Support resending email code

AlexProgrammerDE · AlexProgrammerDE · commit a75e9e7afb59 · 2025-01-30T14:28:04.000+01:00
diff --git a/proto/src/main/proto/soulfire/login.proto b/proto/src/main/proto/soulfire/login.proto
@@ -38,7 +38,16 @@ message EmailCodeRequest {
   string code = 2;
 }
 
+message EmailResendRequest {
+  string auth_flow_token = 1;
+}
+
+message EmailResendResponse {
+  string auth_flow_token = 1;
+}
+
 service LoginService {
   rpc login(LoginRequest) returns (NextAuthFlowResponse);
   rpc emailCode(EmailCodeRequest) returns (NextAuthFlowResponse);
+  rpc emailResend(EmailResendRequest) returns (EmailResendResponse);
 }
diff --git a/server/src/main/java/com/soulfiremc/server/grpc/LoginServiceImpl.java b/server/src/main/java/com/soulfiremc/server/grpc/LoginServiceImpl.java
@@ -19,10 +19,7 @@
 
 import com.github.benmanes.caffeine.cache.Cache;
 import com.github.benmanes.caffeine.cache.Caffeine;
-import com.soulfiremc.grpc.generated.EmailCodeRequest;
-import com.soulfiremc.grpc.generated.LoginRequest;
-import com.soulfiremc.grpc.generated.LoginServiceGrpc;
-import com.soulfiremc.grpc.generated.NextAuthFlowResponse;
+import com.soulfiremc.grpc.generated.*;
 import com.soulfiremc.server.SoulFireServer;
 import com.soulfiremc.server.database.UserEntity;
 import io.grpc.Status;
@@ -63,7 +60,7 @@ public void login(LoginRequest request, StreamObserver<NextAuthFlowResponse> res
       // we always return a flow token, even if the email is not registered
       if (user != null) {
         var emailCode = generateSixDigitCode();
-        authFlows.put(authFlowToken, new EmailFlowStage(user.id(), emailCode));
+        authFlows.put(authFlowToken, new EmailFlowStage(user.id(), request.getEmail(), emailCode));
         soulFireServer.emailSender().sendLoginCode(user.email(), user.username(), emailCode);
       }
 
@@ -85,7 +82,7 @@ public void emailCode(EmailCodeRequest request, StreamObserver<NextAuthFlowRespo
       var flowStage = authFlows.getIfPresent(authFlowToken);
       // Not present also returns invalid code
       // This way we prevent bruteforce attacks
-      if (!(flowStage instanceof EmailFlowStage(var userId, var code))
+      if (!(flowStage instanceof EmailFlowStage(var userId, var ignored, var code))
         || !code.equals(request.getCode())) {
         responseObserver.onNext(NextAuthFlowResponse.newBuilder()
           .setAuthFlowToken(authFlowToken.toString())
@@ -111,9 +108,28 @@ public void emailCode(EmailCodeRequest request, StreamObserver<NextAuthFlowRespo
     }
   }
 
+  @Override
+  public void emailResend(EmailResendRequest request, StreamObserver<EmailResendResponse> responseObserver) {
+    try {
+      var authFlowToken = UUID.fromString(request.getAuthFlowToken());
+      var flowStage = authFlows.getIfPresent(authFlowToken);
+      if (flowStage instanceof EmailFlowStage(var userId, var email, var code)) {
+        soulFireServer.emailSender().sendLoginCode(email, soulFireServer.authSystem().getUserData(userId).orElseThrow().username(), code);
+      }
+
+      responseObserver.onNext(EmailResendResponse.newBuilder()
+        .setAuthFlowToken(authFlowToken.toString())
+        .build());
+      responseObserver.onCompleted();
+    } catch (Throwable t) {
+      log.error("Error resending email code", t);
+      throw new StatusRuntimeException(Status.INTERNAL.withDescription(t.getMessage()).withCause(t));
+    }
+  }
+
   private interface FlowStage {
   }
 
-  private record EmailFlowStage(UUID userId, String code) implements FlowStage {
+  private record EmailFlowStage(UUID userId, String email, String code) implements FlowStage {
   }
 }
