fix: improve auth

.env.example

@@ -16,7 +16,6 @@ NEXT_PUBLIC_IS_DEMO="false"
 # DATABASE
 DATABASE_URL="postgres://${DOCKER_DATABASE_USERNAME}:${DOCKER_DATABASE_PASSWORD}@localhost:${DOCKER_DATABASE_PORT}/${DOCKER_DATABASE_NAME}"
 
-
 # EMAILS
 EMAIL_SERVER="smtp://username:[email protected]:1025"
 EMAIL_FROM="Start UI <[email protected]>"

CODE_OF_CONDUCT.md

@@ -52,7 +52,7 @@ decisions when appropriate.
 
 This Code of Conduct applies within all community spaces, and also applies when
 an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official e-mail address,
+Examples of representing our community include using an official email address,
 posting via an official social media account, or acting as an appointed
 representative at an online or offline event.
 

e2e/admin.spec.ts

@@ -2,17 +2,13 @@ import { expect, test } from '@playwright/test';
 import { pageUtils } from 'e2e/utils/pageUtils';
 import { ADMIN_EMAIL } from 'e2e/utils/users';
 
-import { env } from '@/env.mjs';
 import { ROUTES_ADMIN } from '@/features/admin/routes';
 
 test.describe('Admin access', () => {
  test(`Redirect to Admin (${ROUTES_ADMIN.root()})`, async ({ page }) => {
  const utils = pageUtils(page);
 
  await utils.loginAdmin({ email: ADMIN_EMAIL });
- await page.waitForURL(
- `${env.NEXT_PUBLIC_BASE_URL}${ROUTES_ADMIN.root()}**`
- );
 
  await expect(page.getByTestId('admin-layout')).toBeVisible();
  });

e2e/register.spec.ts

@@ -8,8 +8,8 @@ import locales from '@/locales';
 
 test.describe('Register flow', () => {
  test('Success flow', async ({ page }) => {
- await page.goto(ROUTES_AUTH.app.register());
- await page.waitForURL(`**${ROUTES_AUTH.app.register()}`);
+ await page.goto(ROUTES_AUTH.register());
+ await page.waitForURL(`**${ROUTES_AUTH.register()}`);
 
  await page.getByLabel('Name').fill('Test user');
  const email = await getRandomEmail();
@@ -18,24 +18,24 @@ test.describe('Register flow', () => {
  .getByRole('button', { name: locales.en.auth.register.actions.create })
  .click();
 
- await page.waitForURL(`**${ROUTES_AUTH.app.register()}/**`);
+ await page.waitForURL(`**${ROUTES_AUTH.register()}/**`);
  await page.getByText('Verification code').fill(VALIDATION_CODE_MOCKED);
  await expect(
  page.getByText(locales.en.auth.data.verificationCode.unknown)
  ).not.toBeVisible();
  });
 
  test('Register with existing email', async ({ page }) => {
- await page.goto(ROUTES_AUTH.app.register());
- await page.waitForURL(`**${ROUTES_AUTH.app.register()}`);
+ await page.goto(ROUTES_AUTH.register());
+ await page.waitForURL(`**${ROUTES_AUTH.register()}`);
 
  await page.getByLabel('Name').fill('Test user');
  await page.getByLabel('Email').fill(USER_EMAIL);
  await page
  .getByRole('button', { name: locales.en.auth.register.actions.create })
  .click();
 
- await page.waitForURL(`**${ROUTES_AUTH.app.register()}/**`);
+ await page.waitForURL(`**${ROUTES_AUTH.register()}/**`);
  await page.getByText('Verification code').fill(VALIDATION_CODE_MOCKED);
  await expect(
  page.getByText(locales.en.auth.data.verificationCode.unknown)
@@ -44,8 +44,8 @@ test.describe('Register flow', () => {
 
  test('Login with a not verified account', async ({ page }) => {
  const utils = pageUtils(page);
- await page.goto(ROUTES_AUTH.app.register());
- await page.waitForURL(`**${ROUTES_AUTH.app.register()}`);
+ await page.goto(ROUTES_AUTH.register());
+ await page.waitForURL(`**${ROUTES_AUTH.register()}`);
 
  const email = await getRandomEmail();
 

e2e/utils/pageUtils.ts

@@ -2,7 +2,6 @@ import { Page } from '@playwright/test';
 
 import { ROUTES_AUTH } from '@/features/auth/routes';
 import { VALIDATION_CODE_MOCKED } from '@/features/auth/utils';
-import type { RouterInputs } from '@/lib/trpc/types';
 import locales from '@/locales';
 
 /**
@@ -25,9 +24,9 @@ export const pageUtils = (page: Page) => {
  /**
  * Utility used to authenticate a user on the app
  */
- async loginApp(input: RouterInputs['auth']['login'] & { code?: string }) {
- await page.goto(ROUTES_AUTH.app.login());
- await page.waitForURL(`**${ROUTES_AUTH.app.login()}`);
+ async loginApp(input: { email: string; code?: string }) {
+ await page.goto(ROUTES_AUTH.login());
+ await page.waitForURL(`**${ROUTES_AUTH.login()}`);
 
  await page
  .getByPlaceholder(locales.en.auth.data.email.label)
@@ -36,7 +35,7 @@ export const pageUtils = (page: Page) => {
  .getByRole('button', { name: locales.en.auth.login.actions.login })
  .click();
 
- await page.waitForURL(`**${ROUTES_AUTH.app.login()}/**`);
+ await page.waitForURL(`**${ROUTES_AUTH.login()}/**`);
  await page
  .getByText('Verification code')
  .fill(input.code ?? VALIDATION_CODE_MOCKED);
@@ -45,9 +44,9 @@ export const pageUtils = (page: Page) => {
  /**
  * Utility used to authenticate an admin on the app
  */
- async loginAdmin(input: RouterInputs['auth']['login'] & { code?: string }) {
- await page.goto(ROUTES_AUTH.admin.login());
- await page.waitForURL(`**${ROUTES_AUTH.admin.login()}`);
+ async loginAdmin(input: { email: string; code?: string }) {
+ await page.goto(ROUTES_AUTH.login());
+ await page.waitForURL(`**${ROUTES_AUTH.login()}`);
 
  await page
  .getByPlaceholder(locales.en.auth.data.email.label)
@@ -56,7 +55,7 @@ export const pageUtils = (page: Page) => {
  .getByRole('button', { name: locales.en.auth.login.actions.login })
  .click();
 
- await page.waitForURL(`**${ROUTES_AUTH.admin.login()}/**`);
+ await page.waitForURL(`**${ROUTES_AUTH.login()}/**`);
  await page
  .getByText('Verification code')
  .fill(input.code ?? VALIDATION_CODE_MOCKED);

prisma/schema/user.prisma

@@ -1,9 +1,9 @@
 enum AccountStatus {
- // User has registered and verified their email
+ // User has registered and verified
  ENABLED
  // User has been disabled and can't login anymore
  DISABLED
- // User did register, but has not verified their email yet.
+ // User did register, but has not been verified
  NOT_VERIFIED
 }
 
@@ -13,15 +13,16 @@ enum UserRole {
 }
 
 model User {
- id String @id @default(cuid())
- createdAt DateTime @default(now())
- updatedAt DateTime @updatedAt
- name String?
- email String @unique
- accountStatus AccountStatus @default(NOT_VERIFIED)
- image String?
- authorizations UserRole[] @default([APP])
- language String @default("en")
- lastLoginAt DateTime?
- session Session[]
+ id String @id @default(cuid())
+ createdAt DateTime @default(now())
+ updatedAt DateTime @updatedAt
+ name String?
+ email String? @unique
+ isEmailVerified Boolean @default(false)
+ accountStatus AccountStatus @default(NOT_VERIFIED)
+ image String?
+ authorizations UserRole[] @default([APP])
+ language String @default("en")
+ lastLoginAt DateTime?
+ session Session[]
 }

src/app/admin/(authenticated)/layout.tsx

@@ -13,7 +13,7 @@ export default function AuthenticatedLayout({
  <Suspense>
  <GuardAuthenticated
  authorizations={['ADMIN']}
- loginPath={ROUTES_AUTH.admin.login()}
+ loginPath={ROUTES_AUTH.login()}
  >
  <AdminLayout>{children}</AdminLayout>
  </GuardAuthenticated>

src/app/app/(authenticated)/layout.tsx

@@ -13,7 +13,7 @@ export default function AuthenticatedLayout({
  <Suspense>
  <GuardAuthenticated
  authorizations={['APP']}
- loginPath={ROUTES_AUTH.app.login()}
+ loginPath={ROUTES_AUTH.login()}
  >
  <AppLayout>{children}</AppLayout>
  </GuardAuthenticated>

src/emails/templates/email-update-already-used.tsx

@@ -0,0 +1,47 @@
+import { Container, Heading, Section, Text } from '@react-email/components';
+
+import { Footer } from '@/emails/components/Footer';
+import { Layout } from '@/emails/components/Layout';
+import { styles } from '@/emails/styles';
+import i18n from '@/lib/i18n/server';
+
+type EmailUpdateAlreadyUsedProps = {
+ language: string;
+ name: string;
+ email: string;
+};
+
+export const EmailUpdateAlreadyUsed = ({
+ language,
+ name,
+ email,
+}: EmailUpdateAlreadyUsedProps) => {
+ i18n.changeLanguage(language);
+ return (
+ <Layout
+ preview={i18n.t('emails:emailUpdateAlreadyUsed.preview')}
+ language={language}
+ >
+ <Container style={styles.container}>
+ <Heading style={styles.h1}>
+ {i18n.t('emails:emailUpdateAlreadyUsed.title')}
+ </Heading>
+ <Section style={styles.section}>
+ <Text style={styles.text}>
+ {i18n.t('emails:emailUpdateAlreadyUsed.hello', {
+ name,
+ })}
+ <br />
+ {i18n.t('emails:emailUpdateAlreadyUsed.intro', { email })}
+ </Text>
+ <Text style={styles.textMuted}>
+ {i18n.t('emails:emailUpdateAlreadyUsed.ignoreHelper')}
+ </Text>
+ </Section>
+ <Footer />
+ </Container>
+ </Layout>
+ );
+};
+
+export default EmailUpdateAlreadyUsed;

src/emails/templates/email-address-change.tsx → src/emails/templates/email-update-code.tsx

@@ -6,40 +6,37 @@ import { styles } from '@/emails/styles';
 import { VALIDATION_TOKEN_EXPIRATION_IN_MINUTES } from '@/features/auth/utils';
 import i18n from '@/lib/i18n/server';
 
-type EmailAddressChangeProps = {
+type EmailUpdateCodeProps = {
  language: string;
  name: string;
  code: string;
 };
 
-export const EmailAddressChange = ({
+export const EmailUpdateCode = ({
  language,
  name,
  code,
-}: EmailAddressChangeProps) => {
+}: EmailUpdateCodeProps) => {
  i18n.changeLanguage(language);
  return (
- <Layout
- preview={i18n.t('emails:emailAddressChange.preview')}
- language={language}
- >
+ <Layout preview={i18n.t('emails:emailUpdate.preview')} language={language}>
  <Container style={styles.container}>
  <Heading style={styles.h1}>
- {i18n.t('emails:emailAddressChange.title')}
+ {i18n.t('emails:emailUpdate.title')}
  </Heading>
  <Section style={styles.section}>
  <Text style={styles.text}>
- {i18n.t('emails:emailAddressChange.hello', { name: name ?? '' })}
+ {i18n.t('emails:emailUpdate.hello', { name: name ?? '' })}
  <br />
- {i18n.t('emails:emailAddressChange.intro')}
+ {i18n.t('emails:emailUpdate.intro')}
  </Text>
  <Text style={styles.code}>{code}</Text>
  <Text style={styles.textMuted}>
- {i18n.t('emails:emailAddressChange.validityTime', {
+ {i18n.t('emails:emailUpdate.validityTime', {
  expiration: VALIDATION_TOKEN_EXPIRATION_IN_MINUTES,
  })}
  <br />
- {i18n.t('emails:emailAddressChange.ignoreHelper')}
+ {i18n.t('emails:emailUpdate.ignoreHelper')}
  </Text>
  </Section>
  <Footer />
@@ -48,4 +45,4 @@ export const EmailAddressChange = ({
  );
 };
 
-export default EmailAddressChange;
+export default EmailUpdateCode;