change logic

2025-08-12 17:37:32 +00:00 · 2025-05-26 08:57:13 +02:00
parent 0af7185a90
commit 8204312892
10 changed files with 71 additions and 65 deletions
--- a/apps/login/locales/de.json
+++ b/apps/login/locales/de.json
@@ -174,7 +174,8 @@
  },
  "verify": {
    "userIdMissing": "Keine Benutzer-ID angegeben!",
-    "success": "Erfolgreich verifiziert",
+    "successTitle": "Benutzer verifiziert",
+    "successDescription": "Der Benutzer wurde erfolgreich verifiziert.",
    "setupAuthenticator": "Authentifikator einrichten",
    "verify": {
      "title": "Benutzer verifizieren",
--- a/apps/login/locales/en.json
+++ b/apps/login/locales/en.json
@@ -174,7 +174,8 @@
  },
  "verify": {
    "userIdMissing": "No userId provided!",
-    "success": "The user has been verified successfully.",
+    "successTitle": "User verified",
+    "successDescription": "The user has been verified successfully.",
    "setupAuthenticator": "Setup authenticator",
    "verify": {
      "title": "Verify user",
--- a/apps/login/locales/es.json
+++ b/apps/login/locales/es.json
@@ -174,7 +174,8 @@
  },
  "verify": {
    "userIdMissing": "¡No se proporcionó userId!",
-    "success": "¡Verificación exitosa!",
+    "successTitle": "Usuario verificado",
+    "successDescription": "El usuario ha sido verificado con éxito.",
    "setupAuthenticator": "Configurar autenticador",
    "verify": {
      "title": "Verificar usuario",
--- a/apps/login/locales/it.json
+++ b/apps/login/locales/it.json
@@ -174,7 +174,8 @@
  },
  "verify": {
    "userIdMissing": "Nessun userId fornito!",
-    "success": "Verifica effettuata con successo!",
+    "successTitle": "Utente verificato",
+    "successDescription": "L'utente è stato verificato con successo.",
    "setupAuthenticator": "Configura autenticatore",
    "verify": {
      "title": "Verifica utente",
--- a/apps/login/locales/pl.json
+++ b/apps/login/locales/pl.json
@@ -174,7 +174,8 @@
  },
  "verify": {
    "userIdMissing": "Nie podano identyfikatora użytkownika!",
-    "success": "Użytkownik został pomyślnie zweryfikowany.",
+    "successTitle": "Weryfikacja zakończona",
+    "successDescription": "Użytkownik został pomyślnie zweryfikowany.",
    "setupAuthenticator": "Skonfiguruj uwierzytelnianie",
    "verify": {
      "title": "Zweryfikuj użytkownika",
--- a/apps/login/locales/ru.json
+++ b/apps/login/locales/ru.json
@@ -174,7 +174,8 @@
  },
  "verify": {
    "userIdMissing": "Не указан userId!",
-    "success": "Пользователь успешно подтверждён.",
+    "successTitle": "Пользователь подтверждён",
+    "successDescription": "Пользователь успешно подтверждён.",
    "setupAuthenticator": "Настроить аутентификатор",
    "verify": {
      "title": "Подтверждение пользователя",
--- a/apps/login/locales/zh.json
+++ b/apps/login/locales/zh.json
@@ -174,7 +174,8 @@
  },
  "verify": {
    "userIdMissing": "未提供用户 ID！",
-    "success": "用户验证成功。",
+    "successTitle": "用户已验证",
+    "successDescription": "用户已成功验证。",
    "setupAuthenticator": "设置认证器",
    "verify": {
      "title": "验证用户",
--- a/apps/login/src/app/(login)/verify/page.tsx
+++ b/apps/login/src/app/(login)/verify/page.tsx
@@ -36,7 +36,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {

  const basePath = process.env.NEXT_PUBLIC_BASE_PATH ?? "";

-  async function sendEmail() {
+  async function sendEmail(userId: string) {
    const host = _headers.get("host");

    if (!host || typeof host !== "string") {
@@ -51,7 +51,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {
          `${host.includes("localhost") ? "http://" : "https://"}${host}${basePath}/verify?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}&invite=true` +
          (requestId ? `&requestId=${requestId}` : ""),
      }).catch((error) => {
-        console.error("Could not resend verification email", error);
+        console.error("Could not send invitation email", error);
        throw Error("Failed to send verification email");
      });
    } else {
@@ -62,7 +62,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {
          `${host.includes("localhost") ? "http://" : "https://"}${host}${basePath}/verify?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}` +
          (requestId ? `&requestId=${requestId}` : ""),
      }).catch((error) => {
-        console.error("Could not resend verification email", error);
+        console.error("Could not send verification email", error);
        throw Error("Failed to send verification email");
      });
    }
@@ -78,11 +78,11 @@ export default async function Page(props: { searchParams: Promise<any> }) {
    });

    if (doSend && sessionFactors?.factors?.user?.id) {
-      await sendEmail();
+      await sendEmail(sessionFactors.factors.user.id);
    }
  } else if ("userId" in searchParams && userId) {
    if (doSend) {
-      await sendEmail();
+      await sendEmail(userId);
    }

    const userResponse = await getUserByID({
--- a/apps/login/src/app/(login)/verify/success/page.tsx
+++ b/apps/login/src/app/(login)/verify/success/page.tsx
@@ -33,7 +33,7 @@ async function loadSessionById(
 export default async function Page(props: { searchParams: Promise<any> }) {
  const searchParams = await props.searchParams;
  const locale = getLocale();
-  const t = await getTranslations({ locale, namespace: "signedin" });
+  const t = await getTranslations({ locale, namespace: "verify" });

  const _headers = await headers();
  const { serviceUrl } = getServiceUrlFromHeaders(_headers);
@@ -84,10 +84,8 @@ export default async function Page(props: { searchParams: Promise<any> }) {
  return (
    <DynamicTheme branding={branding}>
      <div className="flex flex-col items-center space-y-4">
-        <h1>
-          {t("title", { user: sessionFactors?.factors?.user?.displayName })}
-        </h1>
-        <p className="ztdl-p mb-6 block">{t("description")}</p>
+        <h1>{t("successTitle")}</h1>
+        <p className="ztdl-p mb-6 block">{t("successDescription")}</p>

        {sessionFactors ? (
          <UserAvatar
--- a/apps/login/src/lib/server/verify.ts
+++ b/apps/login/src/lib/server/verify.ts
@@ -113,6 +113,18 @@ export async function sendVerification(command: VerifyUserByEmailCommand) {
    console.warn("Ignored error:", error); // checked later
  });

+  if (sessionCookie) {
+    session = await getSession({
+      serviceUrl,
+      sessionId: sessionCookie.id,
+      sessionToken: sessionCookie.token,
+    }).then((response) => {
+      if (response?.session) {
+        return response.session;
+      }
+    });
+  }
+
  // load auth methods for user
  const authMethodResponse = await listAuthenticationMethodTypes({
    serviceUrl,
@@ -143,16 +155,6 @@ export async function sendVerification(command: VerifyUserByEmailCommand) {
        checks,
        requestId: command.requestId,
      });
-    } else {
-      session = await getSession({
-        serviceUrl,
-        sessionId: sessionCookie.id,
-        sessionToken: sessionCookie.token,
-      }).then((response) => {
-        if (response?.session) {
-          return response.session;
-        }
-      });
    }

    if (!session) {
@@ -187,10 +189,9 @@ export async function sendVerification(command: VerifyUserByEmailCommand) {
    return { redirect: `/authenticator/set?${params}` };
  }

-  // if no session found and user is not invited, only show success page,
+  // if no session found only show success page,
  // if user is invited, recreate invite flow to not depend on session
-
-  if (!sessionCookie || !session?.factors?.user?.id) {
+  if (!session?.factors?.user?.id) {
    const verifySuccessParams = new URLSearchParams({});

    if (command.userId) {
@@ -216,51 +217,51 @@ export async function sendVerification(command: VerifyUserByEmailCommand) {
    }

    return { redirect: `/verify/success?${verifySuccessParams}` };
-  } else {
-    const loginSettings = await getLoginSettings({
-      serviceUrl,
-      organization: user.details?.resourceOwner,
-    });
+  }

-    // redirect to mfa factor if user has one, or redirect to set one up
-    const mfaFactorCheck = await checkMFAFactors(
-      serviceUrl,
-      session,
-      loginSettings,
-      authMethodResponse.authMethodTypes,
-      command.organization,
-      command.requestId,
-    );
+  const loginSettings = await getLoginSettings({
+    serviceUrl,
+    organization: user.details?.resourceOwner,
+  });

-    if (mfaFactorCheck?.redirect) {
-      return mfaFactorCheck;
-    }
+  // redirect to mfa factor if user has one, or redirect to set one up
+  const mfaFactorCheck = await checkMFAFactors(
+    serviceUrl,
+    session,
+    loginSettings,
+    authMethodResponse.authMethodTypes,
+    command.organization,
+    command.requestId,
+  );

-    // login user if no additional steps are required
-    if (command.requestId && session.id) {
-      const nextUrl = await getNextUrl(
-        {
-          sessionId: session.id,
-          requestId: command.requestId,
-          organization:
-            command.organization ?? session.factors?.user?.organizationId,
-        },
-        loginSettings?.defaultRedirectUri,
-      );
+  if (mfaFactorCheck?.redirect) {
+    return mfaFactorCheck;
+  }

-      return { redirect: nextUrl };
-    }
-
-    const url = await getNextUrl(
+  // login user if no additional steps are required
+  if (command.requestId && session.id) {
+    const nextUrl = await getNextUrl(
      {
-        loginName: session.factors.user.loginName,
-        organization: session.factors?.user?.organizationId,
+        sessionId: session.id,
+        requestId: command.requestId,
+        organization:
+          command.organization ?? session.factors?.user?.organizationId,
      },
      loginSettings?.defaultRedirectUri,
    );

-    return { redirect: url };
+    return { redirect: nextUrl };
  }
+
+  const url = await getNextUrl(
+    {
+      loginName: session.factors.user.loginName,
+      organization: session.factors?.user?.organizationId,
+    },
+    loginSettings?.defaultRedirectUri,
+  );
+
+  return { redirect: url };
 }

 type resendVerifyEmailCommand = {