feat: add email service and reset password flow #49
Conversation
|
@jonkurtis is attempting to deploy a commit to the leerob-site Team on Vercel. A member of the Team first needs to authorize it. |
|
This will be a great addition. I didn't seem how the email send out ? (Do we need config some sort of smtp or ?) |
|
Great work mate. Wondering about account verification though. |
|
@patra0o +1. I think send verification email after sign-up will be a great addition too. |
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
it is setup to use Resend. You setup an account at Resend.com and add the api key as shown in Resend was suggested as a good solution for this feature by @leerob here #12 (comment) |
thanks. |
|
Hi @jonkurtis, I am testing out locally. |
| react: ResetPasswordEmail({ | ||
| username, | ||
| email: to, | ||
| resetPasswordLink: `http://localhost:3000/reset-password?token=${token}`, |
There was a problem hiding this comment.
I think this line should be
resetPasswordLink: `${process.env.NEXT_PUBLIC_SITE_URL}/reset-password?token=${token}`|
Hi there. Is there a problem with this PR. Can we please merge it. I really want the invite functionality |
|
Why hasn't this be merged? |
|
can someone please merge this? Thanks |
There was a problem hiding this comment.
It would be convenient to add the Resend environment variables to lib/db/setup.ts so they are defined from the start. Perhaps add functions like:
async function getResendKey(): Promise<string> {
console.log('Step 6: Getting Resend Secret Key');
console.log('You can find your Resend API Key at: https://resend.com/api-keys');
return await question('Enter your Resend API Key: ');
}
async function getResendEmail(): Promise<string> {
console.log('Step 7: Getting Resend Secret Email');
console.log('You can authorize your domain at: https://resend.com/api-keys');
return await question('Enter an email address for an authorized domain: ');
}
And add them to main():
...
const RESEND_API_KEY = await getResendKey();
const RESEND_AUTHORIZED_EMAIL = await getResendEmail();
const NEXT_PUBLIC_SITE_URL = 'http://localhost:3000';
await writeEnvFile({
POSTGRES_URL,
STRIPE_SECRET_KEY,
STRIPE_WEBHOOK_SECRET,
BASE_URL,
AUTH_SECRET,
RESEND_API_KEY,
RESEND_AUTHORIZED_EMAIL,
NEXT_PUBLIC_SITE_URL,
});
| .limit(1); | ||
|
|
||
| if (user.length === 0) { | ||
| return { error: 'User not found.' }; |
There was a problem hiding this comment.
For security, it might be better to put all of this in a try/catch, and show a generic error client-side so that hackers don't have an easy way to check if an email exists. The error could still be logged server-side for debugging, or use an environment variable for dev/prod to indicate whether it is safe to display it client-side.
Same thing with forgotPassword above.
fix🐛: info bug
|
I was able to rebase this PR again onto main but there was a big dashboard refactor since the last rebase and it was annoying. Would be best for everyone to merge this so it doesn't continue to get out of date |
addresses #12 for password reset flow. also add email service with invite and reset password email templates using resend and react-email.