From ba0cd3ae09c3203848314429509eae35012a4bed Mon Sep 17 00:00:00 2001
From: Ivan Dalmet <ivan@dalmet.fr>
Date: Mon, 22 Jul 2024 17:40:39 +0200
Subject: [PATCH 1/2] fix: improve auth

fix: verify email params issue in update email flow

fix: send email if email already used

fix: auth flows
---
 .env.example                                  |  1 -
 CODE_OF_CONDUCT.md                            |  2 +-
 e2e/admin.spec.ts                             |  4 -
 e2e/register.spec.ts                          | 16 ++--
 e2e/utils/pageUtils.ts                        | 17 ++--
 pnpm-lock.yaml                                |  6 +-
 prisma/schema/user.prisma                     | 27 ++++---
 src/app/{app => }/(public-only)/layout.tsx    |  0
 .../(public-only)/login/[token]/page.tsx      |  0
 .../{app => }/(public-only)/login/page.tsx    |  0
 .../(public-only)/register/[token]/page.tsx   |  0
 .../{app => }/(public-only)/register/page.tsx |  0
 src/app/admin/(authenticated)/layout.tsx      |  2 +-
 src/app/admin/(public-only)/layout.tsx        | 14 ----
 .../(public-only)/login/[token]/page.tsx      | 13 ---
 src/app/admin/(public-only)/login/page.tsx    | 13 ---
 src/app/app/(authenticated)/layout.tsx        |  2 +-
 .../templates/email-update-already-used.tsx   | 47 +++++++++++
 ...dress-change.tsx => email-update-code.tsx} | 23 +++---
 .../templates/register-email-already-used.tsx | 47 +++++++++++
 src/env.mjs                                   |  9 +--
 src/features/account/AccountEmailForm.tsx     | 17 ++--
 .../account/EmailVerificationCodeModal.tsx    |  7 +-
 src/features/account/PageAccount.tsx          |  2 +-
 src/features/account/schemas.ts               | 18 ++++-
 src/features/admin/AdminNavBar.tsx            | 13 ++-
 src/features/admin/AdminPublicOnlyLayout.tsx  | 26 ------
 src/features/app/AppNavBarDesktop.tsx         |  2 +-
 src/features/auth/PageAdminLogin.tsx          | 37 ---------
 src/features/auth/PageAdminLoginValidate.tsx  | 80 -------------------
 src/features/auth/PageLogin.tsx               | 60 ++++++--------
 src/features/auth/PageLoginValidate.tsx       | 30 +++++--
 src/features/auth/PageLogout.tsx              | 23 +++---
 src/features/auth/PageRegister.tsx            |  7 +-
 src/features/auth/PageRegisterValidate.tsx    | 19 +++--
 src/features/auth/VerificationCodeForm.tsx    | 24 ------
 src/features/auth/routes.ts                   | 22 ++---
 src/features/auth/schemas.ts                  |  6 +-
 src/features/users/schemas.ts                 | 14 +++-
 src/locales/ar/auth.json                      |  7 +-
 src/locales/ar/emails.json                    | 18 ++++-
 src/locales/en/auth.json                      |  9 +--
 src/locales/en/emails.json                    | 18 ++++-
 src/locales/fr/auth.json                      |  7 +-
 src/locales/fr/emails.json                    | 18 ++++-
 src/locales/sw/auth.json                      |  7 +-
 src/locales/sw/emails.json                    | 18 ++++-
 src/server/config/trpc.ts                     |  2 +-
 src/server/routers/account.tsx                | 61 +++++++-------
 src/server/routers/auth.tsx                   | 56 +++++++++++--
 src/server/routers/users.ts                   |  6 +-
 51 files changed, 451 insertions(+), 426 deletions(-)
 rename src/app/{app => }/(public-only)/layout.tsx (100%)
 rename src/app/{app => }/(public-only)/login/[token]/page.tsx (100%)
 rename src/app/{app => }/(public-only)/login/page.tsx (100%)
 rename src/app/{app => }/(public-only)/register/[token]/page.tsx (100%)
 rename src/app/{app => }/(public-only)/register/page.tsx (100%)
 delete mode 100644 src/app/admin/(public-only)/layout.tsx
 delete mode 100644 src/app/admin/(public-only)/login/[token]/page.tsx
 delete mode 100644 src/app/admin/(public-only)/login/page.tsx
 create mode 100644 src/emails/templates/email-update-already-used.tsx
 rename src/emails/templates/{email-address-change.tsx => email-update-code.tsx} (63%)
 create mode 100644 src/emails/templates/register-email-already-used.tsx
 delete mode 100644 src/features/admin/AdminPublicOnlyLayout.tsx
 delete mode 100644 src/features/auth/PageAdminLogin.tsx
 delete mode 100644 src/features/auth/PageAdminLoginValidate.tsx

diff --git a/.env.example b/.env.example
index 14566e2ac..612184e9e 100644
--- a/.env.example
+++ b/.env.example
@@ -16,7 +16,6 @@ NEXT_PUBLIC_IS_DEMO="false"
 # DATABASE
 DATABASE_URL="postgres://${DOCKER_DATABASE_USERNAME}:${DOCKER_DATABASE_PASSWORD}@localhost:${DOCKER_DATABASE_PORT}/${DOCKER_DATABASE_NAME}"
 
-
 # EMAILS
 EMAIL_SERVER="smtp://username:password@0.0.0.0:1025"
 EMAIL_FROM="Start UI <noreply@example.com>"
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
index f24b10e1e..16544caa5 100644
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -52,7 +52,7 @@ decisions when appropriate.
 
 This Code of Conduct applies within all community spaces, and also applies when
 an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official e-mail address,
+Examples of representing our community include using an official email address,
 posting via an official social media account, or acting as an appointed
 representative at an online or offline event.
 
diff --git a/e2e/admin.spec.ts b/e2e/admin.spec.ts
index f901b877f..19d9299cf 100644
--- a/e2e/admin.spec.ts
+++ b/e2e/admin.spec.ts
@@ -2,7 +2,6 @@ import { expect, test } from '@playwright/test';
 import { pageUtils } from 'e2e/utils/pageUtils';
 import { ADMIN_EMAIL } from 'e2e/utils/users';
 
-import { env } from '@/env.mjs';
 import { ROUTES_ADMIN } from '@/features/admin/routes';
 
 test.describe('Admin access', () => {
@@ -10,9 +9,6 @@ test.describe('Admin access', () => {
     const utils = pageUtils(page);
 
     await utils.loginAdmin({ email: ADMIN_EMAIL });
-    await page.waitForURL(
-      `${env.NEXT_PUBLIC_BASE_URL}${ROUTES_ADMIN.root()}**`
-    );
 
     await expect(page.getByTestId('admin-layout')).toBeVisible();
   });
diff --git a/e2e/register.spec.ts b/e2e/register.spec.ts
index 2a9b9b8b0..0fd4e8cae 100644
--- a/e2e/register.spec.ts
+++ b/e2e/register.spec.ts
@@ -8,8 +8,8 @@ import locales from '@/locales';
 
 test.describe('Register flow', () => {
   test('Success flow', async ({ page }) => {
-    await page.goto(ROUTES_AUTH.app.register());
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}`);
+    await page.goto(ROUTES_AUTH.register());
+    await page.waitForURL(`**${ROUTES_AUTH.register()}`);
 
     await page.getByLabel('Name').fill('Test user');
     const email = await getRandomEmail();
@@ -18,7 +18,7 @@ test.describe('Register flow', () => {
       .getByRole('button', { name: locales.en.auth.register.actions.create })
       .click();
 
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}/**`);
+    await page.waitForURL(`**${ROUTES_AUTH.register()}/**`);
     await page.getByText('Verification code').fill(VALIDATION_CODE_MOCKED);
     await expect(
       page.getByText(locales.en.auth.data.verificationCode.unknown)
@@ -26,8 +26,8 @@ test.describe('Register flow', () => {
   });
 
   test('Register with existing email', async ({ page }) => {
-    await page.goto(ROUTES_AUTH.app.register());
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}`);
+    await page.goto(ROUTES_AUTH.register());
+    await page.waitForURL(`**${ROUTES_AUTH.register()}`);
 
     await page.getByLabel('Name').fill('Test user');
     await page.getByLabel('Email').fill(USER_EMAIL);
@@ -35,7 +35,7 @@ test.describe('Register flow', () => {
       .getByRole('button', { name: locales.en.auth.register.actions.create })
       .click();
 
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}/**`);
+    await page.waitForURL(`**${ROUTES_AUTH.register()}/**`);
     await page.getByText('Verification code').fill(VALIDATION_CODE_MOCKED);
     await expect(
       page.getByText(locales.en.auth.data.verificationCode.unknown)
@@ -44,8 +44,8 @@ test.describe('Register flow', () => {
 
   test('Login with a not verified account', async ({ page }) => {
     const utils = pageUtils(page);
-    await page.goto(ROUTES_AUTH.app.register());
-    await page.waitForURL(`**${ROUTES_AUTH.app.register()}`);
+    await page.goto(ROUTES_AUTH.register());
+    await page.waitForURL(`**${ROUTES_AUTH.register()}`);
 
     const email = await getRandomEmail();
 
diff --git a/e2e/utils/pageUtils.ts b/e2e/utils/pageUtils.ts
index 78c9a8e21..746c8f94f 100644
--- a/e2e/utils/pageUtils.ts
+++ b/e2e/utils/pageUtils.ts
@@ -2,7 +2,6 @@ import { Page } from '@playwright/test';
 
 import { ROUTES_AUTH } from '@/features/auth/routes';
 import { VALIDATION_CODE_MOCKED } from '@/features/auth/utils';
-import type { RouterInputs } from '@/lib/trpc/types';
 import locales from '@/locales';
 
 /**
@@ -25,9 +24,9 @@ export const pageUtils = (page: Page) => {
     /**
      * Utility used to authenticate a user on the app
      */
-    async loginApp(input: RouterInputs['auth']['login'] & { code?: string }) {
-      await page.goto(ROUTES_AUTH.app.login());
-      await page.waitForURL(`**${ROUTES_AUTH.app.login()}`);
+    async loginApp(input: { email: string; code?: string }) {
+      await page.goto(ROUTES_AUTH.login());
+      await page.waitForURL(`**${ROUTES_AUTH.login()}`);
 
       await page
         .getByPlaceholder(locales.en.auth.data.email.label)
@@ -36,7 +35,7 @@ export const pageUtils = (page: Page) => {
         .getByRole('button', { name: locales.en.auth.login.actions.login })
         .click();
 
-      await page.waitForURL(`**${ROUTES_AUTH.app.login()}/**`);
+      await page.waitForURL(`**${ROUTES_AUTH.login()}/**`);
       await page
         .getByText('Verification code')
         .fill(input.code ?? VALIDATION_CODE_MOCKED);
@@ -45,9 +44,9 @@ export const pageUtils = (page: Page) => {
     /**
      * Utility used to authenticate an admin on the app
      */
-    async loginAdmin(input: RouterInputs['auth']['login'] & { code?: string }) {
-      await page.goto(ROUTES_AUTH.admin.login());
-      await page.waitForURL(`**${ROUTES_AUTH.admin.login()}`);
+    async loginAdmin(input: { email: string; code?: string }) {
+      await page.goto(ROUTES_AUTH.login());
+      await page.waitForURL(`**${ROUTES_AUTH.login()}`);
 
       await page
         .getByPlaceholder(locales.en.auth.data.email.label)
@@ -56,7 +55,7 @@ export const pageUtils = (page: Page) => {
         .getByRole('button', { name: locales.en.auth.login.actions.login })
         .click();
 
-      await page.waitForURL(`**${ROUTES_AUTH.admin.login()}/**`);
+      await page.waitForURL(`**${ROUTES_AUTH.login()}/**`);
       await page
         .getByText('Verification code')
         .fill(input.code ?? VALIDATION_CODE_MOCKED);
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index bc26dce87..5c3e37b90 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -79,7 +79,7 @@ importers:
         version: 5.1.1(encoding@0.1.13)
       chakra-react-select:
         specifier: 4.9.1
-        version: 4.9.1(jg2uf7jai25oxrvhvqjn25d64i)
+        version: 4.9.1(@chakra-ui/form-control@2.2.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/icon@3.2.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/layout@2.3.1(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/media-query@3.3.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/menu@2.2.1(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(framer-motion@11.2.14(@emotion/is-prop-valid@1.2.2)(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/spinner@2.1.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)
       colorette:
         specifier: 2.0.20
         version: 2.0.20
@@ -16228,8 +16228,8 @@ snapshots:
       loupe: 3.1.1
       pathval: 2.0.0
 
-  chakra-react-select@4.9.1(jg2uf7jai25oxrvhvqjn25d64i):
-    dependencies:
+  ? chakra-react-select@4.9.1(@chakra-ui/form-control@2.2.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/icon@3.2.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/layout@2.3.1(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/media-query@3.3.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/menu@2.2.1(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(framer-motion@11.2.14(@emotion/is-prop-valid@1.2.2)(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/spinner@2.1.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1))(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)
+  : dependencies:
       '@chakra-ui/form-control': 2.2.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1)
       '@chakra-ui/icon': 3.2.0(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1)
       '@chakra-ui/layout': 2.3.1(@chakra-ui/system@2.6.2(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@emotion/styled@11.11.5(@emotion/react@11.11.4(@types/react@18.3.3)(react@18.3.1))(@types/react@18.3.3)(react@18.3.1))(react@18.3.1))(react@18.3.1)
diff --git a/prisma/schema/user.prisma b/prisma/schema/user.prisma
index 99278bb0b..04d7031f2 100644
--- a/prisma/schema/user.prisma
+++ b/prisma/schema/user.prisma
@@ -1,9 +1,9 @@
 enum AccountStatus {
-  // User has registered and verified their email
+  // User has registered and verified
   ENABLED
   // User has been disabled and can't login anymore
   DISABLED
-  // User did register, but has not verified their email yet.
+  // User did register, but has not been verified
   NOT_VERIFIED
 }
 
@@ -13,15 +13,16 @@ enum UserRole {
 }
 
 model User {
-  id             String        @id @default(cuid())
-  createdAt      DateTime      @default(now())
-  updatedAt      DateTime      @updatedAt
-  name           String?
-  email          String        @unique
-  accountStatus  AccountStatus @default(NOT_VERIFIED)
-  image          String?
-  authorizations UserRole[]    @default([APP])
-  language       String        @default("en")
-  lastLoginAt    DateTime?
-  session        Session[]
+  id              String        @id @default(cuid())
+  createdAt       DateTime      @default(now())
+  updatedAt       DateTime      @updatedAt
+  name            String?
+  email           String?       @unique
+  isEmailVerified Boolean       @default(false)
+  accountStatus   AccountStatus @default(NOT_VERIFIED)
+  image           String?
+  authorizations  UserRole[]    @default([APP])
+  language        String        @default("en")
+  lastLoginAt     DateTime?
+  session         Session[]
 }
diff --git a/src/app/app/(public-only)/layout.tsx b/src/app/(public-only)/layout.tsx
similarity index 100%
rename from src/app/app/(public-only)/layout.tsx
rename to src/app/(public-only)/layout.tsx
diff --git a/src/app/app/(public-only)/login/[token]/page.tsx b/src/app/(public-only)/login/[token]/page.tsx
similarity index 100%
rename from src/app/app/(public-only)/login/[token]/page.tsx
rename to src/app/(public-only)/login/[token]/page.tsx
diff --git a/src/app/app/(public-only)/login/page.tsx b/src/app/(public-only)/login/page.tsx
similarity index 100%
rename from src/app/app/(public-only)/login/page.tsx
rename to src/app/(public-only)/login/page.tsx
diff --git a/src/app/app/(public-only)/register/[token]/page.tsx b/src/app/(public-only)/register/[token]/page.tsx
similarity index 100%
rename from src/app/app/(public-only)/register/[token]/page.tsx
rename to src/app/(public-only)/register/[token]/page.tsx
diff --git a/src/app/app/(public-only)/register/page.tsx b/src/app/(public-only)/register/page.tsx
similarity index 100%
rename from src/app/app/(public-only)/register/page.tsx
rename to src/app/(public-only)/register/page.tsx
diff --git a/src/app/admin/(authenticated)/layout.tsx b/src/app/admin/(authenticated)/layout.tsx
index b8c020f01..ebf64b802 100644
--- a/src/app/admin/(authenticated)/layout.tsx
+++ b/src/app/admin/(authenticated)/layout.tsx
@@ -13,7 +13,7 @@ export default function AuthenticatedLayout({
     <Suspense>
       <GuardAuthenticated
         authorizations={['ADMIN']}
-        loginPath={ROUTES_AUTH.admin.login()}
+        loginPath={ROUTES_AUTH.login()}
       >
         <AdminLayout>{children}</AdminLayout>
       </GuardAuthenticated>
diff --git a/src/app/admin/(public-only)/layout.tsx b/src/app/admin/(public-only)/layout.tsx
deleted file mode 100644
index 04b1a9f23..000000000
--- a/src/app/admin/(public-only)/layout.tsx
+++ /dev/null
@@ -1,14 +0,0 @@
-import { ReactNode, Suspense } from 'react';
-
-import { AdminPublicOnlyLayout } from '@/features/admin/AdminPublicOnlyLayout';
-import { GuardPublicOnly } from '@/features/auth/GuardPublicOnly';
-
-export default function PublicLayout({ children }: { children: ReactNode }) {
-  return (
-    <Suspense>
-      <GuardPublicOnly>
-        <AdminPublicOnlyLayout>{children}</AdminPublicOnlyLayout>
-      </GuardPublicOnly>
-    </Suspense>
-  );
-}
diff --git a/src/app/admin/(public-only)/login/[token]/page.tsx b/src/app/admin/(public-only)/login/[token]/page.tsx
deleted file mode 100644
index ba8ffc644..000000000
--- a/src/app/admin/(public-only)/login/[token]/page.tsx
+++ /dev/null
@@ -1,13 +0,0 @@
-'use client';
-
-import { Suspense } from 'react';
-
-import PageAdminLoginValidate from '@/features/auth/PageAdminLoginValidate';
-
-export default function Page() {
-  return (
-    <Suspense>
-      <PageAdminLoginValidate />
-    </Suspense>
-  );
-}
diff --git a/src/app/admin/(public-only)/login/page.tsx b/src/app/admin/(public-only)/login/page.tsx
deleted file mode 100644
index 68699a9c4..000000000
--- a/src/app/admin/(public-only)/login/page.tsx
+++ /dev/null
@@ -1,13 +0,0 @@
-'use client';
-
-import { Suspense } from 'react';
-
-import PageAdminLogin from '@/features/auth/PageAdminLogin';
-
-export default function Page() {
-  return (
-    <Suspense>
-      <PageAdminLogin />
-    </Suspense>
-  );
-}
diff --git a/src/app/app/(authenticated)/layout.tsx b/src/app/app/(authenticated)/layout.tsx
index 9067ab9ae..4f6eac9b1 100644
--- a/src/app/app/(authenticated)/layout.tsx
+++ b/src/app/app/(authenticated)/layout.tsx
@@ -13,7 +13,7 @@ export default function AuthenticatedLayout({
     <Suspense>
       <GuardAuthenticated
         authorizations={['APP']}
-        loginPath={ROUTES_AUTH.app.login()}
+        loginPath={ROUTES_AUTH.login()}
       >
         <AppLayout>{children}</AppLayout>
       </GuardAuthenticated>
diff --git a/src/emails/templates/email-update-already-used.tsx b/src/emails/templates/email-update-already-used.tsx
new file mode 100644
index 000000000..7162cc1a3
--- /dev/null
+++ b/src/emails/templates/email-update-already-used.tsx
@@ -0,0 +1,47 @@
+import { Container, Heading, Section, Text } from '@react-email/components';
+
+import { Footer } from '@/emails/components/Footer';
+import { Layout } from '@/emails/components/Layout';
+import { styles } from '@/emails/styles';
+import i18n from '@/lib/i18n/server';
+
+type EmailUpdateAlreadyUsedProps = {
+  language: string;
+  name: string;
+  email: string;
+};
+
+export const EmailUpdateAlreadyUsed = ({
+  language,
+  name,
+  email,
+}: EmailUpdateAlreadyUsedProps) => {
+  i18n.changeLanguage(language);
+  return (
+    <Layout
+      preview={i18n.t('emails:emailUpdateAlreadyUsed.preview')}
+      language={language}
+    >
+      <Container style={styles.container}>
+        <Heading style={styles.h1}>
+          {i18n.t('emails:emailUpdateAlreadyUsed.title')}
+        </Heading>
+        <Section style={styles.section}>
+          <Text style={styles.text}>
+            {i18n.t('emails:emailUpdateAlreadyUsed.hello', {
+              name,
+            })}
+            <br />
+            {i18n.t('emails:emailUpdateAlreadyUsed.intro', { email })}
+          </Text>
+          <Text style={styles.textMuted}>
+            {i18n.t('emails:emailUpdateAlreadyUsed.ignoreHelper')}
+          </Text>
+        </Section>
+        <Footer />
+      </Container>
+    </Layout>
+  );
+};
+
+export default EmailUpdateAlreadyUsed;
diff --git a/src/emails/templates/email-address-change.tsx b/src/emails/templates/email-update-code.tsx
similarity index 63%
rename from src/emails/templates/email-address-change.tsx
rename to src/emails/templates/email-update-code.tsx
index 2f6e3eb51..67fd824ca 100644
--- a/src/emails/templates/email-address-change.tsx
+++ b/src/emails/templates/email-update-code.tsx
@@ -6,40 +6,37 @@ import { styles } from '@/emails/styles';
 import { VALIDATION_TOKEN_EXPIRATION_IN_MINUTES } from '@/features/auth/utils';
 import i18n from '@/lib/i18n/server';
 
-type EmailAddressChangeProps = {
+type EmailUpdateCodeProps = {
   language: string;
   name: string;
   code: string;
 };
 
-export const EmailAddressChange = ({
+export const EmailUpdateCode = ({
   language,
   name,
   code,
-}: EmailAddressChangeProps) => {
+}: EmailUpdateCodeProps) => {
   i18n.changeLanguage(language);
   return (
-    <Layout
-      preview={i18n.t('emails:emailAddressChange.preview')}
-      language={language}
-    >
+    <Layout preview={i18n.t('emails:emailUpdate.preview')} language={language}>
       <Container style={styles.container}>
         <Heading style={styles.h1}>
-          {i18n.t('emails:emailAddressChange.title')}
+          {i18n.t('emails:emailUpdate.title')}
         </Heading>
         <Section style={styles.section}>
           <Text style={styles.text}>
-            {i18n.t('emails:emailAddressChange.hello', { name: name ?? '' })}
+            {i18n.t('emails:emailUpdate.hello', { name: name ?? '' })}
             <br />
-            {i18n.t('emails:emailAddressChange.intro')}
+            {i18n.t('emails:emailUpdate.intro')}
           </Text>
           <Text style={styles.code}>{code}</Text>
           <Text style={styles.textMuted}>
-            {i18n.t('emails:emailAddressChange.validityTime', {
+            {i18n.t('emails:emailUpdate.validityTime', {
               expiration: VALIDATION_TOKEN_EXPIRATION_IN_MINUTES,
             })}
             <br />
-            {i18n.t('emails:emailAddressChange.ignoreHelper')}
+            {i18n.t('emails:emailUpdate.ignoreHelper')}
           </Text>
         </Section>
         <Footer />
@@ -48,4 +45,4 @@ export const EmailAddressChange = ({
   );
 };
 
-export default EmailAddressChange;
+export default EmailUpdateCode;
diff --git a/src/emails/templates/register-email-already-used.tsx b/src/emails/templates/register-email-already-used.tsx
new file mode 100644
index 000000000..e9e30cfe0
--- /dev/null
+++ b/src/emails/templates/register-email-already-used.tsx
@@ -0,0 +1,47 @@
+import { Container, Heading, Section, Text } from '@react-email/components';
+
+import { Footer } from '@/emails/components/Footer';
+import { Layout } from '@/emails/components/Layout';
+import { styles } from '@/emails/styles';
+import i18n from '@/lib/i18n/server';
+
+type RegisterEmailAlreadyUsedProps = {
+  language: string;
+  name: string;
+  email: string;
+};
+
+export const RegisterEmailAlreadyUsed = ({
+  language,
+  name,
+  email,
+}: RegisterEmailAlreadyUsedProps) => {
+  i18n.changeLanguage(language);
+  return (
+    <Layout
+      preview={i18n.t('emails:registerEmailAlreadyUsed.preview')}
+      language={language}
+    >
+      <Container style={styles.container}>
+        <Heading style={styles.h1}>
+          {i18n.t('emails:registerEmailAlreadyUsed.title')}
+        </Heading>
+        <Section style={styles.section}>
+          <Text style={styles.text}>
+            {i18n.t('emails:registerEmailAlreadyUsed.hello', {
+              name,
+            })}
+            <br />
+            {i18n.t('emails:registerEmailAlreadyUsed.intro', { email })}
+          </Text>
+          <Text style={styles.textMuted}>
+            {i18n.t('emails:registerEmailAlreadyUsed.ignoreHelper')}
+          </Text>
+        </Section>
+        <Footer />
+      </Container>
+    </Layout>
+  );
+};
+
+export default RegisterEmailAlreadyUsed;
diff --git a/src/env.mjs b/src/env.mjs
index 68d2119c9..fc4bb2bdd 100644
--- a/src/env.mjs
+++ b/src/env.mjs
@@ -3,9 +3,8 @@
 import { createEnv } from '@t3-oss/env-nextjs';
 import { z } from 'zod';
 
-const zNodeEnv = z
-  .enum(['development', 'test', 'production'])
-  .default('development');
+const zNodeEnv = () =>
+  z.enum(['development', 'test', 'production']).default('development');
 
 export const env = createEnv({
   /**
@@ -14,7 +13,7 @@ export const env = createEnv({
    */
   server: {
     DATABASE_URL: z.string().url(),
-    NODE_ENV: zNodeEnv,
+    NODE_ENV: zNodeEnv(),
 
     EMAIL_SERVER: z.string().url(),
     EMAIL_FROM: z.string(),
@@ -63,7 +62,7 @@ export const env = createEnv({
           value ??
           (process.env.NODE_ENV === 'development' ? 'warning' : 'success')
       ),
-    NEXT_PUBLIC_NODE_ENV: zNodeEnv,
+    NEXT_PUBLIC_NODE_ENV: zNodeEnv(),
   },
 
   /**
diff --git a/src/features/account/AccountEmailForm.tsx b/src/features/account/AccountEmailForm.tsx
index d9c63f7eb..1f6abf44d 100644
--- a/src/features/account/AccountEmailForm.tsx
+++ b/src/features/account/AccountEmailForm.tsx
@@ -15,10 +15,7 @@ import {
 } from '@/components/Form';
 import { LoaderFull } from '@/components/LoaderFull';
 import { useToastError } from '@/components/Toast';
-import {
-  EmailVerificationCodeModale,
-  SEARCH_PARAM_VERIFY_EMAIL,
-} from '@/features/account/EmailVerificationCodeModal';
+import { EmailVerificationCodeModale } from '@/features/account/EmailVerificationCodeModal';
 import {
   FormFieldsAccountEmail,
   zFormFieldsAccountEmail,
@@ -28,11 +25,9 @@ import { trpc } from '@/lib/trpc/client';
 export const AccountEmailForm = () => {
   const { t } = useTranslation(['common', 'account']);
   const [searchParams, setSearchParams] = useQueryStates({
-    [SEARCH_PARAM_VERIFY_EMAIL]: parseAsString,
-    token: parseAsString,
     verifyEmail: parseAsString,
+    token: parseAsString,
   });
-  const verifyEmail = searchParams[SEARCH_PARAM_VERIFY_EMAIL];
 
   const account = trpc.account.get.useQuery(undefined, {
     staleTime: Infinity,
@@ -43,7 +38,7 @@ export const AccountEmailForm = () => {
   const updateEmail = trpc.account.updateEmail.useMutation({
     onSuccess: async ({ token }, { email }) => {
       setSearchParams({
-        [SEARCH_PARAM_VERIFY_EMAIL]: email,
+        verifyEmail: email,
         token,
       });
     },
@@ -57,7 +52,9 @@ export const AccountEmailForm = () => {
   const form = useForm<FormFieldsAccountEmail>({
     mode: 'onBlur',
     resolver: zodResolver(zFormFieldsAccountEmail()),
-    values: account.data,
+    values: {
+      email: account.data?.email ?? '',
+    },
   });
 
   const email = form.watch('email');
@@ -106,7 +103,7 @@ export const AccountEmailForm = () => {
           </Form>
         </Stack>
       )}
-      {!!verifyEmail && <EmailVerificationCodeModale />}
+      {!!searchParams.verifyEmail && <EmailVerificationCodeModale />}
     </>
   );
 };
diff --git a/src/features/account/EmailVerificationCodeModal.tsx b/src/features/account/EmailVerificationCodeModal.tsx
index 72544e102..3f8cc86e6 100644
--- a/src/features/account/EmailVerificationCodeModal.tsx
+++ b/src/features/account/EmailVerificationCodeModal.tsx
@@ -24,15 +24,12 @@ import {
 } from '@/features/auth/schemas';
 import { trpc } from '@/lib/trpc/client';
 
-export const SEARCH_PARAM_VERIFY_EMAIL = 'verify-email';
-
 export const EmailVerificationCodeModale = () => {
   const { t } = useTranslation(['account']);
   const [searchParams, setSearchParams] = useQueryStates({
-    [SEARCH_PARAM_VERIFY_EMAIL]: parseAsString,
+    verifyEmail: parseAsString,
     token: parseAsString,
     attempts: parseAsInteger.withDefault(0),
-    verifyEmail: parseAsString,
   });
   const trpcUtils = trpc.useUtils();
   const toastSuccess = useToastSuccess();
@@ -40,7 +37,7 @@ export const EmailVerificationCodeModale = () => {
   const onClose = () => {
     trpcUtils.account.get.reset();
     setSearchParams({
-      [SEARCH_PARAM_VERIFY_EMAIL]: null,
+      verifyEmail: null,
       token: null,
       attempts: null,
     });
diff --git a/src/features/account/PageAccount.tsx b/src/features/account/PageAccount.tsx
index 2626cf5a1..377e0c860 100644
--- a/src/features/account/PageAccount.tsx
+++ b/src/features/account/PageAccount.tsx
@@ -93,7 +93,7 @@ export default function PageHome() {
             <ConfirmModal
               onConfirm={() =>
                 router.push(
-                  `${ROUTES_AUTH.logout({ redirect: ROUTES_AUTH.app.login() })}`
+                  `${ROUTES_AUTH.logout({ redirect: ROUTES_AUTH.login() })}`
                 )
               }
               title={t('account:logout.confirm.title')}
diff --git a/src/features/account/schemas.ts b/src/features/account/schemas.ts
index be23852e0..58c6a47dc 100644
--- a/src/features/account/schemas.ts
+++ b/src/features/account/schemas.ts
@@ -1,10 +1,23 @@
 import { z } from 'zod';
 
-import { zUser } from '@/features/users/schemas';
+import { zUser, zUserWithEmail } from '@/features/users/schemas';
 
 export type UserAccount = z.infer<ReturnType<typeof zUserAccount>>;
 export const zUserAccount = () =>
   zUser().pick({
+    id: true,
+    name: true,
+    email: true,
+    isEmailVerified: true,
+    authorizations: true,
+    language: true,
+  });
+
+export type UserAccountWithEmail = z.infer<
+  ReturnType<typeof zUserAccountWithEmail>
+>;
+export const zUserAccountWithEmail = () =>
+  zUserWithEmail().pick({
     id: true,
     name: true,
     email: true,
@@ -15,7 +28,8 @@ export const zUserAccount = () =>
 export type FormFieldsAccountEmail = z.infer<
   ReturnType<typeof zFormFieldsAccountEmail>
 >;
-export const zFormFieldsAccountEmail = () => zUser().pick({ email: true });
+export const zFormFieldsAccountEmail = () =>
+  zUserAccountWithEmail().pick({ email: true });
 
 export type FormFieldsAccountProfile = z.infer<
   ReturnType<typeof zFormFieldsAccountProfile>
diff --git a/src/features/admin/AdminNavBar.tsx b/src/features/admin/AdminNavBar.tsx
index e903cfe3d..b6a9c5712 100644
--- a/src/features/admin/AdminNavBar.tsx
+++ b/src/features/admin/AdminNavBar.tsx
@@ -87,12 +87,19 @@ const AdminNavBarAccountMenu = ({ ...rest }: Omit<MenuProps, 'children'>) => {
     <Box color="gray.800" _dark={{ color: 'white' }}>
       <Menu placement="bottom-end" {...rest}>
         <MenuButton borderRadius="full" _focusVisible={{ shadow: 'outline' }}>
-          <Avatar size="sm" icon={<></>} name={account.data?.email ?? ''}>
+          <Avatar
+            size="sm"
+            icon={<></>}
+            name={account.data?.name ?? account.data?.email ?? ''}
+          >
             {account.isLoading && <Spinner size="xs" />}
           </Avatar>
         </MenuButton>
         <MenuList maxW="12rem" overflow="hidden">
-          <MenuGroup title={account.data?.email ?? ''} noOfLines={1}>
+          <MenuGroup
+            title={account.data?.name ?? account.data?.email ?? ''}
+            noOfLines={1}
+          >
             <MenuItem
               as={Link}
               href={ROUTES_ACCOUNT.admin.root()}
@@ -140,7 +147,7 @@ const AdminNavBarAccountMenu = ({ ...rest }: Omit<MenuProps, 'children'>) => {
           <MenuItem
             icon={<Icon icon={LuLogOut} fontSize="lg" color="gray.400" />}
             onClick={() =>
-              router.push(ROUTES_AUTH.logout({ redirect: ROUTES_ADMIN.root() }))
+              router.push(ROUTES_AUTH.logout({ redirect: ROUTES_AUTH.login() }))
             }
           >
             {t('admin:layout.accountMenu.logout')}
diff --git a/src/features/admin/AdminPublicOnlyLayout.tsx b/src/features/admin/AdminPublicOnlyLayout.tsx
deleted file mode 100644
index 524b2ff97..000000000
--- a/src/features/admin/AdminPublicOnlyLayout.tsx
+++ /dev/null
@@ -1,26 +0,0 @@
-'use client';
-
-import { ReactNode } from 'react';
-
-import { Box } from '@chakra-ui/react';
-
-import { Logo } from '@/components/Logo';
-import { SlideIn } from '@/components/SlideIn';
-import { Viewport } from '@/components/Viewport';
-
-type AdminPublicOnlyLayout = {
-  children: ReactNode;
-};
-
-export const AdminPublicOnlyLayout = ({ children }: AdminPublicOnlyLayout) => {
-  return (
-    <Viewport bg="gray.50" _dark={{ bg: 'gray.900' }}>
-      <SlideIn>
-        <Box px="4" py="4rem" w="22rem" maxW="full" m="auto">
-          <Logo w="12rem" mb="8" mx="auto" />
-          {children}
-        </Box>
-      </SlideIn>
-    </Viewport>
-  );
-};
diff --git a/src/features/app/AppNavBarDesktop.tsx b/src/features/app/AppNavBarDesktop.tsx
index 432b4ad63..9fe11f15e 100644
--- a/src/features/app/AppNavBarDesktop.tsx
+++ b/src/features/app/AppNavBarDesktop.tsx
@@ -56,7 +56,7 @@ export const AppNavBarDesktop = (props: BoxProps) => {
               href={ROUTES_ACCOUNT.app.root()}
               size="sm"
               icon={<></>}
-              name={account.data?.email ?? ''}
+              name={account.data?.name ?? account.data?.email ?? ''}
               {...(isAccountActive
                 ? {
                     ring: '2px',
diff --git a/src/features/auth/PageAdminLogin.tsx b/src/features/auth/PageAdminLogin.tsx
deleted file mode 100644
index 3c76a1bf6..000000000
--- a/src/features/auth/PageAdminLogin.tsx
+++ /dev/null
@@ -1,37 +0,0 @@
-import React from 'react';
-
-import { Card, CardBody, CardHeader, Heading } from '@chakra-ui/react';
-import { useRouter } from 'next/navigation';
-import { useTranslation } from 'react-i18next';
-
-import { LoginForm } from '@/features/auth/LoginForm';
-import { ROUTES_AUTH } from '@/features/auth/routes';
-import type { RouterInputs, RouterOutputs } from '@/lib/trpc/types';
-
-export default function PageAdminLogin() {
-  const { t } = useTranslation(['auth']);
-  const router = useRouter();
-
-  const handleOnSuccess = (
-    data: RouterOutputs['auth']['login'],
-    variables: RouterInputs['auth']['login']
-  ) => {
-    router.push(
-      ROUTES_AUTH.admin.loginValidate({
-        token: data.token,
-        email: variables.email,
-      })
-    );
-  };
-
-  return (
-    <Card boxShadow="card">
-      <CardHeader pb={0}>
-        <Heading size="md">{t('auth:login.adminTitle')}</Heading>
-      </CardHeader>
-      <CardBody>
-        <LoginForm onSuccess={handleOnSuccess} />
-      </CardBody>
-    </Card>
-  );
-}
diff --git a/src/features/auth/PageAdminLoginValidate.tsx b/src/features/auth/PageAdminLoginValidate.tsx
deleted file mode 100644
index 5a19e8f78..000000000
--- a/src/features/auth/PageAdminLoginValidate.tsx
+++ /dev/null
@@ -1,80 +0,0 @@
-import React from 'react';
-
-import { Button, Card, CardBody, CardHeader } from '@chakra-ui/react';
-import { zodResolver } from '@hookform/resolvers/zod';
-import { useParams, useRouter, useSearchParams } from 'next/navigation';
-import { SubmitHandler, useForm } from 'react-hook-form';
-import { useTranslation } from 'react-i18next';
-import { LuArrowLeft, LuArrowRight } from 'react-icons/lu';
-
-import { Form } from '@/components/Form';
-import { ROUTES_ADMIN } from '@/features/admin/routes';
-import {
-  VerificationCodeForm,
-  useOnVerificationCodeError,
-  useOnVerificationCodeSuccess,
-} from '@/features/auth/VerificationCodeForm';
-import {
-  FormFieldsVerificationCode,
-  zFormFieldsVerificationCode,
-} from '@/features/auth/schemas';
-import { useRtl } from '@/hooks/useRtl';
-import { trpc } from '@/lib/trpc/client';
-
-export default function PageAdminLoginValidate() {
-  const { t } = useTranslation(['common']);
-  const { rtlValue } = useRtl();
-  const router = useRouter();
-  const params = useParams();
-  const searchParams = useSearchParams();
-
-  const token = params?.token?.toString() ?? '';
-  const email = searchParams.get('email');
-
-  const form = useForm<FormFieldsVerificationCode>({
-    mode: 'onBlur',
-    resolver: zodResolver(zFormFieldsVerificationCode()),
-    defaultValues: {
-      code: '',
-    },
-  });
-
-  const onSubmit: SubmitHandler<FormFieldsVerificationCode> = (values) => {
-    validate.mutate({ ...values, token });
-  };
-
-  const onVerificationCodeSuccess = useOnVerificationCodeSuccess({
-    defaultRedirect: ROUTES_ADMIN.root(),
-  });
-  const onVerificationCodeError = useOnVerificationCodeError({
-    onError: (error) => form.setError('code', { message: error }),
-  });
-
-  const validate = trpc.auth.loginValidate.useMutation({
-    onSuccess: onVerificationCodeSuccess,
-    onError: onVerificationCodeError,
-  });
-
-  return (
-    <Card boxShadow="card">
-      <CardHeader pb={0}>
-        <Button
-          me="auto"
-          size="sm"
-          leftIcon={rtlValue(<LuArrowLeft />, <LuArrowRight />)}
-          onClick={() => router.back()}
-        >
-          {t('common:actions.back')}
-        </Button>
-      </CardHeader>
-      <CardBody>
-        <Form {...form} onSubmit={onSubmit}>
-          <VerificationCodeForm
-            email={email ?? ''}
-            isLoading={validate.isLoading || validate.isSuccess}
-          />
-        </Form>
-      </CardBody>
-    </Card>
-  );
-}
diff --git a/src/features/auth/PageLogin.tsx b/src/features/auth/PageLogin.tsx
index b27baaa28..3827d5a69 100644
--- a/src/features/auth/PageLogin.tsx
+++ b/src/features/auth/PageLogin.tsx
@@ -1,13 +1,6 @@
 import React from 'react';
 
-import {
-  Button,
-  Divider,
-  HStack,
-  Heading,
-  Stack,
-  Text,
-} from '@chakra-ui/react';
+import { Box, Button, Heading, Stack } from '@chakra-ui/react';
 import Link from 'next/link';
 import { useRouter } from 'next/navigation';
 import { useTranslation } from 'react-i18next';
@@ -25,7 +18,7 @@ export default function PageLogin() {
     variables: RouterInputs['auth']['login']
   ) => {
     router.push(
-      ROUTES_AUTH.app.loginValidate({
+      ROUTES_AUTH.loginValidate({
         token: data.token,
         email: variables.email,
       })
@@ -36,34 +29,29 @@ export default function PageLogin() {
     <Stack spacing={6}>
       <Stack spacing={1}>
         <Heading size="md">{t('auth:login.appTitle')}</Heading>
-        <Text fontSize="sm" color="text-dimmed">
-          {t('auth:login.appSubTitle')}
-        </Text>
-      </Stack>
-
-      <Button
-        variant="@primary"
-        size="lg"
-        as={Link}
-        href={ROUTES_AUTH.app.register()}
-      >
-        {t('auth:login.actions.register')}
-      </Button>
-
-      <HStack>
-        <Divider flex={1} />
-        <Text
-          fontSize="xs"
-          color="gray.400"
-          fontWeight="bold"
-          textTransform="uppercase"
+        <Button
+          as={Link}
+          href={ROUTES_AUTH.register()}
+          variant="link"
+          size="sm"
+          whiteSpace="normal"
+          display="inline"
+          fontWeight="normal"
+          px="0"
+          color="text-dimmed"
         >
-          {t('common:or')}
-        </Text>
-        <Divider flex={1} />
-      </HStack>
-
-      <LoginForm onSuccess={handleOnSuccess} buttonVariant="@secondary" />
+          {t('auth:login.actions.noAccount')}
+          <Box
+            as="strong"
+            ms="1"
+            color="brand.500"
+            _dark={{ color: 'brand.300' }}
+          >
+            {t('auth:login.actions.register')}
+          </Box>
+        </Button>
+      </Stack>
+      <LoginForm onSuccess={handleOnSuccess} />
     </Stack>
   );
 }
diff --git a/src/features/auth/PageLoginValidate.tsx b/src/features/auth/PageLoginValidate.tsx
index 1fc4e9021..a813c5693 100644
--- a/src/features/auth/PageLoginValidate.tsx
+++ b/src/features/auth/PageLoginValidate.tsx
@@ -1,16 +1,17 @@
 import { Button, Stack } from '@chakra-ui/react';
 import { zodResolver } from '@hookform/resolvers/zod';
+import { useQueryClient } from '@tanstack/react-query';
 import { useParams, useRouter, useSearchParams } from 'next/navigation';
 import { SubmitHandler, useForm } from 'react-hook-form';
 import { useTranslation } from 'react-i18next';
 import { LuArrowLeft, LuArrowRight } from 'react-icons/lu';
 
 import { Form } from '@/components/Form';
+import { ROUTES_ADMIN } from '@/features/admin/routes';
 import { ROUTES_APP } from '@/features/app/routes';
 import {
   VerificationCodeForm,
   useOnVerificationCodeError,
-  useOnVerificationCodeSuccess,
 } from '@/features/auth/VerificationCodeForm';
 import {
   FormFieldsVerificationCode,
@@ -25,6 +26,9 @@ export default function PageLoginValidate() {
   const router = useRouter();
   const params = useParams();
   const searchParams = useSearchParams();
+  const redirect = searchParams.get('redirect');
+  const trpcUtils = trpc.useUtils();
+  const queryCache = useQueryClient();
 
   const token = params?.token?.toString() ?? '';
   const email = searchParams.get('email');
@@ -41,9 +45,6 @@ export default function PageLoginValidate() {
     validate.mutate({ ...values, token });
   };
 
-  const onVerificationCodeSuccess = useOnVerificationCodeSuccess({
-    defaultRedirect: ROUTES_APP.root(),
-  });
   const onVerificationCodeError = useOnVerificationCodeError({
     onError: (error) =>
       form.setError('code', {
@@ -52,7 +53,26 @@ export default function PageLoginValidate() {
   });
 
   const validate = trpc.auth.loginValidate.useMutation({
-    onSuccess: onVerificationCodeSuccess,
+    onSuccess: (data) => {
+      queryCache.clear();
+
+      // Optimistic Update
+      trpcUtils.auth.checkAuthenticated.setData(undefined, {
+        isAuthenticated: true,
+      });
+
+      if (redirect) {
+        router.replace(redirect);
+        return;
+      }
+
+      if (data.account.authorizations.includes('ADMIN')) {
+        router.replace(ROUTES_ADMIN.root());
+        return;
+      }
+
+      router.replace(ROUTES_APP.root());
+    },
     onError: onVerificationCodeError,
   });
 
diff --git a/src/features/auth/PageLogout.tsx b/src/features/auth/PageLogout.tsx
index e34196cfc..f359e3fab 100644
--- a/src/features/auth/PageLogout.tsx
+++ b/src/features/auth/PageLogout.tsx
@@ -1,4 +1,4 @@
-import React, { useEffect } from 'react';
+import React, { useEffect, useRef } from 'react';
 
 import { Center, Spinner } from '@chakra-ui/react';
 import { useQueryClient } from '@tanstack/react-query';
@@ -9,20 +9,25 @@ import { trpc } from '@/lib/trpc/client';
 export default function PageLogout() {
   const router = useRouter();
   const queryCache = useQueryClient();
-  const logout = trpc.auth.logout.useMutation();
-  const trpcUtils = trpc.useUtils();
-  const searchParams = useSearchParams();
-
-  useEffect(() => {
-    const trigger = async () => {
-      if (!logout.isIdle) return;
-      await logout.mutateAsync();
+  const isTriggeredRef = useRef(false);
+  const logout = trpc.auth.logout.useMutation({
+    onSuccess: () => {
       queryCache.clear();
       // Optimistic Update
       trpcUtils.auth.checkAuthenticated.setData(undefined, {
         isAuthenticated: false,
       });
       router.replace(searchParams.get('redirect') || '/');
+    },
+  });
+  const trpcUtils = trpc.useUtils();
+  const searchParams = useSearchParams();
+
+  useEffect(() => {
+    const trigger = async () => {
+      if (isTriggeredRef.current) return;
+      isTriggeredRef.current = true;
+      logout.mutate();
     };
     trigger();
   }, [
diff --git a/src/features/auth/PageRegister.tsx b/src/features/auth/PageRegister.tsx
index c64012572..b682c3bf4 100644
--- a/src/features/auth/PageRegister.tsx
+++ b/src/features/auth/PageRegister.tsx
@@ -32,7 +32,7 @@ export default function PageRegister() {
   const register = trpc.auth.register.useMutation({
     onSuccess: (data, variables) => {
       router.push(
-        ROUTES_AUTH.app.registerValidate({
+        ROUTES_AUTH.registerValidate({
           token: data.token,
           email: variables.email,
         })
@@ -67,7 +67,7 @@ export default function PageRegister() {
         <Heading size="md">{t('auth:register.title')}</Heading>
         <Button
           as={Link}
-          href={ROUTES_AUTH.app.login()}
+          href={ROUTES_AUTH.login()}
           variant="link"
           size="sm"
           whiteSpace="normal"
@@ -87,7 +87,6 @@ export default function PageRegister() {
           </Box>
         </Button>
       </Stack>
-
       <Form
         {...form}
         onSubmit={(values) => {
@@ -137,7 +136,7 @@ export default function PageRegister() {
               {t('auth:register.actions.create')}
             </Button>
           </Flex>
-          <DemoRegisterHint loginPath={ROUTES_AUTH.app.login()} />
+          <DemoRegisterHint loginPath={ROUTES_AUTH.login()} />
         </Stack>
       </Form>
     </Stack>
diff --git a/src/features/auth/PageRegisterValidate.tsx b/src/features/auth/PageRegisterValidate.tsx
index c193b260d..3d0478852 100644
--- a/src/features/auth/PageRegisterValidate.tsx
+++ b/src/features/auth/PageRegisterValidate.tsx
@@ -2,6 +2,7 @@ import React from 'react';
 
 import { Button, Stack } from '@chakra-ui/react';
 import { zodResolver } from '@hookform/resolvers/zod';
+import { useQueryClient } from '@tanstack/react-query';
 import { useParams, useRouter, useSearchParams } from 'next/navigation';
 import { SubmitHandler, useForm } from 'react-hook-form';
 import { useTranslation } from 'react-i18next';
@@ -12,7 +13,6 @@ import { ROUTES_APP } from '@/features/app/routes';
 import {
   VerificationCodeForm,
   useOnVerificationCodeError,
-  useOnVerificationCodeSuccess,
 } from '@/features/auth/VerificationCodeForm';
 import {
   FormFieldsVerificationCode,
@@ -27,6 +27,9 @@ export default function PageRegisterValidate() {
   const router = useRouter();
   const params = useParams();
   const searchParams = useSearchParams();
+  const redirect = searchParams.get('redirect');
+  const trpcUtils = trpc.useUtils();
+  const queryCache = useQueryClient();
 
   const token = params?.token?.toString() ?? '';
   const email = searchParams.get('email');
@@ -43,15 +46,21 @@ export default function PageRegisterValidate() {
     validate.mutate({ ...values, token });
   };
 
-  const onVerificationCodeSuccess = useOnVerificationCodeSuccess({
-    defaultRedirect: ROUTES_APP.root(),
-  });
   const onVerificationCodeError = useOnVerificationCodeError({
     onError: (error) => form.setError('code', { message: error }),
   });
 
   const validate = trpc.auth.registerValidate.useMutation({
-    onSuccess: onVerificationCodeSuccess,
+    onSuccess: () => {
+      queryCache.clear();
+
+      // Optimistic Update
+      trpcUtils.auth.checkAuthenticated.setData(undefined, {
+        isAuthenticated: true,
+      });
+
+      router.replace(redirect || ROUTES_APP.root());
+    },
     onError: onVerificationCodeError,
   });
 
diff --git a/src/features/auth/VerificationCodeForm.tsx b/src/features/auth/VerificationCodeForm.tsx
index 9324d761b..438be1739 100644
--- a/src/features/auth/VerificationCodeForm.tsx
+++ b/src/features/auth/VerificationCodeForm.tsx
@@ -1,9 +1,7 @@
 import { ReactNode } from 'react';
 
 import { Button, HStack, Heading, Stack, Text } from '@chakra-ui/react';
-import { useQueryClient } from '@tanstack/react-query';
 import { TRPCClientErrorLike } from '@trpc/client';
-import { useRouter, useSearchParams } from 'next/navigation';
 import { parseAsInteger, useQueryState } from 'nuqs';
 import { useFormContext } from 'react-hook-form';
 import { Trans, useTranslation } from 'react-i18next';
@@ -20,7 +18,6 @@ import {
   getValidationRetryDelayInSeconds,
 } from '@/features/auth/utils';
 import { ValidationCodeHint } from '@/features/devtools/ValidationCodeHint';
-import { trpc } from '@/lib/trpc/client';
 import { AppRouter } from '@/lib/trpc/types';
 
 export type VerificationCodeFormProps = {
@@ -90,27 +87,6 @@ export const VerificationCodeForm = ({
   );
 };
 
-export const useOnVerificationCodeSuccess = ({
-  defaultRedirect = '/',
-}: {
-  defaultRedirect: string;
-}) => {
-  const router = useRouter();
-  const trpcUtils = trpc.useUtils();
-  const queryCache = useQueryClient();
-  const searchParams = useSearchParams();
-  return async () => {
-    queryCache.clear();
-
-    // Optimistic Update
-    trpcUtils.auth.checkAuthenticated.setData(undefined, {
-      isAuthenticated: true,
-    });
-
-    router.push(searchParams.get('redirect') || defaultRedirect || '/');
-  };
-};
-
 export const useOnVerificationCodeError = ({
   onError,
 }: {
diff --git a/src/features/auth/routes.ts b/src/features/auth/routes.ts
index e42a0e076..56190b0ed 100644
--- a/src/features/auth/routes.ts
+++ b/src/features/auth/routes.ts
@@ -1,20 +1,10 @@
-import { ROUTES_ADMIN } from '@/features/admin/routes';
-import { ROUTES_APP } from '@/features/app/routes';
-
 export const ROUTES_AUTH = {
   logout: (params: { redirect?: string } = {}) =>
     params.redirect ? `/logout?redirect=${params.redirect}` : '/logout',
-  app: {
-    login: () => `${ROUTES_APP.baseUrl()}/login`,
-    loginValidate: (params: { token: string; email: string }) =>
-      `${ROUTES_AUTH.app.login()}/${params.token}?email=${params.email}`,
-    register: () => `${ROUTES_APP.baseUrl()}/register`,
-    registerValidate: (params: { token: string; email: string }) =>
-      `${ROUTES_AUTH.app.register()}/${params.token}?email=${params.email}`,
-  },
-  admin: {
-    login: () => `${ROUTES_ADMIN.baseUrl()}/login`,
-    loginValidate: (params: { token: string; email: string }) =>
-      `${ROUTES_AUTH.admin.login()}/${params.token}?email=${params.email}`,
-  },
+  login: () => `/login`,
+  loginValidate: (params: { token: string; email: string }) =>
+    `${ROUTES_AUTH.login()}/${params.token}?email=${params.email}`,
+  register: () => `/register`,
+  registerValidate: (params: { token: string; email: string }) =>
+    `${ROUTES_AUTH.register()}/${params.token}?email=${params.email}`,
 } as const;
diff --git a/src/features/auth/schemas.ts b/src/features/auth/schemas.ts
index 20565241e..cc0a975cf 100644
--- a/src/features/auth/schemas.ts
+++ b/src/features/auth/schemas.ts
@@ -1,16 +1,16 @@
 import { t } from 'i18next';
 import { z } from 'zod';
 
-import { zUser } from '@/features/users/schemas';
+import { zUserWithEmail } from '@/features/users/schemas';
 
 export type FormFieldsLogin = z.infer<ReturnType<typeof zFormFieldsLogin>>;
-export const zFormFieldsLogin = () => zUser().pick({ email: true });
+export const zFormFieldsLogin = () => zUserWithEmail().pick({ email: true });
 
 export type FormFieldsRegister = z.infer<
   ReturnType<typeof zFormFieldsRegister>
 >;
 export const zFormFieldsRegister = () =>
-  zUser().pick({ email: true, name: true, language: true }).required();
+  zUserWithEmail().pick({ email: true, name: true, language: true }).required();
 
 export type VerificationCodeValidate = z.infer<
   ReturnType<typeof zVerificationCodeValidate>
diff --git a/src/features/users/schemas.ts b/src/features/users/schemas.ts
index 130ced817..a0e918115 100644
--- a/src/features/users/schemas.ts
+++ b/src/features/users/schemas.ts
@@ -29,10 +29,11 @@ export const zUser = () =>
         }
       )
       .nullish(),
-    email: zu.string.email(z.string(), {
+    email: zu.string.emailNullish(z.string(), {
       required_error: t('users:data.email.required'),
       invalid_type_error: t('users:data.email.invalid'),
     }),
+    isEmailVerified: z.boolean(),
     authorizations: zu.array
       .nonEmpty(
         z.array(zUserAuthorization(), {
@@ -46,6 +47,17 @@ export const zUser = () =>
       .default(DEFAULT_LANGUAGE_KEY),
   });
 
+export type UserWithEmail = z.infer<ReturnType<typeof zUserWithEmail>>;
+export const zUserWithEmail = () =>
+  zUser()
+    .omit({ email: true })
+    .extend({
+      email: zu.string.email(z.string(), {
+        required_error: t('users:data.email.required'),
+        invalid_type_error: t('users:data.email.invalid'),
+      }),
+    });
+
 export type FormFieldUser = z.infer<ReturnType<typeof zFormFieldsUser>>;
 export const zFormFieldsUser = () =>
   zUser()
diff --git a/src/locales/ar/auth.json b/src/locales/ar/auth.json
index b2c9890c0..fe680ad64 100644
--- a/src/locales/ar/auth.json
+++ b/src/locales/ar/auth.json
@@ -20,16 +20,15 @@
   "login": {
     "actions": {
       "register": "إنشاء حساب",
-      "login": "قم بتسجيل الدخول باستخدام البريد الإلكتروني"
+      "login": "قم بتسجيل الدخول باستخدام البريد الإلكتروني",
+      "noAccount": "ليس لديك حساب؟"
     },
     "feedbacks": {
       "loginError": {
         "title": "فشل تسجيل الدخول"
       }
     },
-    "adminTitle": "تسجيل الدخول المشرف",
-    "appSubTitle": "بداية واجهة المستخدم برأيه",
-    "appTitle": "🚀 Start UI [web]"
+    "appTitle": "تسجيل الدخول"
   },
   "register": {
     "actions": {
diff --git a/src/locales/ar/emails.json b/src/locales/ar/emails.json
index dda642bad..74a6f5c98 100644
--- a/src/locales/ar/emails.json
+++ b/src/locales/ar/emails.json
@@ -25,7 +25,7 @@
     "subject": "تحقق من حسابك",
     "title": "تحقق من حسابك"
   },
-  "emailAddressChange": {
+  "emailUpdate": {
     "hello": "مرحبًا {{name}}،",
     "ignoreHelper": "إذا لم تحاول تغيير بريدك الإلكتروني، فيمكنك تجاهل هذا البريد الإلكتروني بأمان.",
     "intro": "هذا هو رمز التحقق لتحديث بريدك الإلكتروني:",
@@ -42,5 +42,21 @@
     "subject": "حذف حسابك",
     "title": "حذف حسابك",
     "validityTime": "سيكون هذا الرمز صالحًا فقط لمدة {{expiration}} الدقائق التالية."
+  },
+  "emailUpdateAlreadyUsed": {
+    "hello": "مرحبًا {{اسم}}،",
+    "ignoreHelper": "إذا لم تحاول تغيير بريدك الإلكتروني، فيمكنك تجاهل هذا البريد الإلكتروني بأمان.",
+    "intro": "إن {{email}} الخاص بك مستخدم بالفعل، ولا يمكنك استخدامه لحساب آخر.",
+    "preview": "بريدك الإلكتروني مستخدم بالفعل بواسطة حساب آخر",
+    "subject": "هل تحاول تحديث بريدك الإلكتروني؟",
+    "title": "هل تحاول تحديث بريدك الإلكتروني؟"
+  },
+  "registerEmailAlreadyUsed": {
+    "hello": "مرحبًا {{اسم}}،",
+    "ignoreHelper": "إذا لم تحاول إنشاء حساب، فيمكنك تجاهل هذا البريد الإلكتروني بأمان.",
+    "intro": "بريدك الإلكتروني {{email}} مستخدم بالفعل، ولا يمكنك إنشاء حساب آخر به.",
+    "preview": "بريدك الإلكتروني مستخدم بالفعل بواسطة حساب آخر",
+    "title": "الحساب موجود بالفعل",
+    "subject": "الحساب موجود بالفعل"
   }
 }
diff --git a/src/locales/en/auth.json b/src/locales/en/auth.json
index 338b7344e..5affc2af4 100644
--- a/src/locales/en/auth.json
+++ b/src/locales/en/auth.json
@@ -1,8 +1,6 @@
 {
   "login": {
-    "appTitle": "🚀 Start UI [web]",
-    "appSubTitle": "An opinionated UI starter",
-    "adminTitle": "Admin sign in",
+    "appTitle": "Sign in",
     "feedbacks": {
       "loginError": {
         "title": "Failed to sign in"
@@ -10,7 +8,8 @@
     },
     "actions": {
       "login": "Sign in with email",
-      "register": "Create an account"
+      "noAccount": "Don't have an account?",
+      "register": "Sign up"
     }
   },
   "validate": {
@@ -31,7 +30,7 @@
       "alreadyHaveAnAccount": "Already have an account?",
       "login": "Sign in"
     },
-    "title": "Create an account"
+    "title": "Create your account"
   },
   "data": {
     "verificationCode": {
diff --git a/src/locales/en/emails.json b/src/locales/en/emails.json
index df69ecaae..15d9c8f87 100644
--- a/src/locales/en/emails.json
+++ b/src/locales/en/emails.json
@@ -8,6 +8,14 @@
     "validityTime": "This code will only be valid for the next {{expiration}} minutes.",
     "ignoreHelper": "If you didn't try to register, you can safely ignore this email."
   },
+  "registerEmailAlreadyUsed": {
+    "subject": "Account already exists",
+    "preview": "Your email is already used by another account",
+    "title": "Account already exists",
+    "hello": "Hi {{name}},",
+    "intro": "Your email {{email}} is already used, you can't create another account with it.",
+    "ignoreHelper": "If you didn't try to create an account, you can safely ignore this email."
+  },
   "loginCode": {
     "subject": "Sign in verification code",
     "preview": "Verification code to sign in",
@@ -25,7 +33,7 @@
     "button": "Try a different email",
     "ignoreHelper": "If you didn't try to sign in, you can safely ignore this email."
   },
-  "emailAddressChange": {
+  "emailUpdate": {
     "subject": "Verification code",
     "preview": "Change your email",
     "title": "Your verification code",
@@ -34,6 +42,14 @@
     "validityTime": "This code will only be valid for the next {{expiration}} minutes.",
     "ignoreHelper": "If you didn't try to change your email, you can safely ignore this email."
   },
+  "emailUpdateAlreadyUsed": {
+    "subject": "Trying to update your email?",
+    "preview": "Your email is already used by another account",
+    "title": "Trying to update your email?",
+    "hello": "Hi {{name}},",
+    "intro": "Your email {{email}} is already used, you can't use it for another account.",
+    "ignoreHelper": "If you didn't try to change your email, you can safely ignore this email."
+  },
   "deleteAccountCode": {
     "subject": "Delete your account",
     "preview": "Verification code to delete your account",
diff --git a/src/locales/fr/auth.json b/src/locales/fr/auth.json
index cf6163169..aaacd1fd2 100644
--- a/src/locales/fr/auth.json
+++ b/src/locales/fr/auth.json
@@ -20,16 +20,15 @@
   "login": {
     "actions": {
       "register": "Créer un compte",
-      "login": "Connexion par e-mail"
+      "login": "Connexion par email",
+      "noAccount": "Vous n'avez pas de compte ?"
     },
     "feedbacks": {
       "loginError": {
         "title": "Échec de la connexion"
       }
     },
-    "adminTitle": "Connexion administrateur",
-    "appSubTitle": "Un starter UI dogmatique",
-    "appTitle": "🚀 Start UI [web]"
+    "appTitle": "Se connecter"
   },
   "register": {
     "actions": {
diff --git a/src/locales/fr/emails.json b/src/locales/fr/emails.json
index f8bd88982..f5912b6c9 100644
--- a/src/locales/fr/emails.json
+++ b/src/locales/fr/emails.json
@@ -25,7 +25,7 @@
     "subject": "Vérifiez votre compte",
     "title": "Vérifiez votre compte"
   },
-  "emailAddressChange": {
+  "emailUpdate": {
     "hello": "Bonjour {{name}},",
     "ignoreHelper": "Si vous n'avez pas essayé de modifier votre adresse email, vous pouvez ignorer cet email en toute sécurité.",
     "intro": "Voici le code de vérification pour mettre à jour votre email :",
@@ -42,5 +42,21 @@
     "subject": "Supprimer votre compte",
     "title": "Supprimer votre compte",
     "validityTime": "Ce code ne sera valable que pour les prochaines {{expiration}} minutes."
+  },
+  "emailUpdateAlreadyUsed": {
+    "hello": "Bonjour {{name}},",
+    "ignoreHelper": "Si vous n'avez pas essayé de modifier votre adresse email, vous pouvez ignorer cet email en toute sécurité.",
+    "intro": "Votre {{email}} est déjà utilisé, vous ne pouvez pas l'utiliser pour un autre compte. ",
+    "preview": "Votre email est déjà utilisé par un autre compte",
+    "subject": "Vous essayez de mettre à jour votre email ?",
+    "title": "Vous essayez de mettre à jour votre email ?"
+  },
+  "registerEmailAlreadyUsed": {
+    "hello": "Bonjour {{name}},",
+    "ignoreHelper": "Si vous n'avez pas essayé de créer un compte, vous pouvez ignorer cet email en toute sécurité.",
+    "intro": "Votre email {{email}} est déjà utilisé, vous ne pouvez pas créer un autre compte avec.",
+    "preview": "Votre email est déjà utilisé par un autre compte",
+    "title": "Le compte existe déjà",
+    "subject": "Le compte existe déjà"
   }
 }
diff --git a/src/locales/sw/auth.json b/src/locales/sw/auth.json
index 2f27dea89..af7dd72a1 100644
--- a/src/locales/sw/auth.json
+++ b/src/locales/sw/auth.json
@@ -20,16 +20,15 @@
   "login": {
     "actions": {
       "register": "Fungua akaunti",
-      "login": "Ingia kwa kutumia barua pepe"
+      "login": "Ingia kwa kutumia barua pepe",
+      "noAccount": "Je, huna akaunti?"
     },
     "feedbacks": {
       "loginError": {
         "title": "Imeshindwa kuingia"
       }
     },
-    "adminTitle": "Msimamizi ingia",
-    "appSubTitle": "Kianzisha UI cha maoni",
-    "appTitle": "🚀 Start UI [web]"
+    "appTitle": "Weka sahihi"
   },
   "register": {
     "actions": {
diff --git a/src/locales/sw/emails.json b/src/locales/sw/emails.json
index 9122388c5..db854b2b3 100644
--- a/src/locales/sw/emails.json
+++ b/src/locales/sw/emails.json
@@ -25,7 +25,7 @@
     "subject": "Hakikisha akaunti yako",
     "title": "Hakikisha akaunti yako"
   },
-  "emailAddressChange": {
+  "emailUpdate": {
     "hello": "Hujambo {{jina}},",
     "ignoreHelper": "Ikiwa hukujaribu kubadilisha barua pepe yako, unaweza kupuuza barua pepe hii kwa usalama.",
     "intro": "Huu ndio nambari ya kuthibitisha ili kusasisha barua pepe yako:",
@@ -42,5 +42,21 @@
     "subject": "Futa akaunti yako",
     "title": "Futa akaunti yako",
     "validityTime": "Nambari hii itatumika kwa dakika {{expiration}} zinazofuata."
+  },
+  "emailUpdateAlreadyUsed": {
+    "hello": "Hujambo {{jina}},",
+    "ignoreHelper": "Ikiwa hukujaribu kubadilisha barua pepe yako, unaweza kupuuza barua pepe hii kwa usalama.",
+    "intro": "{{email}} yako tayari imetumika, huwezi kuitumia kwa akaunti nyingine.",
+    "preview": "Barua pepe yako tayari inatumiwa na akaunti nyingine",
+    "subject": "Je, unajaribu kusasisha barua pepe yako?",
+    "title": "Je, unajaribu kusasisha barua pepe yako?"
+  },
+  "registerEmailAlreadyUsed": {
+    "hello": "Hujambo {{jina}},",
+    "ignoreHelper": "Ikiwa hukujaribu kufungua akaunti, unaweza kupuuza barua pepe hii kwa usalama.",
+    "intro": "Barua pepe yako {{email}} tayari imetumika, huwezi kufungua akaunti nyingine nayo.",
+    "preview": "Barua pepe yako tayari inatumiwa na akaunti nyingine",
+    "title": "Akaunti tayari ipo",
+    "subject": "Akaunti tayari ipo"
   }
 }
diff --git a/src/server/config/trpc.ts b/src/server/config/trpc.ts
index 0c01a44f3..3182d3ccb 100644
--- a/src/server/config/trpc.ts
+++ b/src/server/config/trpc.ts
@@ -212,7 +212,7 @@ export const protectedProcedure = (
       if (!user || !session || user.accountStatus !== 'ENABLED') {
         throw new TRPCError({
           code: 'UNAUTHORIZED',
-          message: user?.email,
+          message: user?.email ?? undefined,
         });
       }
 
diff --git a/src/server/routers/account.tsx b/src/server/routers/account.tsx
index 0901957ab..3434fe5b3 100644
--- a/src/server/routers/account.tsx
+++ b/src/server/routers/account.tsx
@@ -4,8 +4,12 @@ import { randomUUID } from 'node:crypto';
 import { z } from 'zod';
 
 import EmailDeleteAccountCode from '@/emails/templates/delete-account-code';
-import EmailAddressChange from '@/emails/templates/email-address-change';
-import { zUserAccount } from '@/features/account/schemas';
+import EmailUpdateAlreadyUsed from '@/emails/templates/email-update-already-used';
+import EmailUpdateCode from '@/emails/templates/email-update-code';
+import {
+  zUserAccount,
+  zUserAccountWithEmail,
+} from '@/features/account/schemas';
 import { zVerificationCodeValidate } from '@/features/auth/schemas';
 import { VALIDATION_TOKEN_EXPIRATION_IN_MINUTES } from '@/features/auth/utils';
 import i18n from '@/lib/i18n/server';
@@ -31,26 +35,8 @@ export const accountRouter = createTRPCRouter({
     .input(z.void())
     .output(zUserAccount())
     .query(async ({ ctx }) => {
-      ctx.logger.info('Getting user');
-      const user = await ctx.db.user.findUnique({
-        where: { id: ctx.user.id },
-        select: {
-          id: true,
-          name: true,
-          email: true,
-          authorizations: true,
-          language: true,
-        },
-      });
-
-      if (!user) {
-        ctx.logger.warn('User not found');
-        throw new TRPCError({
-          code: 'NOT_FOUND',
-        });
-      }
-
-      return user;
+      ctx.logger.info('Return the current user');
+      return ctx.user;
     }),
 
   update: protectedProcedure()
@@ -93,11 +79,7 @@ export const accountRouter = createTRPCRouter({
         tags: ['account'],
       },
     })
-    .input(
-      zUserAccount().pick({
-        email: true,
-      })
-    )
+    .input(zUserAccountWithEmail().pick({ email: true }))
     .output(z.object({ token: z.string() }))
     .mutation(async ({ ctx, input }) => {
       ctx.logger.info('Checking existing email');
@@ -122,6 +104,20 @@ export const accountRouter = createTRPCRouter({
         ctx.logger.warn(
           'Email already used, silent error for security reasons'
         );
+        ctx.logger.info('Send an email to the already used email');
+        await sendEmail({
+          to: input.email,
+          subject: i18n.t('emails:emailUpdateAlreadyUsed.subject', {
+            lng: existingEmail.language,
+          }),
+          template: (
+            <EmailUpdateAlreadyUsed
+              language={existingEmail.language}
+              name={existingEmail.name ?? ''}
+              email={input.email}
+            />
+          ),
+        });
         return {
           token,
         };
@@ -148,11 +144,11 @@ export const accountRouter = createTRPCRouter({
       ctx.logger.info('Sending email with verification code');
       await sendEmail({
         to: input.email,
-        subject: i18n.t('emails:emailAddressChange.subject', {
+        subject: i18n.t('emails:emailUpdate.subject', {
           lng: ctx.user.language,
         }),
         template: (
-          <EmailAddressChange
+          <EmailUpdateCode
             language={ctx.user.language}
             name={ctx.user.name ?? ''}
             code={code.readable}
@@ -218,6 +214,13 @@ export const accountRouter = createTRPCRouter({
     .mutation(async ({ ctx }) => {
       const token = randomUUID();
 
+      if (!ctx.user.email) {
+        throw new TRPCError({
+          code: 'INTERNAL_SERVER_ERROR',
+          message: 'Something went wrong. User has no email.',
+        });
+      }
+
       // We send the email to verify the account before delete.
       ctx.logger.info('Creating code');
       const code = await generateCode();
diff --git a/src/server/routers/auth.tsx b/src/server/routers/auth.tsx
index 86ff1f341..c415ee160 100644
--- a/src/server/routers/auth.tsx
+++ b/src/server/routers/auth.tsx
@@ -1,3 +1,4 @@
+import { User } from '@prisma/client';
 import { TRPCError } from '@trpc/server';
 import dayjs from 'dayjs';
 import { randomUUID } from 'node:crypto';
@@ -6,12 +7,14 @@ import { z } from 'zod';
 import EmailLoginCode from '@/emails/templates/login-code';
 import { EmailLoginNotFound } from '@/emails/templates/login-not-found';
 import EmailRegisterCode from '@/emails/templates/register-code';
+import RegisterEmailAlreadyUsed from '@/emails/templates/register-email-already-used';
+import { zUserAccount } from '@/features/account/schemas';
 import { zVerificationCodeValidate } from '@/features/auth/schemas';
 import {
   VALIDATION_RETRY_DELAY_IN_SECONDS,
   VALIDATION_TOKEN_EXPIRATION_IN_MINUTES,
 } from '@/features/auth/utils';
-import { zUser, zUserAuthorization } from '@/features/users/schemas';
+import { zUserAuthorization, zUserWithEmail } from '@/features/users/schemas';
 import i18n from '@/lib/i18n/server';
 import {
   createSession,
@@ -58,7 +61,7 @@ export const authRouter = createTRPCRouter({
       },
     })
     .input(
-      zUser().pick({
+      zUserWithEmail().pick({
         email: true,
         language: true,
       })
@@ -89,8 +92,23 @@ export const authRouter = createTRPCRouter({
         };
       }
 
+      if (user.accountStatus === 'DISABLED') {
+        throw new TRPCError({
+          code: 'UNAUTHORIZED',
+          message: 'Account is disabled',
+        });
+      }
+
       if (user.accountStatus !== 'ENABLED') {
         ctx.logger.warn('Invalid user, silent error for security reasons');
+
+        await sendEmail({
+          to: input.email,
+          subject: i18n.t('emails:loginNotFound.subject', {
+            lng: input.language,
+          }),
+          template: <EmailLoginNotFound language={input.language} />,
+        });
         return {
           token,
         };
@@ -139,7 +157,7 @@ export const authRouter = createTRPCRouter({
       },
     })
     .input(zVerificationCodeValidate())
-    .output(z.object({ token: z.string() }))
+    .output(z.object({ token: z.string(), account: zUserAccount() }))
     .mutation(async ({ ctx, input }) => {
       const { verificationToken } = await validateCode({
         ctx,
@@ -147,10 +165,12 @@ export const authRouter = createTRPCRouter({
       });
 
       ctx.logger.info('Updating user');
+      let user: User;
       try {
-        await ctx.db.user.update({
+        user = await ctx.db.user.update({
           where: { id: verificationToken.userId, accountStatus: 'ENABLED' },
           data: {
+            isEmailVerified: true,
             lastLoginAt: new Date(),
           },
         });
@@ -168,6 +188,7 @@ export const authRouter = createTRPCRouter({
       const sessionId = await createSession(verificationToken.userId);
 
       return {
+        account: user,
         token: sessionId,
       };
     }),
@@ -202,7 +223,7 @@ export const authRouter = createTRPCRouter({
       },
     })
     .input(
-      zUser().required().pick({
+      zUserWithEmail().required().pick({
         email: true,
         name: true,
         language: true,
@@ -259,6 +280,24 @@ export const authRouter = createTRPCRouter({
         ctx.logger.error(
           'An error occured while creating or updating the user, the address may already exists, silent error for security reasons'
         );
+
+        if (user?.email) {
+          ctx.logger.info('Send an email to the already used email');
+          await sendEmail({
+            to: input.email,
+            subject: i18n.t('emails:registerEmailAlreadyUsed.subject', {
+              lng: user.language,
+            }),
+            template: (
+              <RegisterEmailAlreadyUsed
+                language={user.language}
+                name={user.name ?? ''}
+                email={input.email}
+              />
+            ),
+          });
+        }
+
         return {
           token,
         };
@@ -310,7 +349,7 @@ export const authRouter = createTRPCRouter({
       },
     })
     .input(zVerificationCodeValidate())
-    .output(z.object({ token: z.string() }))
+    .output(z.object({ token: z.string(), account: zUserAccount() }))
     .mutation(async ({ ctx, input }) => {
       const { verificationToken } = await validateCode({
         ctx,
@@ -318,13 +357,15 @@ export const authRouter = createTRPCRouter({
       });
 
       ctx.logger.info('Updating user');
+      let user: User;
       try {
-        await ctx.db.user.update({
+        user = await ctx.db.user.update({
           where: {
             id: verificationToken.userId,
             accountStatus: 'NOT_VERIFIED',
           },
           data: {
+            isEmailVerified: true,
             lastLoginAt: new Date(),
             accountStatus: 'ENABLED',
           },
@@ -343,6 +384,7 @@ export const authRouter = createTRPCRouter({
       const sessionId = await createSession(verificationToken.userId);
 
       return {
+        account: user,
         token: sessionId,
       };
     }),
diff --git a/src/server/routers/users.ts b/src/server/routers/users.ts
index b7d380540..f2833b2c3 100644
--- a/src/server/routers/users.ts
+++ b/src/server/routers/users.ts
@@ -135,7 +135,11 @@ export const usersRouter = createTRPCRouter({
       ctx.logger.info('Creating user');
       try {
         return await ctx.db.user.create({
-          data: input,
+          data: {
+            ...input,
+            accountStatus: 'ENABLED',
+            isEmailVerified: true,
+          },
         });
       } catch (e) {
         throw new ExtendedTRPCError({

From 0cb766320626553564e07c76e26475ddaf20656d Mon Sep 17 00:00:00 2001
From: Renan Decamps <renan.decamps@gmail.com>
Date: Mon, 9 Sep 2024 15:07:42 +0200
Subject: [PATCH 2/2] fix: remove useless function wrapper and add missing word
 in translations

---
 src/features/auth/PageLogout.tsx | 17 ++++-------------
 src/locales/fr/emails.json       |  2 +-
 2 files changed, 5 insertions(+), 14 deletions(-)

diff --git a/src/features/auth/PageLogout.tsx b/src/features/auth/PageLogout.tsx
index f359e3fab..bfe8be7f2 100644
--- a/src/features/auth/PageLogout.tsx
+++ b/src/features/auth/PageLogout.tsx
@@ -24,19 +24,10 @@ export default function PageLogout() {
   const searchParams = useSearchParams();
 
   useEffect(() => {
-    const trigger = async () => {
-      if (isTriggeredRef.current) return;
-      isTriggeredRef.current = true;
-      logout.mutate();
-    };
-    trigger();
-  }, [
-    searchParams,
-    queryCache,
-    router,
-    logout,
-    trpcUtils.auth.checkAuthenticated,
-  ]);
+    if (isTriggeredRef.current) return;
+    isTriggeredRef.current = true;
+    logout.mutate();
+  }, [logout]);
 
   return (
     <Center flex="1">
diff --git a/src/locales/fr/emails.json b/src/locales/fr/emails.json
index f5912b6c9..e771d36d0 100644
--- a/src/locales/fr/emails.json
+++ b/src/locales/fr/emails.json
@@ -46,7 +46,7 @@
   "emailUpdateAlreadyUsed": {
     "hello": "Bonjour {{name}},",
     "ignoreHelper": "Si vous n'avez pas essayé de modifier votre adresse email, vous pouvez ignorer cet email en toute sécurité.",
-    "intro": "Votre {{email}} est déjà utilisé, vous ne pouvez pas l'utiliser pour un autre compte. ",
+    "intro": "Votre email {{email}} est déjà utilisé, vous ne pouvez pas l'utiliser pour un autre compte. ",
     "preview": "Votre email est déjà utilisé par un autre compte",
     "subject": "Vous essayez de mettre à jour votre email ?",
     "title": "Vous essayez de mettre à jour votre email ?"