search

StefanPenchev05 / MyClothesV2

Welcome to MyClothes, where creativity meets fashion! This application provides a platform for designers to showcase their clothing products, receive feedback through comments and likes, engage in real-time chat, and even get hired by clients who love their work.
MIT License
0 stars 0 forks source link

Implement Email Verification during User Registration #23

Closed StefanPenchev05 closed 4 months ago

StefanPenchev05 commented 4 months ago

As part of our user registration process, we need to implement an email verification step to ensure that users provide a valid email address and that they have access to it.

Tasks:

  1. Generate a unique token for each new user during registration.
  2. Temporarily store the user's data and the token in a cache or a temporary collection in the database.
  3. Send an email to the user with a verification link. The link should include the token as a query parameter.
  4. When the user clicks the verification link, validate the token, move the user's data from the temporary storage to the actual user collection, and mark the user's email as verified.
  5. If the user does not click the verification link within 15 minutes, the token should expire and the user's data should be removed from the temporary storage.

Acceptance Criteria:

A user should not be able to complete registration without verifying their email. A user should receive a clear message if their verification link is invalid or expired. The system should handle the scenario where the email sending fails.

Estimated Time:

5 days

Dependencies:

Nodemailer for sending emails, Mongo for temporary storage(Implement logic like in Redis) and using uuid for unique number stored in TempMemory in Mongo

StefanPenchev05 commented 4 months ago

They may be a room for improvements in emailServices.js. For now I will leave it as it is, in the future can be made a better html for the client and enhancement for error handling

StefanPenchev05 commented 4 months ago

Tomorrow will make:

  1. Validations if the user try to make another request for verification before the time expires.
  2. Verify end point - save user information and redirect him to user settings where he can add other data
StefanPenchev05 commented 4 months ago

Things to do tomorrow

  1. Middleware to check if the ip has already been made the request for verification before his 15 minutes are up(security)
  2. Feature for suggesting a name, it will not suggest names in the tempData, it is possible bug
  3. Finally, web socket when the user verified himself to redirect him to the window which is waiting for validation and return verified