fix(signup): correctly verify email when using invitation (NangoHQ#2548)

## Describe your changes - Set email as verified when signing up with an invitation - Clarify method signature
hassan254-prog · Jul 25, 2024 · 13c837c · 13c837c
1 parent a4a43a7
commit 13c837c
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 11 deletions.
diff --git a/packages/server/lib/controllers/v1/account/managed/getCallback.ts b/packages/server/lib/controllers/v1/account/managed/getCallback.ts
@@ -101,7 +101,12 @@ export const getManagedCallback = asyncWrapper<GetManagedCallback>(async (req, r
         }
 
         // Create a user
-        user = await userService.createUser(authorizedUser.email, name, '', '', accountId);
+        user = await userService.createUser({
+            email: authorizedUser.email,
+            name,
+            account_id: accountId,
+            email_verified: true
+        });
         if (!user) {
             res.status(500).send({ error: { code: 'error_creating_user', message: 'There was a problem creating the user. Please reach out to support.' } });
             return;

diff --git a/packages/server/lib/controllers/v1/account/signup.ts b/packages/server/lib/controllers/v1/account/signup.ts
@@ -92,7 +92,14 @@ export const signup = asyncWrapper<PostSignup>(async (req, res) => {
     // Create user
     const salt = crypto.randomBytes(16).toString('base64');
     const hashedPassword = (await util.promisify(crypto.pbkdf2)(password, salt, 310000, 32, 'sha256')).toString('base64');
-    const user = await userService.createUser(email, name, hashedPassword, salt, account.id, false);
+    const user = await userService.createUser({
+        email,
+        name,
+        hashed_password: hashedPassword,
+        salt,
+        account_id: account.id,
+        email_verified: token ? true : false
+    });
     if (!user) {
         res.status(500).send({ error: { code: 'error_creating_user', message: 'There was a problem creating the user. Please reach out to support.' } });
         return;

diff --git a/packages/shared/lib/seeders/user.seeder.ts b/packages/shared/lib/seeders/user.seeder.ts
@@ -11,7 +11,14 @@ export async function seedUser(accountId: number): Promise<User> {
     const salt = crypto.randomBytes(16).toString('base64');
     const hashedPassword = (await promisePdkdf2(uniqueId, salt, 310000, 32, 'sha256')).toString('base64');
 
-    const user = await userService.createUser(`${uniqueId}@example.com`, uniqueId, hashedPassword, salt, accountId);
+    const user = await userService.createUser({
+        email: `${uniqueId}@example.com`,
+        name: uniqueId,
+        hashed_password: hashedPassword,
+        salt,
+        account_id: accountId,
+        email_verified: false
+    });
     if (!user) {
         throw new Error('Failed to create user');
     }

diff --git a/packages/shared/lib/services/user.service.ts b/packages/shared/lib/services/user.service.ts
@@ -95,14 +95,21 @@ class UserService {
         return result || null;
     }
 
-    async createUser(
-        email: string,
-        name: string,
-        hashed_password: string,
-        salt: string,
-        account_id: number,
-        email_verified: boolean = true
-    ): Promise<User | null> {
+    async createUser({
+        email,
+        name,
+        hashed_password = '',
+        salt = '',
+        account_id,
+        email_verified
+    }: {
+        email: string;
+        name: string;
+        hashed_password?: string;
+        salt?: string;
+        account_id: number;
+        email_verified: boolean;
+    }): Promise<User | null> {
         const expires_at = new Date(new Date().getTime() + VERIFICATION_EMAIL_EXPIRATION);
         const result: Pick<User, 'id'>[] = await db.knex
             .from<User>('_nango_users')