feat(auth): enhance email validation when no workspace available + disable captcha on email validation (#11239)

Implemented fallback logic to associate a user with a workspace when none is found. Introduced new GraphQL types and mutations for roles and permissions management. Simplified and refactored URL-building logic for email verification, improving code maintainability and flexibility.
2025-03-28 07:38:58 +01:00
parent 976c6afb4b
commit 9af2628264
5 changed files with 69 additions and 43 deletions
--- a/packages/twenty-server/src/engine/core-modules/email-verification/email-verification.resolver.ts
+++ b/packages/twenty-server/src/engine/core-modules/email-verification/email-verification.resolver.ts
@ -7,7 +7,6 @@ import { ResendEmailVerificationTokenInput } from 'src/engine/core-modules/email
 import { ResendEmailVerificationTokenOutput } from 'src/engine/core-modules/email-verification/dtos/resend-email-verification-token.output';
 import { EmailVerificationService } from 'src/engine/core-modules/email-verification/services/email-verification.service';
 import { I18nContext } from 'src/engine/core-modules/i18n/types/i18n-context.type';
-import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate';
 import { OriginHeader } from 'src/engine/decorators/auth/origin-header.decorator';

@Resolver()
@ -29,8 +28,6 @@ export class EmailVerificationResolver {
        origin,
      );

-    workspaceValidator.assertIsDefinedOrThrow(workspace);
-
    return await this.emailVerificationService.resendEmailVerificationToken(
      resendEmailVerificationTokenInput.email,
      workspace,
--- a/packages/twenty-server/src/engine/core-modules/email-verification/services/email-verification.service.ts
+++ b/packages/twenty-server/src/engine/core-modules/email-verification/services/email-verification.service.ts
@ -41,7 +41,9 @@ export class EmailVerificationService {
  async sendVerificationEmail(
    userId: string,
    email: string,
-    workspace: WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType,
+    workspace:
+      | WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType
+      | undefined,
    locale: keyof typeof APP_LOCALES,
  ) {
    if (!this.environmentService.get('IS_EMAIL_VERIFICATION_REQUIRED')) {
@ -51,12 +53,16 @@ export class EmailVerificationService {
    const { token: emailVerificationToken } =
      await this.emailVerificationTokenService.generateToken(userId, email);

-    const verificationLink =
-      this.domainManagerService.buildEmailVerificationURL({
-        emailVerificationToken,
-        email,
-        workspace,
-      });
+    const linkPathnameAndSearchParams = {
+      pathname: 'verify-email',
+      searchParams: { emailVerificationToken, email },
+    };
+    const verificationLink = workspace
+      ? this.domainManagerService.buildWorkspaceURL({
+          workspace,
+          ...linkPathnameAndSearchParams,
+        })
+      : this.domainManagerService.buildBaseUrl(linkPathnameAndSearchParams);

    const emailData = {
      link: verificationLink.toString(),
@ -88,7 +94,9 @@ export class EmailVerificationService {

  async resendEmailVerificationToken(
    email: string,
-    workspace: WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType,
+    workspace:
+      | WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType
+      | undefined,
    locale: keyof typeof APP_LOCALES,
  ) {
    if (!this.environmentService.get('IS_EMAIL_VERIFICATION_REQUIRED')) {