From 687f7ddf64c4468ef911198aa0a815e9f4a08cb5 Mon Sep 17 00:00:00 2001
From: Andrey Antukh <niwi@niwi.nz>
Date: Wed, 3 Feb 2021 23:47:19 +0100
Subject: [PATCH] :sparkles: Don't send emails on recovery password on not
 verified profile.

And show proper message to the user saying that the profile
need to be verfied before proceed.
---
 backend/src/app/rpc/mutations/profile.clj     | 13 ++--
 frontend/resources/locales.json               |  6 ++
 frontend/src/app/main/data/auth.cljs          |  5 +-
 .../app/main/ui/auth/recovery_request.cljs    | 60 ++++++++++++-------
 4 files changed, 55 insertions(+), 29 deletions(-)

diff --git a/backend/src/app/rpc/mutations/profile.clj b/backend/src/app/rpc/mutations/profile.clj
index 113f2c344..bbcafd225 100644
--- a/backend/src/app/rpc/mutations/profile.clj
+++ b/backend/src/app/rpc/mutations/profile.clj
@@ -403,11 +403,14 @@
                            :name (:fullname profile)}))]
 
     (db/with-atomic [conn pool]
-      (some->> email
-               (profile/retrieve-profile-data-by-email conn)
-               (create-recovery-token)
-               (send-email-notification conn))
-      nil)))
+      (when-let [profile (profile/retrieve-profile-data-by-email conn email)]
+        (when-not (:is-active profile)
+          (ex/raise :type :validation
+                    :code :profile-not-verified
+                    :hint "the user need to validate profile before recover password"))
+        (->> profile
+             (create-recovery-token)
+             (send-email-notification conn))))))
 
 
 ;; --- Mutation: Recover Profile
diff --git a/frontend/resources/locales.json b/frontend/resources/locales.json
index 25aa2f917..8f0cc9338 100644
--- a/frontend/resources/locales.json
+++ b/frontend/resources/locales.json
@@ -173,6 +173,12 @@
       "es" : "Introduce la nueva contraseña"
     }
   },
+  "auth.notifications.profile-not-verified": {
+    "translations": {
+      "en": "Profile is not verified, please verify profile before continue.",
+      "es": "El perfil aun no ha sido validado, porfavor valide el perfil antes de continuar."
+    }
+  },
   "auth.notifications.invalid-token-error" : {
     "used-in" : [ "src/app/main/ui/auth/recovery.cljs:47" ],
     "translations" : {
diff --git a/frontend/src/app/main/data/auth.cljs b/frontend/src/app/main/data/auth.cljs
index 9bc1fa9b6..0e733c9b8 100644
--- a/frontend/src/app/main/data/auth.cljs
+++ b/frontend/src/app/main/data/auth.cljs
@@ -184,10 +184,7 @@
 
         (->> (rp/mutation :request-profile-recovery data)
              (rx/tap on-success)
-             (rx/catch (fn [err]
-                         (on-error err)
-                         (rx/empty))))))))
-
+             (rx/catch on-error))))))
 
 ;; --- Recovery (Password)
 
diff --git a/frontend/src/app/main/ui/auth/recovery_request.cljs b/frontend/src/app/main/ui/auth/recovery_request.cljs
index 4b99e342d..19f4daadd 100644
--- a/frontend/src/app/main/ui/auth/recovery_request.cljs
+++ b/frontend/src/app/main/ui/auth/recovery_request.cljs
@@ -20,49 +20,69 @@
    [app.util.router :as rt]
    [cljs.spec.alpha :as s]
    [cuerdas.core :as str]
+   [beicon.core :as rx]
    [rumext.alpha :as mf]))
 
 (s/def ::email ::us/email)
 (s/def ::recovery-request-form (s/keys :req-un [::email]))
 
-(defn- on-success
-  []
-  (st/emit! (dm/info (tr "auth.notifications.recovery-token-sent"))
-            (rt/nav :auth-login)))
-
-(defn- on-submit
-  [form event]
-  (let [params (with-meta (:clean-data @form)
-                 {:on-success on-success})]
-    (st/emit! (uda/request-profile-recovery params))))
-
 (mf/defc recovery-form
-  [{:keys [locale] :as props}]
+  []
   (let [form (fm/use-form :spec ::recovery-request-form
-                          :initial {})]
+                          :initial {})
+
+        submitted (mf/use-state false)
+
+        on-error
+        (mf/use-callback
+         (fn [{:keys [code] :as error}]
+           (reset! submitted false)
+           (if (= code :profile-not-verified)
+             (rx/of (dm/error (tr "auth.notifications.profile-not-verified")
+                              {:timeout nil}))
+
+             (rx/throw error))))
+
+        on-success
+        (mf/use-callback
+         (fn []
+           (reset! submitted false)
+           (st/emit! (dm/info (tr "auth.notifications.recovery-token-sent"))
+                     (rt/nav :auth-login))))
+
+        on-submit
+        (mf/use-callback
+         (fn []
+           (reset! submitted true)
+           (->> (with-meta (:clean-data @form)
+                  {:on-success on-success
+                   :on-error on-error})
+                (uda/request-profile-recovery)
+                (st/emit!))))]
+
     [:& fm/form {:on-submit on-submit
                  :form form}
      [:div.fields-row
       [:& fm/input {:name :email
-                    :label (t locale "auth.email")
+                    :label (tr "auth.email")
                     :help-icon i/at
                     :type "text"}]]
 
      [:& fm/submit-button
-      {:label (t locale "auth.recovery-request-submit")}]]))
+      {:label (tr "auth.recovery-request-submit")}]]))
 
 
 ;; --- Recovery Request Page
 
 (mf/defc recovery-request-page
-  [{:keys [locale] :as props}]
+  []
   [:section.generic-form
    [:div.form-container
-    [:h1 (t locale "auth.recovery-request-title")]
-    [:div.subtitle (t locale "auth.recovery-request-subtitle")]
-    [:& recovery-form {:locale locale}]
+    [:h1 (tr "auth.recovery-request-title")]
+    [:div.subtitle (tr "auth.recovery-request-subtitle")]
+    [:& recovery-form]
 
     [:div.links
      [:div.link-entry
       [:a {:on-click #(st/emit! (rt/nav :auth-login))}
-       (t locale "auth.go-back-to-login")]]]]])
+       (tr "auth.go-back-to-login")]]]]])