From b9d4724e0f6e4239ef6bdc589111acb0accfe66c Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Wed, 15 Jun 2022 13:27:33 -0400
Subject: [PATCH] feat: allowed plugins to modify email verification details
 prior to db saving or email send/plugin fire

+ new hook `filter:user.verify`
- hook `filter:user.verify.code`
---
 src/plugins/hooks.js |  6 ++++++
 src/user/email.js    | 28 ++++++++++++++--------------
 2 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/src/plugins/hooks.js b/src/plugins/hooks.js
index de00a6755c..ff541cbd38 100644
--- a/src/plugins/hooks.js
+++ b/src/plugins/hooks.js
@@ -28,6 +28,12 @@ Hooks._deprecated = new Map([
 		since: 'v1.19.6',
 		until: 'v2.1.0',
 	}],
+	['filter:user.verify.code', {
+		new: 'filter:user.verify',
+		since: 'v2.2.0',
+		until: 'v3.0.0',
+		affected: new Set(),
+	}],
 ]);
 
 Hooks.internals = {
diff --git a/src/user/email.js b/src/user/email.js
index 251ebab944..60ed9b56b3 100644
--- a/src/user/email.js
+++ b/src/user/email.js
@@ -68,6 +68,7 @@ UserEmail.sendValidationEmail = async function (uid, options) {
 	 * Options:
 	 * - email, overrides email retrieval
 	 * - force, sends email even if it is too soon to send another
+	 * - template, changes the template used for email sending
 	 */
 
 	if (meta.config.sendValidationEmail !== 1) {
@@ -84,7 +85,7 @@ UserEmail.sendValidationEmail = async function (uid, options) {
 		};
 	}
 
-	let confirm_code = utils.generateUUID();
+	const confirm_code = utils.generateUUID();
 	const confirm_link = `${nconf.get('url')}/confirm/${confirm_code}`;
 
 	const emailInterval = meta.config.emailConfirmInterval;
@@ -104,17 +105,27 @@ UserEmail.sendValidationEmail = async function (uid, options) {
 		throw new Error(`[[error:confirm-email-already-sent, ${emailInterval}]]`);
 	}
 
+	const username = await user.getUserField(uid, 'username');
+	const data = await plugins.hooks.fire('filter:user.verify', {
+		uid,
+		username,
+		confirm_link,
+		confirm_code: await plugins.hooks.fire('filter:user.verify.code', confirm_code),
+		email: options.email,
+
+		subject: options.subject || '[[email:email.verify-your-email.subject]]',
+		template: options.template || 'verify-email',
+	});
+
 	await UserEmail.expireValidation(uid);
 	await db.set(`confirm:byUid:${uid}`, confirm_code);
 	await db.pexpireAt(`confirm:byUid:${uid}`, Date.now() + (emailInterval * 60 * 1000));
-	confirm_code = await plugins.hooks.fire('filter:user.verify.code', confirm_code);
 
 	await db.setObject(`confirm:${confirm_code}`, {
 		email: options.email.toLowerCase(),
 		uid: uid,
 	});
 	await db.expireAt(`confirm:${confirm_code}`, Math.floor((Date.now() / 1000) + (60 * 60 * 24)));
-	const username = await user.getUserField(uid, 'username');
 
 	winston.verbose(`[user/email] Validation email for uid ${uid} sent to ${options.email}`);
 	events.log({
@@ -124,17 +135,6 @@ UserEmail.sendValidationEmail = async function (uid, options) {
 		...options,
 	});
 
-	const data = {
-		uid,
-		username,
-		confirm_link,
-		confirm_code,
-		email: options.email,
-
-		subject: options.subject || '[[email:email.verify-your-email.subject]]',
-		template: options.template || 'verify-email',
-	};
-
 	if (plugins.hooks.hasListeners('action:user.verify')) {
 		plugins.hooks.fire('action:user.verify', { uid: uid, data: data });
 	} else {