feat(user account verification): Implemention of user account verification to avoid spams

- send Verify email to user using nodemailer
- verify if token in email url is same with token in database
- update isVerified to true
- user can login only is verified
[Delivers #187419049]

Author: Angemichel12

.env-example

@@ -25,3 +25,4 @@ SERVICE = < your SERVICE >
 
 EMAIL=<your email>
 PASSWORD=<your email password>
+

.github/workflows/node.js.yml

@@ -15,6 +15,11 @@ jobs:
     runs-on: ubuntu-latest
 
     env:
+      BASE_URL: ${{ secrets.BASE_URL}}
+      HOST: ${{ secrets.HOST}}
+      SERVICE: ${{ secrets.SERVICE}}
+      EMAIL: ${{ secrets.EMAIL}}
+      PASSWORD: ${{ secrets.PASSWORD}}
       DB_TEST_URL: ${{ secrets.DB_TEST_URL }}
       DEV_MODE: ${{ secrets.DEV_MODE }}
       DB_HOSTED_MODE: ${{ secrets.DB_HOSTED_MODE }}

package-lock.json

@@ -72,6 +72,7 @@
 		"@types/supertest": "^6.0.2",
 		"@types/swagger-jsdoc": "^6.0.4",
 		"@types/swagger-ui-express": "^4.1.6",
+		"@types/uuid": "^9.0.8",
 		"@typescript-eslint/eslint-plugin": "^7.7.0",
 		"@typescript-eslint/parser": "^7.7.0",
 		"dotenv": "^16.4.5",

package.json

@@ -10,6 +10,7 @@ import {
 	NewUser,
 	user_bad_request,
 } from "../mock/static";
+import { Token } from "../database/models/token";
 
 jest.setTimeout(30000);
 
@@ -34,6 +35,7 @@ describe("USER API TEST", () => {
 
 	afterAll(async () => {
 		await deleteTableData(User, "users");
+		await deleteTableData(Token, "tokens");
 	});
 	it("it should  register a user and return 201", async () => {
 		const { body } = await Jest_request.post("/api/v1/users/register")
@@ -63,7 +65,8 @@ describe("USER API TEST", () => {
 
 		const { body } = await Jest_request.get(
 			`/api/v1/users/account/verify/${token}`,
-		).expect(200);
+		);
+		console.log(`/api/v1/users/account/verify/${token}`);
 
 		expect(body.status).toStrictEqual(200);
 		expect(body.message).toStrictEqual("Email verified successfull");
@@ -98,8 +101,8 @@ describe("USER API TEST", () => {
 	it("should return 404 when a user login with wrong credentials", async () => {
 		const { body } = await Jest_request.post("/api/v1/users/login")
 			.send(login_user_wrong_credentials)
-			.expect(404);
-		expect(body.status).toStrictEqual("NOT FOUND");
+			.expect(403);
+		expect(body.status).toStrictEqual("FORBIDDEN");
 		expect(body.message).toStrictEqual("Wrong credentials!");
 	});
 

src/__test__/users.test.ts

@@ -62,8 +62,8 @@ const login = async (req: Request, res: Response, next: NextFunction) => {
 
 			if (info) {
 				return res
-					.status(404)
-					.json(new HttpException("NOT FOUND", info.message));
+					.status(403)
+					.json(new HttpException("FORBIDDEN", info.message));
 			}
 
 			(req as any).login(user, (err: Error) => {

src/controllers/userController.ts

@@ -76,6 +76,58 @@ const users = {
 			responses,
 		},
 	},
+	"/users/account/verify/{token}": {
+		get: {
+			tags: ["User"],
+			summary: "Verify user account",
+			parameters: [
+				{
+					in: "path",
+					name: "token",
+					required: true,
+					type: "string",
+					description: "Verification token",
+				},
+			],
+			responses: {
+				"200": {
+					description: "Email verified successfully",
+					schema: {
+						type: "object",
+						properties: {
+							status: {
+								type: "integer",
+								example: 200,
+							},
+							message: {
+								type: "string",
+								example: "Email verified successfull",
+							},
+						},
+					},
+				},
+				"400": {
+					description: "Invalid link or something went wrong",
+					schema: {
+						type: "object",
+						properties: {
+							status: {
+								type: "integer",
+								example: 400,
+							},
+							message: {
+								type: "string",
+								example: "Invalid link",
+							},
+							error: {
+								type: "string",
+							},
+						},
+					},
+				},
+			},
+		},
+	},
 };
 
 export default users;