Browse Source
Merge pull request #103 from vernu/limit-email-verification
limit max number of email verification requests per day
pull/105/head
Israel Abebe
8 months ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with
14 additions and
0 deletions
-
api/src/auth/auth.service.ts
|
|
|
@ -257,6 +257,20 @@ export class AuthService { |
|
|
|
} |
|
|
|
|
|
|
|
async sendEmailVerificationEmail(user: UserDocument) { |
|
|
|
// Check if user has requested email verification more than 5 times in the last 24 hours
|
|
|
|
const twentyFourHoursAgo = new Date(Date.now() - 24 * 60 * 60 * 1000) |
|
|
|
const verificationCount = await this.emailVerificationModel.countDocuments({ |
|
|
|
user: user._id, |
|
|
|
createdAt: { $gte: twentyFourHoursAgo } |
|
|
|
}) |
|
|
|
|
|
|
|
if (verificationCount >= 5) { |
|
|
|
throw new HttpException( |
|
|
|
{ error: 'Too many email verification requests. Please try again later.' }, |
|
|
|
HttpStatus.TOO_MANY_REQUESTS |
|
|
|
) |
|
|
|
} |
|
|
|
|
|
|
|
const verificationCode = uuidv4() |
|
|
|
const expiresAt = new Date(Date.now() + 20 * 60 * 1000) // 20 minutes
|
|
|
|
|
|
|
|
|
