db(couchdb): auto-provision databases on startup for production strategy; add TokenService with CouchDB-backed token storage and localStorage fallback; switch OAuth to unified config for client IDs and redirect URI; express Request typing for req.user; align exportAsEnvVars with show-config expectations; remove Vite importmap from index.html; prefer babel-jest over ts-jest; remove duplicate uuid mocking from Jest config

2025-09-09 12:30:38 -07:00
parent 062e0973c1
commit 15170a4f43
17 changed files with 1097 additions and 67 deletions
--- a/services/auth/emailVerification.service.ts
+++ b/services/auth/emailVerification.service.ts
@@ -3,6 +3,7 @@ import { EmailVerificationToken, AuthenticatedUser } from './auth.types';
 import { mailgunService } from '../mailgun.service';
 import { AccountStatus } from './auth.constants';
 import { databaseService } from '../database';
+import { tokenService } from './token.service';

 const TOKEN_EXPIRY_HOURS = 24;

@@ -21,12 +22,8 @@ export class EmailVerificationService {
      expiresAt,
    };

-    // Store token in localStorage for demo (in production, save to database)
-    const tokens = JSON.parse(
-      localStorage.getItem('verification_tokens') || '[]'
-    );
-    tokens.push(verificationToken);
-    localStorage.setItem('verification_tokens', JSON.stringify(tokens));
+    // Persist verification token via TokenService
+    await tokenService.saveVerificationToken(verificationToken);

    // Send verification email via Mailgun
    if (user.email) {
@@ -45,13 +42,7 @@ export class EmailVerificationService {
  async validateVerificationToken(
    token: string
  ): Promise<AuthenticatedUser | null> {
-    // Get tokens from localStorage
-    const tokens = JSON.parse(
-      localStorage.getItem('verification_tokens') || '[]'
-    );
-    const verificationToken = tokens.find(
-      (t: EmailVerificationToken) => t.token === token
-    );
+    const verificationToken = await tokenService.findVerificationToken(token);

    if (!verificationToken) {
      return null;
@@ -78,14 +69,8 @@ export class EmailVerificationService {

    await databaseService.updateUser(updatedUser);

-    // Remove used token
-    const tokens = JSON.parse(
-      localStorage.getItem('verification_tokens') || '[]'
-    );
-    const filteredTokens = tokens.filter(
-      (t: EmailVerificationToken) => t.userId !== user._id
-    );
-    localStorage.setItem('verification_tokens', JSON.stringify(filteredTokens));
+    // Remove used token(s) for this user
+    await tokenService.deleteVerificationTokensForUser(user._id);
  }

  async sendPasswordResetEmail(email: string, token: string): Promise<boolean> {