summaryrefslogtreecommitdiff
path: root/src/routes/magicLink.ts
blob: e0a6310b842c72d37be64f7ac9b75a36c9e2aefa (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

import { Router, Request, Response } from "express";
import { frontendConfig } from "../lib/config.js";
import { generateMagicLinkToken } from "../util/generator.js";
import MagicLink from "../models/MagicLink.js";
import { getConfigMiddleware } from "../lib/middleware.js";

const router = Router();

router.use(getConfigMiddleware);

router.post("/magic-link/event/create", async (req: Request, res: Response) => {
    const { email } = req.body;
    if (!email) {
        res.render("createEventMagicLink", {
            ...frontendConfig(res),
            message: {
                type: "danger",
                text: "Please provide an email address.",
            },
        });
        return;
    }
    const allowedEmails = res.locals.config?.general.creator_email_addresses;
    if (!allowedEmails?.length) {
        // No creator email addresses are configured, so skip the magic link check
        return res.redirect("/new");
    }
    if (!allowedEmails.includes(email)) {
        res.render("createEventMagicLink", {
            ...frontendConfig(res),
            message: {
                type: "success",
                text: "Thanks! If this email address can create events, you should receive an email with a magic link.",
            },
        });
        return;
    }
    const token = generateMagicLinkToken();
    const magicLink = new MagicLink({
        email,
        token,
        expiryTime: new Date(Date.now() + 24 * 60 * 60 * 1000), // 24 hours
        permittedActions: ["createEvent"],
    });
    await magicLink.save();

    // Take this opportunity to delete any expired magic links
    await MagicLink.deleteMany({ expiryTime: { $lt: new Date() } });

    req.emailService.sendEmailFromTemplate({
        to: email,
        subject: "Magic link to create an event",
        templateName: "createEventMagicLink",
        templateData: {
            token
        },
    });
    res.render("createEventMagicLink", {
        ...frontendConfig(res),
        message: {
            type: "success",
            text: "Thanks! If this email address can create events, you should receive an email with a magic link.",
        },
    });
});

export default router;
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 07:26:25 +0000