Add AWS SES helper + simple template.

.env.example

@@ -4,4 +4,9 @@ SERVER_HOST=0.0.0.0
 SERVER_PORT=4000
 JWT_SECRET=OR5t0v7yk3z7qw77
 
+AWS_SES_REGION=
+AWS_SES_ID=
+AWS_SES_SECRET=
+AWS_SES_SOURCE=
+
 APP_URL=http://0.0.0.0:3000

.github/workflows/deploy.yml

@@ -46,17 +46,27 @@ jobs:
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
 
-      - name: Set up environment variables
+      - name: Environment
         run: |
           touch .env
           echo "NODE_ENV=${{ vars.NODE_ENV }}" >> .env
           echo "SERVER_HOST=${{ vars.HOST }}" >> .env
           echo "SERVER_PORT=${{ vars.PORT }}" >> .env
           echo "JWT_SECRET=${{ vars.JWT_SECRET }}" >> .env
           echo "MONGODB_URI=${{ vars.MONGODB_URI }}" >> .env
+          echo "AWS_SES_REGION=${{ vars.AWS_REGION }}" >> .env
+          echo "AWS_SES_ID=${{ secrets.AWS_SES_ID }}" >> .env
+          echo "AWS_SES_SECRET=${{ secrets.AWS_SES_SECRET }}" >> .env
+          echo "AWS_SES_SOURCE=${{ vars.APAWS_SES_SOURCEP_URL }}" >> .env
           echo "APP_URL=${{ vars.APP_URL }}" >> .env
           echo "" >> .env
 
+      - name: Format and Lint
+        run: yarn format && yarn lint
+
+      - name: Test
+        run: yarn test
+
       - name: Docker Build
         id: build-image
         env:

package.json

@@ -16,6 +16,7 @@
     "start": "node dist/index.js"
   },
   "dependencies": {
+    "@aws-sdk/client-ses": "^3.632.0",
     "@typegoose/typegoose": "^12.3.1",
     "axios": "^1.7.4",
     "bcrypt": "^5.1.1",

src/controllers/users.ts

@@ -1,5 +1,6 @@
 import { Request, Response } from "express";
 import { UserModel } from "@/models/User";
+import { sendVerificationEmail } from "@/helpers/aws/ses";
 
 export const createUser = async (req: Request, res: Response) => {
   try {
@@ -9,7 +10,11 @@ export const createUser = async (req: Request, res: Response) => {
     }
 
     const newUser = await UserModel.createUser(email, password, name);
-    if (newUser) return res.status(200).send(newUser);
+    if (newUser) {
+      await sendVerificationEmail(email, newUser.verifyToken!);
+      newUser.verifyToken = undefined;
+      return res.status(200).send(newUser);
+    }
   } catch (e) {
     console.log(`[ERROR][createUser] ${JSON.stringify(e)}`);
   }

src/environment.ts

@@ -13,6 +13,12 @@ const APP_URL = process.env.APP_URL || `http://${SERVER_HOST}:3000`;
 
 const JWT_SECRET = process.env.JWT_SECRET || "OR5t0v7yk3z7qw77";
 
+// AWS
+const AWS_SES_REGION = process.env.AWS_SES_REGION || "us-east-1";
+const AWS_SES_ID = process.env.AWS_SES_ID || "123123123";
+const AWS_SES_SECRET = process.env.AWS_SES_SECRET || "123123123";
+const AWS_SES_SOURCE = process.env.AWS_SES_SOURCE || "email@polkadot.education";
+
 // DEBUG/TEST
 const DEBUG = parseInt(process.env.DEBUG || "0");
 
@@ -23,5 +29,9 @@ export const env = {
   SERVER_PORT,
   APP_URL,
   JWT_SECRET,
+  AWS_SES_REGION,
+  AWS_SES_SECRET,
+  AWS_SES_ID,
+  AWS_SES_SOURCE,
   DEBUG,
 };

src/helpers/aws/ses.ts

@@ -0,0 +1,51 @@
+import { env } from "@/environment";
+
+import { SESClient, SendEmailCommand } from "@aws-sdk/client-ses";
+
+import verificationLink from "./templates/verificationLink";
+
+const sesClient = new SESClient({
+  credentials: {
+    secretAccessKey: String(env.AWS_SES_SECRET),
+    accessKeyId: String(env.AWS_SES_ID),
+  },
+  apiVersion: "2010-12-01",
+  region: String(env.AWS_SES_REGION),
+});
+
+const createSendEmailCommand = (
+  toAddresses: string[],
+  subject: string,
+  html: string,
+  fromAddress: string = env.AWS_SES_SOURCE,
+) => {
+  const from = `Polkadot Education <${fromAddress}>`;
+  return new SendEmailCommand({
+    Destination: {
+      ToAddresses: toAddresses,
+    },
+    Message: {
+      Body: {
+        Html: {
+          Charset: "UTF-8",
+          Data: html,
+        },
+      },
+      Subject: {
+        Charset: "UTF-8",
+        Data: subject,
+      },
+    },
+    Source: from,
+  });
+};
+
+export const sendVerificationEmail = async (to: string, token: string) => {
+  const html = verificationLink.replace("{{VERIFICATION_LINK}}", `${env.APP_URL}/verify/${token}`);
+  const sendEmailCommand = createSendEmailCommand([to], "Verify your Account", html);
+  try {
+    return await sesClient.send(sendEmailCommand);
+  } catch (e) {
+    console.log(`[ERROR][sendVerificationEmail] ${JSON.stringify(e)}`);
+  }
+};

src/helpers/aws/templates/verificationLink.ts

@@ -0,0 +1,13 @@
+export default `<!doctype html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+  <body>
+    <h1>Polkadot Education</h1>
+    <p>
+      Verify your account's email
+      <a href="{{VERIFICATION_LINK}}" target="_blank">
+        here
+      </a>
+      .
+    </p>
+  <body>
+</html>`;

src/middlewares/auth.ts

@@ -4,8 +4,8 @@ import { env } from "@/environment";
 import { UserModel } from "@/models/User";
 
 const authMiddleware = async (req: Request, res: Response, next: NextFunction) => {
-  // Uncomment here to test endpoints without authentication (app's jwt)
-  // if (env.NODE_ENV === "local") return next();
+  // Comment here to test endpoints with authentication (app's jwt)
+  if (["local", "test"].includes(env.NODE_ENV)) return next();
   const error = {
     status: 401,
     error: "You are not authorized to perform this action.",

src/models/User.ts

@@ -1,6 +1,7 @@
 import { DocumentType, ReturnModelType, getModelForClass, prop } from "@typegoose/typegoose";
 import moment from "moment";
 import jwt from "jsonwebtoken";
+import { randomBytes } from "crypto";
 import * as bcrypt from "bcrypt";
 
 import { env } from "@/environment";
@@ -17,6 +18,9 @@ class User extends BaseModel {
   @prop({ required: true, type: String })
   public name: string;
 
+  @prop({ required: false, type: String })
+  public verifyToken?: string;
+
   @prop({ required: false, type: Date })
   public lastActivity: Date;
 
@@ -45,12 +49,14 @@ class User extends BaseModel {
         email: email.toLowerCase(),
         password: await this.hashPassword(password),
         name,
+        verifyToken: randomBytes(16).toString("hex"),
         lastActivity: new Date(),
       });
       return {
         userId: user._id,
         email: user.email,
         name: user.name,
+        verifyToken: user.verifyToken,
         lastActivity: user.lastActivity,
       };
     } catch (e) {

src/routes.ts

@@ -1,4 +1,4 @@
-import { Express } from "express";
+import { Express, Request, Response } from "express";
 
 // Controllers
 import { createUser, deleteUser, getUser, loginUser } from "@/controllers/users";
@@ -9,7 +9,7 @@ import corsConfig from "./cors.config";
 
 const router = (app: Express) => {
   // Health check
-  app.get("/status", (_req: Request, resp: Response) => resp.status(200).json({ type: "success" }));
+  app.get("/status", (_req: Request, res: Response) => res.status(200).json({ type: "success" }));
 
   // Users
   app.post("/user", createUser);

src/types/User.ts

@@ -3,6 +3,7 @@ export type UserInfo = {
   email: string;
   name: string;
   lastActivity: Date;
+  verifyToken?: string;
   createdAt?: Date;
   updatedAt?: Date;
 };