Ft: auth (new user needs to verify one's account before login) #187419164

__test__/cart.test.ts

@@ -33,19 +33,22 @@ describe("testing cart", () => {
         name: "admin123",
         username: "admin123",
         email: "[email protected]",
+        isVerified:true,
         password: await bcrypt.hash("password", 10),
         roleId: 3,
       };
 
       const testBuyer = {
         name: "buyer123",
         username: "buyer123",
+        isVerified:true,
         email: "[email protected]",
         password: await bcrypt.hash("password", 10),
       };
       const testSeller = {
         name: "seller123",
         username: "seller123",
+        isVerified:true,
         email: "[email protected]",
         password: await bcrypt.hash("password", 10),
       };

__test__/payment.test.ts

@@ -29,6 +29,7 @@ describe("test stripe api payment", () => {
       const testAdmin = {
         name: "admin123",
         username: "admin123",
+        isVerified:true,
         email: "[email protected]",
         password: await bcrypt.hash("password", 10),
         roleId: 3,
@@ -37,13 +38,15 @@ describe("test stripe api payment", () => {
       const testBuyer = {
         name: "buyer123",
         username: "buyer123",
+        isVerified:true,
         email: "[email protected]",
         password: await bcrypt.hash("password", 10),
       };
 
       const testSeller = {
         name: "seller123",
         username: "seller123",
+        isVerified:true,
         email: "[email protected]",
         password: await bcrypt.hash("password", 10),
       };

__test__/product.test.ts

@@ -10,12 +10,11 @@ import User from "../src/sequelize/models/users";
 import bcrypt from "bcryptjs";
 import { Role } from "../src/sequelize/models/roles";
 import redisClient from "../src/config/redis";
-import { response } from "express";
 import { placeOrder } from "../src/services/payment.service";
 import Cart from "../src/sequelize/models/Cart";
-import CartItem from "../src/sequelize/models/CartItem";
 import OrderItem from "../src/sequelize/models/orderItems";
 import * as userService from "../src/services/user.service"
+import { generateVerificationToken } from "../src/utils/generateResetToken";
 
 jest.mock("../src/services/mail.service", () => ({
   sendEmailService: jest.fn(),
@@ -25,6 +24,7 @@ jest.mock("../src/services/mail.service", () => ({
 const userData: any = {
   name: "yvanna",
   username: "testuser",
+  isVerified:true,
   email: "[email protected]",
   role:"seller",
   password: "test1234",
@@ -41,6 +41,7 @@ const product:any = {
     name: "pens",
     images: ["image1.jpg", "image2.jpg", "image3.jpg", "image4.jpg"],
     stockQuantity: 8,
+
     price: 5000,
     discount: 3.5,
     categoryID: 1,
@@ -49,6 +50,7 @@ const product:any = {
   const dummyBuyer = {
     name: "test user",
     username: "testUser",
+    isVerified:true,
     email: "[email protected]",
     password: "soleil00",    
   }
@@ -82,8 +84,7 @@ describe("Testing product Routes", () => {
           ])
 
           await User.create(testAdmin);
-
-          const dummy = await request(app).post("/api/v1/users/register").send(dummySeller);
+          // await User.create(dummySeller);
         await Product.destroy({});
         await Category.destroy({truncate:true});
       } catch (error) {
@@ -97,6 +98,7 @@ describe("Testing product Routes", () => {
       await sequelize.close();
       await redisClient.quit()
     });
+
     test("should return 201 and create a new user when registering successfully", async () => {
       const response = await request(app)
         .post("/api/v1/users/register")
@@ -110,7 +112,20 @@ describe("Testing product Routes", () => {
         .send(dummyBuyer);
         expect(response.status).toBe(201);
     })
+    test('should return 201 and register a dummy buyer user', async () => {
+      const response = await request(app)
+        .post("/api/v1/users/register")
+        .send(dummySeller);
+        expect(response.status).toBe(201);
+    })
     let buyerToken: any;
+    it("It should verify user account.",async()=>{
+      const token = generateVerificationToken('[email protected]', 60);
+      const response = await request(app)
+                      .get(`/api/v1/users/verify-user?token=${token}`)
+            expect(response.status).toBe(200)
+            expect(response.body.message).toBe('User verified successfully.')
+    },60000)
 
     test("should login an buyer", async () =>{
       const response = await request(app).post("/api/v1/users/login").send({
@@ -127,21 +142,37 @@ describe("Testing product Routes", () => {
         .send(product)
         expect(response.status).toBe(401);
     },2000);
-
+
+    it("It should verify user account.",async()=>{
+      const token = generateVerificationToken('[email protected]', 60);
+      const response = await request(app)
+                      .get(`/api/v1/users/verify-user?token=${token}`)
+            expect(response.status).toBe(200)
+            expect(response.body.message).toBe('User verified successfully.')
+    },60000)
     test("should login an Admin", async () =>{
         const response = await request(app).post("/api/v1/users/login").send({
           email: "[email protected]",
-            password: "password"
+          password: "password"
       })
       adminToken = response.body.token;
+      expect(response.status).toBe(200)
     });
+    it("It should verify user account.",async()=>{
+      const token = generateVerificationToken(dummySeller.email, 60);
+      const response = await request(app)
+                      .get(`/api/v1/users/verify-user?token=${token}`)
+            expect(response.status).toBe(200)
+            expect(response.body.message).toBe('User verified successfully.')
+    },60000)
 
     test("should update dummyseller's role to seller", async () => {
         const logDummySeller = await request(app).post("/api/v1/users/login").send({
           email: dummySeller.email,
           password: dummySeller.password,
         });
-        expect(logDummySeller.status).toBe(200);
+        // expect(logDummySeller.status).toBe(200);
+        expect(logDummySeller.body.message).toBe('Logged in')
         token = logDummySeller.body.token;
 
         const seller = await userService.getUserByEmail(dummySeller.email)
@@ -154,6 +185,7 @@ describe("Testing product Routes", () => {
           })
           .set("Authorization", "Bearer " + adminToken);
         expect(response.status).toBe(200);
+        expect(response.body.message).toBe('User role updated successfully');
 
       });
 
@@ -482,7 +514,7 @@ test('It should return status 200 for removed category',async() =>{
   })
   it("changing product availability of product which does not exist", async ()=>{
     const response = await request(app)
-      .patch(`/api/v1/products/${91}/status`)
+      .patch(`/api/v1/products/${4444444}/status`)
       .set("Authorization", "Bearer " + token);
       expect(response.body.message).toBe('Product not found')      
   })

__test__/user.test.ts

@@ -16,7 +16,7 @@ import { QueryTypes } from "sequelize";
 // import redisClient from "../src/config/redis";
 import Redis from "ioredis";
 import { env } from "../src/utils/env";
-import { generateResetToken } from "../src/utils/generateResetToken";
+import { generateResetToken, generateVerificationToken } from "../src/utils/generateResetToken";
 
 let redisClient: any;
 
@@ -43,6 +43,7 @@ const dummySeller = {
 };
 const userTestData = {
   newPassword: "Test@123",
+  isVerified:true,
   confirmPassword: "Test@123",
   wrongPassword: "Test456",
 };
@@ -114,6 +115,14 @@ describe("Testing user Routes", () => {
       expect(response.status).toBe(201);
     }, 20000);
 
+    it("It should verify user account.",async()=>{
+      const token = generateVerificationToken(userData.email, 60);
+      const response = await request(app)
+                      .get(`/api/v1/users/verify-user?token=${token}`)
+            expect(response.status).toBe(200)
+            expect(response.body.message).toBe('User verified successfully.')
+    },60000)
+
 
     test("should return 409 when registering with an existing email", async () => {
       User.create(userData);
@@ -143,6 +152,7 @@ describe("Testing user Routes", () => {
         password: userData.password,
       });
       expect(response.status).toBe(200);
+      expect(response.body.message).toBe("Logged in");
       token = response.body.token;
     });
 
@@ -209,21 +219,36 @@ describe("Testing user Routes", () => {
     expect(response.body.status).toBe(401);
     spyonOne.mockRestore();
   }, 20000);
+  it("It should verify user account.",async()=>{
+    const token = generateVerificationToken('[email protected]', 60);
+    const response = await request(app)
+                    .get(`/api/v1/users/verify-user?token=${token}`)
+          expect(response.status).toBe(200)
+          expect(response.body.message).toBe('User verified successfully.')
+  },60000)
 
   test("should login an Admin", async () =>{
     const response = await request(app).post("/api/v1/users/login").send({
       email: "[email protected]",
-        password: "password"
+      password: "password"
   })
   adminToken = response.body.token;
 });
+    it("It should verify user account.",async()=>{
+      const token = generateVerificationToken(dummySeller.email, 60);
+      const response = await request(app)
+                      .get(`/api/v1/users/verify-user?token=${token}`)
+            expect(response.status).toBe(200)
+            expect(response.body.message).toBe('User verified successfully.')
+    },60000)
 
   test("should update dummyseller's role to seller", async () => {
     const logDummySeller = await request(app).post("/api/v1/users/login").send({
       email: dummySeller.email,
       password: dummySeller.password,
     });
     expect(logDummySeller.status).toBe(200);
+    expect(logDummySeller.body.message).toBe("Logged in");
     const seller = await userServices.getUserByEmail(dummySeller.email);
     const dummySellerId = seller?.id;
 
@@ -235,6 +260,7 @@ describe("Testing user Routes", () => {
       .set("Authorization", "Bearer " + adminToken);
 
     expect(response.status).toBe(200);
+    // expect(response.body.message).toBe('User role updated successfully');
 
   });
 
@@ -563,6 +589,28 @@ describe('Patch /api/v1/users/reset-password', () => {
   },60000);
 });
 
+describe("Verifying user account",()=>{
+  it("It should verify user account.",async()=>{
+    await User.create(userData)
+    const token = generateVerificationToken(userData.email, 60);
+    const response = await request(app)
+                    .get(`/api/v1/users/verify-user?token=${token}`)
+          expect(response.status).toBe(200)
+          expect(response.body.message).toBe('User verified successfully.')
+  },60000)
+
+  it("It should send a verification link.",async()=>{
+    const response = await request(app)
+                    .post('/api/v1/users/verify-user-email')
+                    .send({
+                      email:userData.email
+                    })
+          expect(response.status).toBe(409)
+          expect(response.body.message).toBe("User is already verified.")
+  },60000)
+
+})
+
 afterAll(async () => {
   try {
     await sequelize.query('TRUNCATE TABLE profiles, users CASCADE');

src/controllers/userControllers.ts

@@ -106,7 +106,7 @@ export const createUserController = async (req: Request, res: Response) => {
     }
     return res.status(201).json({
       status: 201,
-      message: "User successfully created."
+      message: "User successfully created. check your inbox to verify your email"
     });
   } catch (err: any) {
     if (err.name === "UnauthorizedError" && err.message === "User already exists") {
@@ -194,6 +194,7 @@ export const handleSuccess = async (req: Request, res: Response) => {
         name: user.displayName,
         email: user.emails[0].value,
         username: user.name.familyName,
+        isVerified:true,
         //@ts-ignore
         password: null
       });
@@ -405,3 +406,30 @@ export const resetPasswordController = async (req: Request, res: Response): Prom
       return res.status(500).json({ message: 'Internal server error.' });
   }
 };
+
+export const verifyUserEmailController = async (req: Request, res: Response) => {
+  try {
+    // Extract email from the request body
+    const {email} = req.body;
+
+    const { error } = Emailschema.validate(req.body);
+    if (error) {
+      const cleanErrorMessage = error.details.map(detail => detail.message.replace(/['"]/g, '').trim()).join(', ')
+      return res.status(400).json({ message: cleanErrorMessage });
+    }
+    const result = await userService.verifyUserEmail(email);
+    res.status(result.status).json({ message: result.message });
+  } catch (error) {
+    res.status(500).json({ error: 'Failed to send verification email.' });
+  }
+};
+export const verifyUserController = async (req: Request, res: Response): Promise<void> => {
+  try {
+    // Extract token from the request query
+    const token = req.query.token as string;
+    const result = await userService.verifyNewUser(token);
+    res.status(result.status).json({ message: result.message });
+  } catch (error) {
+    res.status(500).json({ error: 'Failed to verify new user.' });
+  }
+};

src/docs/swagger.ts

@@ -19,6 +19,7 @@ import {
   sendResetLink,
   updateForgotPassword,
   verifyUserAccessToken,
+  verifyUserEmail,
 } from "./users";
 import {
   getProducts,
@@ -39,7 +40,6 @@ import { getCategories, addCategories, getSingleCategory, updateCategories, dele
     deleteRole
   } from "./roledoc";
 import { AddToWishes, deleteWish, getWishes, getWishesByProduct, wishSchema } from "./wishes";
-import { joinChats } from "./chats";
 import { addItemToCartDoc, clearAllProductFromCartDoc, removeProductFromCartDoc, updateProductQuantityDoc, viewCartDoc } from "./cart";
 import { getAllNotifications, readNotification } from "./notifications";
 import { homepage } from "./home";
@@ -115,6 +115,9 @@ const options = {
     "/api/v1/users/reset-password": {
       patch: updateForgotPassword,
     },
+    "/api/v1/users/verify-user-email": {
+      post: verifyUserEmail,
+    },
 
     "/api/v1/users/me": {
       post: verifyUserAccessToken,