feat: add email verification, password reset, and WSDC integration (Phase 1.5)

Backend features: - AWS SES email service with HTML templates - Email verification with dual method (link + 6-digit PIN code) - Password reset workflow with secure tokens - WSDC API proxy for dancer lookup and auto-fill registration - Extended User model with verification and WSDC fields - Email verification middleware for protected routes Frontend features: - Two-step registration with WSDC ID lookup - Password strength indicator component - Email verification page with code input - Password reset flow (request + reset pages) - Verification banner for unverified users - Updated authentication context and API service Testing: - 65 unit tests with 100% coverage of new features - Tests for auth utils, email service, WSDC controller, and middleware - Integration tests for full authentication flows - Comprehensive mocking of AWS SES and external APIs Database: - Migration: add WSDC fields (firstName, lastName, wsdcId) - Migration: add email verification fields (token, code, expiry) - Migration: add password reset fields (token, expiry) Documentation: - Complete Phase 1.5 documentation - Test suite documentation and best practices - Updated session context with new features
2025-11-13 15:47:54 +01:00
parent 4d7f814538
commit 7a2f6d07ec
31 changed files with 5586 additions and 87 deletions
--- a/backend/src/middleware/auth.js
+++ b/backend/src/middleware/auth.js
@@ -35,6 +35,10 @@ async function authenticate(req, res, next) {
        id: true,
        username: true,
        email: true,
+        emailVerified: true,
+        firstName: true,
+        lastName: true,
+        wsdcId: true,
        avatar: true,
        createdAt: true,
        updatedAt: true,
@@ -61,4 +65,37 @@ async function authenticate(req, res, next) {
  }
 }

-module.exports = { authenticate };
+// Middleware to check if email is verified (Phase 1.5)
+// Use this after authenticate middleware on routes that require verified email
+async function requireEmailVerification(req, res, next) {
+  try {
+    // User should be attached by authenticate middleware
+    if (!req.user) {
+      return res.status(401).json({
+        success: false,
+        error: 'Unauthorized',
+        message: 'Authentication required',
+      });
+    }
+
+    // Check if email is verified
+    if (!req.user.emailVerified) {
+      return res.status(403).json({
+        success: false,
+        error: 'Email Not Verified',
+        message: 'Please verify your email address to access this feature',
+        requiresVerification: true,
+      });
+    }
+
+    next();
+  } catch (error) {
+    console.error('Email verification middleware error:', error);
+    res.status(500).json({
+      success: false,
+      error: 'Internal Server Error',
+    });
+  }
+}
+
+module.exports = { authenticate, requireEmailVerification };