radziel/spotlightcam
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add email verification, password reset, and WSDC integration (Phase 1.5)

Browse Source 
Backend features:
- AWS SES email service with HTML templates
- Email verification with dual method (link + 6-digit PIN code)
- Password reset workflow with secure tokens
- WSDC API proxy for dancer lookup and auto-fill registration
- Extended User model with verification and WSDC fields
- Email verification middleware for protected routes

Frontend features:
- Two-step registration with WSDC ID lookup
- Password strength indicator component
- Email verification page with code input
- Password reset flow (request + reset pages)
- Verification banner for unverified users
- Updated authentication context and API service

Testing:
- 65 unit tests with 100% coverage of new features
- Tests for auth utils, email service, WSDC controller, and middleware
- Integration tests for full authentication flows
- Comprehensive mocking of AWS SES and external APIs

Database:
- Migration: add WSDC fields (firstName, lastName, wsdcId)
- Migration: add email verification fields (token, code, expiry)
- Migration: add password reset fields (token, expiry)

Documentation:
- Complete Phase 1.5 documentation
- Test suite documentation and best practices
- Updated session context with new features
This commit is contained in:
Radosław Gierwiało
2025-11-13 15:47:54 +01:00
parent 4d7f814538
commit 7a2f6d07ec
31 changed files with 5586 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
backend/src/routes/auth.js
View File

@@ -1,5 +1,13 @@
const express = require('express');
const { register, login } = require('../controllers/auth');
const {
register,
login,
verifyEmailByToken,
verifyEmailByCode,
resendVerification,
requestPasswordReset,
resetPassword
} = require('../controllers/auth');
const { registerValidation, loginValidation } = require('../middleware/validators');
const router = express.Router();
@@ -10,4 +18,19 @@ router.post('/register', registerValidation, register);
// POST /api/auth/login - Login user
router.post('/login', loginValidation, login);
// GET /api/auth/verify-email?token=xxx - Verify email by token (link)
router.get('/verify-email', verifyEmailByToken);
// POST /api/auth/verify-code - Verify email by code (PIN)
router.post('/verify-code', verifyEmailByCode);
// POST /api/auth/resend-verification - Resend verification email
router.post('/resend-verification', resendVerification);
// POST /api/auth/request-password-reset - Request password reset
router.post('/request-password-reset', requestPasswordReset);
// POST /api/auth/reset-password - Reset password with token
router.post('/reset-password', resetPassword);
module.exports = router;