all repos

onasty @ d309c75

a one-time notes service
6 files changed, 30 insertions(+), 35 deletions(-) 
refactor: require only email for resending verification email (#165)

* refactor(api): require only email to resend verification email

* refactor(web): upgrade to new api requirements

* test: fix e2e api tests for new requirements
Author: Olexandr Smirnov ss2316544@gmail.com
Committed by: GitHub noreply@github.com
Committed at: 2025-07-10 18:37:54 +0300
Parent: 4137dee
jump to
M e2e/apiv1_auth_test.go
M internal/dtos/user.go
M internal/service/usersrv/usersrv.go
M internal/transport/http/apiv1/auth.go
M web/src/Api/Auth.elm
M web/src/Pages/Auth.elm
M e2e/apiv1_auth_test.go 
@@ -97,6 +97,10 @@ user = e.getLastUserByEmail(email)
 	e.Equal(user.Activated, true)
 }
 
+type apiv1AuthResendVerificationEmailRequest struct {
+	Email string `json:"email"`
+}
+
 func (e *AppTestSuite) TestAuthV1_ResendVerificationEmail() {
 	email, password := e.uuid()+"email@email.com", e.uuid()
 

@@ -116,9 +120,8 @@ // handle sending of the email
 	httpResp := e.httpRequest(
 		http.MethodPost,
 		"/api/v1/auth/resend-verification-email",
-		e.jsonify(apiv1AuthSignInRequest{
-			Email:    email,
-			Password: password,
+		e.jsonify(apiv1AuthResendVerificationEmailRequest{
+			Email: email,
 		}),
 	)
 

@@ -133,23 +136,20 @@
 	tests := []struct {
 		name         string
 		email        string
-		password     string
 		expectedCode int
 		expectedMsg  string
 	}{
 		{
-			name:         "already activated account",
+			name:         "already verified account",
 			email:        email,
-			password:     password,
 			expectedCode: http.StatusBadRequest,
 			expectedMsg:  models.ErrUserIsAlreadyVerified.Error(),
 		},
 		{
-			name:         "wrong credentials",
-			email:        email,
-			password:     e.uuid(),
+			name:         "user not found",
+			email:        e.uuid() + "@at.com",
 			expectedCode: http.StatusBadRequest,
-			expectedMsg:  models.ErrUserWrongCredentials.Error(),
+			expectedMsg:  models.ErrUserNotFound.Error(),
 		},
 	}
 

@@ -157,9 +157,8 @@ for _, t := range tests {
 		httpResp := e.httpRequest(
 			http.MethodPost,
 			"/api/v1/auth/resend-verification-email",
-			e.jsonify(apiv1AuthSignInRequest{
-				Email:    t.email,
-				Password: t.password,
+			e.jsonify(apiv1AuthResendVerificationEmailRequest{
+				Email: t.email,
 			}))
 
 		e.Equal(httpResp.Code, t.expectedCode)
M internal/dtos/user.go 
@@ -16,6 +16,10 @@ Email    string
 	Password string
 }
 
+type ResendVerificationEmail struct {
+	Email string
+}
+
 type ChangeUserPassword struct {
 	CurrentPassword string
 	NewPassword     string
M internal/service/usersrv/usersrv.go 
@@ -37,7 +37,7 @@ GetOAuthURL(providerName string) (dtos.OAuthRedirect, error)
 	HandleOAuthLogin(ctx context.Context, providerName, code string) (dtos.Tokens, error)
 
 	Verify(ctx context.Context, verificationKey string) error
-	ResendVerificationEmail(ctx context.Context, credentials dtos.SignIn) error
+	ResendVerificationEmail(ctx context.Context, inp dtos.ResendVerificationEmail) error
 
 	ParseJWTToken(token string) (jwtutil.Payload, error)
 

@@ -297,14 +297,13 @@
 	return u.userstore.MarkUserAsActivated(ctx, uid)
 }
 
-func (u *UserSrv) ResendVerificationEmail(ctx context.Context, inp dtos.SignIn) error {
+func (u *UserSrv) ResendVerificationEmail(
+	ctx context.Context,
+	inp dtos.ResendVerificationEmail,
+) error {
 	user, err := u.userstore.GetByEmail(ctx, inp.Email)
 	if err != nil {
 		return err
-	}
-
-	if err = u.hasher.Compare(user.Password, inp.Password); err != nil {
-		return models.ErrUserWrongCredentials
 	}
 
 	if user.Activated {
M internal/transport/http/apiv1/auth.go 
@@ -97,8 +97,12 @@
 	c.String(http.StatusOK, "email verified")
 }
 
+type resendVerificationEmailRequest struct {
+	Email string `json:"email"`
+}
+
 func (a *APIV1) resendVerificationEmailHandler(c *gin.Context) {
-	var req signInRequest
+	var req resendVerificationEmailRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		newError(c, http.StatusBadRequest, "invalid request")
 		return

@@ -106,9 +110,8 @@ }
 
 	if err := a.usersrv.ResendVerificationEmail(
 		c.Request.Context(),
-		dtos.SignIn{
-			Email:    req.Email,
-			Password: req.Password,
+		dtos.ResendVerificationEmail{
+			Email: req.Email,
 		}); err != nil {
 		errorResponse(c, err)
 		return
M web/src/Api/Auth.elm 
@@ -75,20 +75,11 @@ , decoder = Credentials.decode
         }
 
 
-resendVerificationEmail :
-    { onResponse : Result Api.Error () -> msg
-    , email : String
-    , password : String
-    }
-    -> Effect msg
+resendVerificationEmail : { onResponse : Result Api.Error () -> msg, email : String } -> Effect msg
 resendVerificationEmail options =
     let
-        body : Encode.Value
         body =
-            Encode.object
-                [ ( "email", Encode.string options.email )
-                , ( "password", Encode.string options.password )
-                ]
+            Encode.object [ ( "email", Encode.string options.email ) ]
     in
     Effect.sendApiRequest
         { endpoint = "/api/v1/auth/resend-verification-email"
M web/src/Pages/Auth.elm 
@@ -124,7 +124,6 @@ ( { model | lastClicked = model.now }
             , Api.Auth.resendVerificationEmail
                 { onResponse = ApiResendVerificationEmail
                 , email = model.email
-                , password = model.password
                 }
             )