1 files changed, 37 insertions, 8 deletions

diff --git a/code/api/src/Services/UserService.cs b/code/api/src/Services/UserService.cs
index 8b925be..4c632be 100644
--- a/code/api/src/Services/UserService.cs
+++ b/code/api/src/Services/UserService.cs
@@ -10,15 +10,16 @@ public class UserService
     private readonly ILogger<UserService> _logger;
     private readonly IStringLocalizer<SharedResources> _localizer;
     private readonly MainAppDatabase _database;
-    private string EmailValidationUrl;
+    private readonly string EmailValidationUrl;
 
-    public UserService(PasswordResetService passwordResetService, MailService mailService, IStringLocalizer<SharedResources> localizer, VaultService vaultService, MainAppDatabase database) {
+    public UserService(PasswordResetService passwordResetService, MailService mailService, IStringLocalizer<SharedResources> localizer, VaultService vaultService, MainAppDatabase database, ILogger<UserService> logger) {
         _passwordResetService = passwordResetService;
         _mailService = mailService;
         _localizer = localizer;
         _database = database;
+        _logger = logger;
         var configuration = vaultService.GetCurrentAppConfiguration();
-        EmailValidationUrl = configuration.CANONICAL_BACKEND_URL + "/validate";
+        EmailValidationUrl = configuration.CANONICAL_BACKEND_URL + "/_/validate";
     }
 
     public async Task LogInUser(HttpContext httpContext, User user, bool persist = false) {
@@ -49,7 +50,39 @@ public class UserService
         _logger.LogInformation("Logged out user {0}", httpContext.User.FindFirst(AppClaims.USER_ID));
     }
 
+    public bool FulfillEmailValidationRequest(Guid id, Guid userId) {
+        var item = _database.ValidationEmails.FirstOrDefault(c => c.Id == id);
+        if (item == default) {
+            _logger.LogDebug("Did not find email validation request with id: {0}", id);
+            return false;
+        }
+
+        if (item.UserId != userId) {
+            _logger.LogInformation("An unknown user tried to validate the email validation request {0}");
+            return false;
+        }
+
+        var user = _database.Users.FirstOrDefault(c => c.Id == item.UserId);
+        if (user == default) {
+            _database.ValidationEmails.Remove(item);
+            _database.SaveChanges();
+            _logger.LogInformation("Deleting request {0} because user does not exist anymore");
+            return false;
+        }
+
+        user.EmailLastValidated = DateTime.UtcNow;
+        user.SetModified();
+        _database.ValidationEmails.Remove(item);
+        _database.SaveChanges();
+        _logger.LogInformation("Successfully validated the email for user {0}", user.Id);
+        return true;
+    }
+
     public async Task SendValidationEmail(User user) {
+        var queueItem = new ValidationEmail() {
+            UserId = user.Id,
+            Id = Guid.NewGuid()
+        };
         var email = new MailService.PostmarkEmail() {
             To = user.Username,
             Subject = _localizer["Greatoffice Email Validation"],
@@ -57,11 +90,7 @@ public class UserService
 Hello, {0}.
 
 Validate your email address by opening this link in a browser {1}
-""", user.DisplayName(), EmailValidationUrl + "?email=" + user.Username]
-        };
-        var queueItem = new ValidationEmail() {
-            UserId = user.Id,
-            Id = Guid.NewGuid()
+""", user.DisplayName(), EmailValidationUrl + "?id=" + queueItem.Id]
         };
         await _mailService.SendMail(email);
         queueItem.EmailSentAt = DateTime.UtcNow;