application, review their application or assign @OkpunTakem to this issue.

[drips-wave]

Congratulations, @OkpunTakem! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on March 30, 2026.

🧑‍💻 @OkpunTakem: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊