yisroelbaum/TIDE
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

implement SignupUser two-step confirm flow

Browse source 
Signup now collects only email + displayName, creates an
unconfirmed user with empty password hash, mints an
EmailConfirmationToken, and dispatches a confirmation email.
Password is set during ConfirmUserEmail.
This commit is contained in:
Yisroel Baum 2026-05-06 22:08:54 +03:00
parent 11f2823a30
commit f3c6e2e000
Signed by: yisroelbaum
GPG key ID: 0FA60884F75520A9
2 changed files with 27 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

41
backend/app/User/UseCases/SignupUser/SignupUser.php
View file

@ -2,7 +2,11 @@
namespace App\User\UseCases\SignupUser; namespace App\User\UseCases\SignupUser;
use App\Auth\PasswordHasher; use App\Auth\Clock;
use App\Email\EmailConfirmationToken\CreateEmailConfirmationTokenDto;
use App\Email\EmailConfirmationToken\EmailConfirmationTokenRepository;
use App\Email\Emailer;
use App\Email\EmailFactory;
use App\Exceptions\BadRequestException; use App\Exceptions\BadRequestException;
use App\Shared\ValueObject\EmailAddress; use App\Shared\ValueObject\EmailAddress;
use App\User\CreateUserDto; use App\User\CreateUserDto;
@ -13,13 +17,17 @@ use InvalidArgumentException;
class SignupUser class SignupUser
{ {
private const MIN_PASSWORD_LENGTH = 8;
private const DISPLAY_NAME_PATTERN = '/^[a-z0-9_-]{3,30}$/'; private const DISPLAY_NAME_PATTERN = '/^[a-z0-9_-]{3,30}$/';
private const TOKEN_LIFETIME = '+1 day';
public function __construct( public function __construct(
private UserRepository $userRepo, private UserRepository $userRepo,
private PasswordHasher $hasher, private EmailConfirmationTokenRepository $tokenRepo,
private Emailer $emailer,
private EmailFactory $emailFactory,
private Clock $clock,
private string $fromAddress,
) {} ) {}
/** /**
@ -44,14 +52,6 @@ class SignupUser
'displayName must be 3-30 chars of [a-z0-9_-]' 'displayName must be 3-30 chars of [a-z0-9_-]'
); );
} }
if ($request->password === null || $request->password === '') {
throw new BadRequestException('password is required');
}
if (strlen($request->password) < self::MIN_PASSWORD_LENGTH) {
throw new BadRequestException(
'password must be at least '.self::MIN_PASSWORD_LENGTH.' characters'
);
}
try { try {
$email = new EmailAddress($request->email); $email = new EmailAddress($request->email);
@ -66,12 +66,25 @@ class SignupUser
throw new DomainException('displayName already taken'); throw new DomainException('displayName already taken');
} }
return $this->userRepo->create(new CreateUserDto( $user = $this->userRepo->create(new CreateUserDto(
email: $email, email: $email,
displayName: $request->displayName, displayName: $request->displayName,
passwordHash: $this->hasher->hash($request->password), passwordHash: '',
isAdmin: false, isAdmin: false,
emailConfirmedAt: null, emailConfirmedAt: null,
)); ));
$token = $this->tokenRepo->create(new CreateEmailConfirmationTokenDto(
user: $user,
availableTo: $this->clock->now()->modify(self::TOKEN_LIFETIME),
));
$this->emailer->send(
$this->fromAddress,
$user->getEmail()->value(),
$this->emailFactory->makeConfirmationEmail($token->getToken()),
);
return $user;
} }
} }

1
backend/app/User/UseCases/SignupUser/SignupUserRequest.php
View file

@ -7,6 +7,5 @@ class SignupUserRequest
public function __construct( public function __construct(
public ?string $email, public ?string $email,
public ?string $displayName, public ?string $displayName,
public ?string $password,
) {} ) {}
} }