Class RegistrationRoutes<T>

A set of endpoints to handle registration, verification and email-based login. It has two extension points, one to send emails however you'd like and another to for custom userData validation.

The mailer dependency needs to implement RegistrationMailer which is an interface for sending the emails RegistrationRoutes requires.

const mailer: RegistrationMailer = {
  async sendLoginEmail(registration: Registration, token: string) {
    // Generate and send login email
    // The user should be directed to the login endpoint with this token
  },
  async sendVerifyEmail(registration: Registration, token: string) {
    // Generate and send verification email
    // The user should be directed to the verify endpoint with this token
  },
  async sendAlreadyRegisteredEmail(registration: Registration, token: string) {
    // Generate and send an 'already registered' email,
    // to alert the user someone tried to re-register with their email.
    // Includes a login token to bypass the need to sign in again
    // if that was their intention
  },
}

The userDataStruct is a custom superstruct structure to validate what is stored in the userData on each registration record.

const userDataStruct = object({
  marketingConsent: boolean(),
})

Create a RegistrationRoutes like this:

const jwt: JwtService
const registrationRepo: RegistrationRepository
const conferenceRepo: ConferenceRepository
const admins: Array<{ email: string }>
const url: UrlService

const app = express().use(express.json())

const routes = new RegistrationRoutes({
  jwt,
  registrationRepo,
  conferenceRepo,
  url,
  mailer,
  userDataStruct,
})

Type Parameters

  • T extends Record<string, unknown>

Hierarchy

  • RegistrationRoutes

Constructors

constructor

Methods

finishEmailLogin finishRegister getRegistration startEmailLogin startRegister unregister

Constructors

constructor

Methods

finishEmailLogin

  • The endpoint that is triggered by a user clicking a login link in an email. It validates the token and redirects the user to the client to finish logging in.

    app.get('/auth/login/:token', (req, res) => {
      const url = await this.#routes.finishEmailLogin(req.params.token)
      res.redirect(url.toString())
    })

    Parameters

    • rawToken: any

    Returns Promise<URL>

finishRegister

  • Finish the registration process, verify the registration record and log the user in. token should come from the email the user was sent from startRegister.

    The user can on verify a registration once and this will fail if they attempt to re-verify their registration. This is to make verify emails single-use as they log the user in.

    app.get('/auth/register/:token', async (req, res) => {
      const url = await routes.finishRegister(token)
      res.redirect(url.toString())
    })

    Parameters

    • rawToken: any

    Returns Promise<URL>

getRegistration

  • Get the registration associated with an authentication token.

    app.get('/auth/me', async (req, res) => {
      const token = jwt.getRequestAuth(req.headers)
      ctx.body = await this.#routes.getRegistration(token)
    })

    Parameters

    • authToken: null | AuthToken

    Returns Promise<UserRegistration>

startEmailLogin

  • Start an email-based login. Send the user an email with a link in it which logs them in.

    app.post('/auth/login', async (req, res) => {
      res.send(await routes.startEmailLogin(req.body))
    })

    Where the request body is:

    {
      "email": "geoff@example.com"
    }

    Parameters

    • body: unknown

    Returns Promise<VoidResponse>

startRegister

  • Start off a new registration.

    app.post('/auth/register', async (req, res) => {
      res.send(await routes.startRegister(req.body))
    })

    Where the body is:

    {
      "name": "Chloe Smith",
      "email": "chloe@example.com",
      "language": "en",
      "country": "GB",
      "affiliation": "Open Lab",
      "userData": {
        "marketingConsent": false
      }
    }

    Where userData matches whatever your userDataStruct requires.

    Parameters

    • rawBody: Record<string, unknown>

    Returns Promise<VoidResponse>

unregister

  • Remove all registrations relating to an email address. This requires the user with that email to be signed in. token should be a valid authentication token from a login/verify.

    app.del('/auth/me', async (req, res) => {
      const token = jwt.getRequestAuth(req.headers)
      res.send(await this.#routes.unregister(token))
    })

    Parameters

    • authToken: null | AuthToken

    Returns Promise<VoidResponse>

Settings

Member Visibility

Theme

Generated using TypeDoc