fix: email verification

virtual-designer · web-flow · commit cd81d247eb5c · 2024-06-10T16:31:53.000Z
diff --git a/src/main/typescript/api/controllers/VerificationController.ts b/src/main/typescript/api/controllers/VerificationController.ts
@@ -436,7 +436,9 @@ class VerificationController extends Controller {
             !entry.metadata ||
             typeof entry.metadata !== "object" ||
             !("emailToken" in entry.metadata) ||
-            entry.metadata.emailToken !== emailToken
+            entry.metadata.emailToken !== emailToken ||
+            !("email" in entry.metadata) ||
+            entry.metadata.email !== email
         ) {
             return new Response({
                 status: 403,
@@ -448,10 +450,11 @@ class VerificationController extends Controller {
             .service("verificationService")
             .verifyWithEntry(entry, {
                 email,
+                emailToken,
                 method: VerificationMethod.EMAIL
             });
 
-        if (!result) {
+        if (!result || result.error === "invalid_email") {
             return new Response({
                 status: 403,
                 body: { error: "We're unable to verify you, please try again." }
diff --git a/src/main/typescript/automod/VerificationService.ts b/src/main/typescript/automod/VerificationService.ts
@@ -199,11 +199,32 @@ class VerificationService extends Service {
             return null;
         }
 
+        if (payload.method === VerificationMethod.EMAIL) {
+            if (
+                typeof entry.metadata !== "object" ||
+                !entry.metadata ||
+                !("email" in entry.metadata) ||
+                !("emailToken" in entry.metadata) ||
+                entry.metadata.email !== payload.email ||
+                entry.metadata.emailToken !== payload.emailToken
+            ) {
+                return {
+                    error: "invalid_email"
+                };
+            }
+
+            if (payload.emailToken) {
+                delete payload.emailToken;
+            }
+        }
+
         const existingRecord = await this.application.prisma.verificationRecord.findFirst({
             where: {
                 guildId: guild.id,
                 userId: entry.userId,
-                ...payload
+                ...(payload as {
+                    email?: string;
+                })
             }
         });
 
@@ -309,6 +330,7 @@ export type VerificationPayload = {
     googleId?: string;
     discordId?: string;
     email?: string;
+    emailToken?: string;
     method: VerificationMethod;
 };
 
