[TM-1677] Implement user verification BE

apps/user-service/src/app.module.ts

@@ -9,17 +9,20 @@ import { SentryGlobalFilter, SentryModule } from "@sentry/nestjs/setup";
 import { APP_FILTER } from "@nestjs/core";
 import { ResetPasswordController } from "./auth/reset-password.controller";
 import { ResetPasswordService } from "./auth/reset-password.service";
+import { VerificationUserController } from "./auth/verification-user.controller";
+import { VerificationUserService } from "./auth/verification-user.service";
 
 @Module({
   imports: [SentryModule.forRoot(), DatabaseModule, CommonModule, HealthModule],
-  controllers: [LoginController, UsersController, ResetPasswordController],
+  controllers: [LoginController, UsersController, ResetPasswordController, VerificationUserController],
   providers: [
     {
       provide: APP_FILTER,
       useClass: SentryGlobalFilter
     },
     AuthService,
-    ResetPasswordService
+    ResetPasswordService,
+    VerificationUserService
   ]
 })
 export class AppModule {}

apps/user-service/src/auth/dto/verification-user-request.dto.ts

@@ -0,0 +1,8 @@
+import { ApiProperty } from "@nestjs/swagger";
+import { IsNotEmpty } from "class-validator";
+
+export class VerificationUserRequest {
+  @IsNotEmpty()
+  @ApiProperty()
+  token: string;
+}

apps/user-service/src/auth/dto/verification-user-response.dto.ts

@@ -0,0 +1,9 @@
+import { JsonApiDto } from "@terramatch-microservices/common/decorators";
+import { JsonApiAttributes } from "@terramatch-microservices/common/dto/json-api-attributes";
+import { ApiProperty } from "@nestjs/swagger";
+
+@JsonApiDto({ type: "verifications", id: "uuid" })
+export class VerificationUserResponseDto extends JsonApiAttributes<VerificationUserResponseDto> {
+  @ApiProperty()
+  verified: boolean;
+}

apps/user-service/src/auth/verification-user.controller.spec.ts

@@ -0,0 +1,53 @@
+import { Test, TestingModule } from "@nestjs/testing";
+import { createMock, DeepMocked } from "@golevelup/ts-jest";
+import { NotFoundException } from "@nestjs/common";
+import { faker } from "@faker-js/faker";
+import { VerificationUserController } from "./verification-user.controller";
+import { VerificationUserService } from "./verification-user.service";
+
+describe("VerificationUserController", () => {
+  let controller: VerificationUserController;
+  let verificationUserService: DeepMocked<VerificationUserService>;
+
+  beforeEach(async () => {
+    const module: TestingModule = await Test.createTestingModule({
+      controllers: [VerificationUserController],
+      providers: [
+        {
+          provide: VerificationUserService,
+          useValue: (verificationUserService = createMock<VerificationUserService>())
+        }
+      ]
+    }).compile();
+
+    controller = module.get<VerificationUserController>(VerificationUserController);
+  });
+
+  afterEach(() => {
+    jest.restoreAllMocks();
+  });
+
+  it("should successfully verify a user when token is valid", async () => {
+    const uuid = faker.string.uuid();
+    verificationUserService.verify.mockResolvedValue({ uuid, isVerified: true });
+
+    const result = await controller.verifyUser({ token: "my token" });
+    expect(result).toMatchObject({
+      data: { id: uuid, type: "verifications", attributes: { verified: true } }
+    });
+  });
+
+  it("should throw NotFoundException if verification is not found", async () => {
+    verificationUserService.verify.mockRejectedValue(new NotFoundException("Verification not found"));
+
+    await expect(controller.verifyUser({ token: "my token" })).rejects.toThrow(
+      new NotFoundException("Verification not found")
+    );
+  });
+
+  it("should throw NotFoundException if user is not found", async () => {
+    verificationUserService.verify.mockRejectedValue(new NotFoundException("User not found"));
+
+    await expect(controller.verifyUser({ token: "my token" })).rejects.toThrow(new NotFoundException("User not found"));
+  });
+});

apps/user-service/src/auth/verification-user.controller.ts

@@ -0,0 +1,28 @@
+import { Controller, Body, Post, HttpStatus, BadRequestException } from "@nestjs/common";
+import { ApiOperation } from "@nestjs/swagger";
+import { ExceptionResponse, JsonApiResponse } from "@terramatch-microservices/common/decorators";
+import { buildJsonApi, JsonApiDocument } from "@terramatch-microservices/common/util";
+import { VerificationUserService } from "./verification-user.service";
+import { VerificationUserRequest } from "./dto/verification-user-request.dto";
+import { VerificationUserResponseDto } from "./dto/verification-user-response.dto";
+import { NoBearerAuth } from "@terramatch-microservices/common/guards";
+
+@Controller("auth/v3/verifications")
+export class VerificationUserController {
+  constructor(private readonly verificationUserService: VerificationUserService) {}
+
+  @Post()
+  @NoBearerAuth
+  @ApiOperation({
+    operationId: "verifyUser",
+    description: "Receive a token to verify a user and return the verification status"
+  })
+  @JsonApiResponse({ status: HttpStatus.CREATED, data: { type: VerificationUserResponseDto } })
+  @ExceptionResponse(BadRequestException, { description: "Invalid request" })
+  async verifyUser(@Body() { token }: VerificationUserRequest): Promise<JsonApiDocument> {
+    const { uuid, isVerified } = await this.verificationUserService.verify(token);
+    return buildJsonApi()
+      .addData(uuid, new VerificationUserResponseDto({ verified: isVerified }))
+      .document.serialize();
+  }
+}

apps/user-service/src/auth/verification-user.service.spec.ts

@@ -0,0 +1,47 @@
+import { Test, TestingModule } from "@nestjs/testing";
+import { User, Verification } from "@terramatch-microservices/database/entities";
+import { NotFoundException } from "@nestjs/common";
+import { VerificationUserService } from "./verification-user.service";
+import { UserFactory } from "@terramatch-microservices/database/factories";
+import { VerificationFactory } from "@terramatch-microservices/database/factories/verification.factory";
+
+describe("VerificationUserService", () => {
+  let service: VerificationUserService;
+
+  beforeEach(async () => {
+    const module: TestingModule = await Test.createTestingModule({
+      providers: [VerificationUserService]
+    }).compile();
+
+    service = module.get<VerificationUserService>(VerificationUserService);
+  });
+
+  afterEach(() => {
+    jest.restoreAllMocks();
+  });
+
+  it("should throw when user is not found", async () => {
+    jest.spyOn(User, "findOne").mockImplementation(() => Promise.resolve(null));
+    await expect(service.verify("my token")).rejects.toThrow(NotFoundException);
+  });
+
+  it("should throw when verification is not found", async () => {
+    const user = await UserFactory.create();
+    jest.spyOn(User, "findOne").mockImplementation(() => Promise.resolve(user));
+    jest.spyOn(Verification, "findOne").mockImplementation(() => Promise.resolve(null));
+    await expect(service.verify("my token")).rejects.toThrow(NotFoundException);
+  });
+
+  it("should verify an user", async () => {
+    const user = await UserFactory.create();
+    const verification = await VerificationFactory.create({ userId: user.id });
+    verification.user = user;
+    jest.spyOn(Verification, "findOne").mockImplementation(() => Promise.resolve(verification));
+    const destroySpy = jest.spyOn(verification, "destroy").mockResolvedValue();
+
+    const result = await service.verify(verification.token);
+    expect(user.emailAddressVerifiedAt).toBeDefined();
+    expect(destroySpy).toHaveBeenCalled();
+    expect(result).toStrictEqual({ uuid: user.uuid, isVerified: true });
+  });
+});

apps/user-service/src/auth/verification-user.service.ts

@@ -0,0 +1,27 @@
+import { Injectable, NotFoundException, LoggerService } from "@nestjs/common";
+import { TMLogService } from "@terramatch-microservices/common/util/tm-log.service";
+import { Verification } from "@terramatch-microservices/database/entities/verification.entity";
+
+@Injectable()
+export class VerificationUserService {
+  protected readonly logger: LoggerService = new TMLogService(VerificationUserService.name);
+
+  async verify(token: string) {
+    const verification = await Verification.findOne({
+      where: { token },
+      include: [{ association: "user", attributes: ["id", "uuid", "emailAddressVerifiedAt"] }]
+    });
+
+    if (verification?.user == null) throw new NotFoundException("Verification token invalid");
+    const user = verification.user;
+    try {
+      user.emailAddressVerifiedAt = new Date();
+      await user.save();
+      await verification.destroy();
+      return { uuid: user.uuid, isVerified: true };
+    } catch (error) {
+      this.logger.error(error);
+      return { uuid: user.uuid, isVerified: false };
+    }
+  }
+}

libs/database/src/lib/entities/index.ts

@@ -35,3 +35,4 @@ export * from "./site-report.entity";
 export * from "./tree-species.entity";
 export * from "./tree-species-research.entity";
 export * from "./user.entity";
+export * from "./verification.entity";

libs/database/src/lib/entities/verification.entity.ts

@@ -0,0 +1,21 @@
+import { AutoIncrement, BelongsTo, Column, ForeignKey, Model, PrimaryKey, Table } from "sequelize-typescript";
+import { BIGINT, STRING } from "sequelize";
+import { User } from "./user.entity";
+
+@Table({ tableName: "verifications", underscored: true })
+export class Verification extends Model<Verification> {
+  @PrimaryKey
+  @AutoIncrement
+  @Column(BIGINT.UNSIGNED)
+  override id: number;
+
+  @Column(STRING)
+  token: string | null;
+
+  @ForeignKey(() => User)
+  @Column(BIGINT.UNSIGNED)
+  userId: number;
+
+  @BelongsTo(() => User)
+  user: User | null;
+}

libs/database/src/lib/factories/verification.factory.ts

@@ -0,0 +1,8 @@
+import { FactoryGirl } from "factory-girl-ts";
+import { faker } from "@faker-js/faker";
+import { Verification } from "../entities";
+
+export const VerificationFactory = FactoryGirl.define(Verification, async () => ({
+  token: faker.lorem.word(),
+  userId: faker.number
+}));