fix: put verify-email behind auth

account/account.go

@@ -116,7 +116,7 @@ func (s *AccountServiceDefault) CreateAccount(email string, password string, ver
 	}
 
 	if verifyEmail {
-		err = s.SendEmailVerification(&user)
+		err = s.SendEmailVerification(user.ID)
 		if err != nil {
 			return nil, err
 		}
@@ -125,7 +125,12 @@ func (s *AccountServiceDefault) CreateAccount(email string, password string, ver
 	return &user, nil
 }
 
-func (s *AccountServiceDefault) SendEmailVerification(user *models.User) error {
+func (s AccountServiceDefault) SendEmailVerification(userId uint) error {
+	exists, user, err := s.AccountExists(userId)
+	if !exists || err != nil {
+		return err
+	}
+
 	token := GenerateSecurityToken()
 
 	var verification models.EmailVerification
@@ -134,7 +139,7 @@ func (s *AccountServiceDefault) SendEmailVerification(user *models.User) error {
 	verification.Token = token
 	verification.ExpiresAt = time.Now().Add(time.Hour)
 
-	err := s.db.Create(&verification).Error
+	err = s.db.Create(&verification).Error
 	if err != nil {
 		return NewAccountError(ErrKeyDatabaseOperationFailed, err)
 	}

api/account/account.go

@@ -169,7 +169,16 @@ func (a AccountAPI) verifyEmail(jc jape.Context) {
 	if jc.Check("failed to verify email", err) != nil {
 		return
 	}
+}
 
+func (a AccountAPI) resendVerifyEmail(jc jape.Context) {
+	user := middleware.GetUserFromContext(jc.Request.Context())
+
+	err := a.accounts.SendEmailVerification(user)
+
+	if jc.Check("failed to resend email verification", err) != nil {
+		return
+	}
 }
 
 func (a AccountAPI) otpGenerate(jc jape.Context) {
@@ -442,7 +451,8 @@ func (a *AccountAPI) Routes() (*httprouter.Router, error) {
 		"POST /api/auth/logout":       middleware.ApplyMiddlewares(a.logout, corsMw.Handler, authMw, middleware.ProxyMiddleware),
 
 		// Account
-		"POST /api/account/verify-email":           middleware.ApplyMiddlewares(a.verifyEmail, corsMw.Handler, middleware.ProxyMiddleware),
+		"POST /api/account/verify-email":           middleware.ApplyMiddlewares(a.verifyEmail, corsMw.Handler, authMw, middleware.ProxyMiddleware),
+		"POST /api/account/verify-email/resend":    middleware.ApplyMiddlewares(a.resendVerifyEmail, corsMw.Handler, authMw, middleware.ProxyMiddleware),
 		"POST /api/account/otp/verify":             middleware.ApplyMiddlewares(a.otpVerify, corsMw.Handler, authMw, middleware.ProxyMiddleware),
 		"POST /api/account/otp/disable":            middleware.ApplyMiddlewares(a.otpDisable, corsMw.Handler, authMw, middleware.ProxyMiddleware),
 		"POST /api/account/password-reset/request": middleware.ApplyMiddlewares(a.passwordResetRequest, corsMw.Handler, middleware.ProxyMiddleware),

api/account/swagger.yaml

@@ -54,6 +54,12 @@ paths:
             responses:
                 '200':
                     description: Email verified successfully
+    /api/account/verify-email/resend:
+        post:
+            summary: Resend email verification
+            responses:
+                '200':
+                    description: Email verification resent successfully
     /api/auth/otp/generate:
         get:
             summary: Generate OTP for two-factor authentication