resume verify if timeout

Author: shihjay2

components/magicLink/login.tsx

@@ -51,19 +51,30 @@ export default function Login({ challenge, clinical=false, authonly=false, clien
     if (client !== '') {
       setClientExist(true)
     }
+    if (localStorage.getItem('email') !== null) {
+      setEmailValue(localStorage.getItem('email') || '');
+      createPassKey();
+    }
   }, [client]);
 
   const createPassKey = async () => {
     if (email !== '') {
       if (validate(email)) {
         // Check if user has an account
-        setIsChecking(true)
+        localStorage.setItem('email', email);
+        setIsChecking(true);
         const isRegistered = await fetch("/api/couchdb/patients/" + email,
           { method: "GET", headers: {"Content-Type": "application/json"} })
           .then((res) => res.json()).then((json) => json._id);
-        const nonce = await fetch("/api/auth/create",
-          { method: "PUT", headers: {"Content-Type": "application/json"}, body: JSON.stringify({email: email} )})
-        .then((res) => res.json()).then((json) => json.nonce);
+        let nonce = '';
+        if (localStorage.getItem('nonce') === null || localStorage.getItem('nonce') === '') {
+          nonce = await fetch("/api/auth/create",
+            { method: "PUT", headers: {"Content-Type": "application/json"}, body: JSON.stringify({email: email} )})
+          .then((res) => res.json()).then((json) => json.nonce);
+          localStorage.setItem('nonce', nonce);
+        } else {
+          nonce = localStorage.getItem('nonce') || '';
+        }
         let check = false;
         let proceed = false;
         let timer = 0;
@@ -83,6 +94,8 @@ export default function Login({ challenge, clinical=false, authonly=false, clien
           }
         }
         if (proceed) {
+          localStorage.removeItem('email');
+          localStorage.removeItem('nonce');
           await fetch("/api/magicLink/login", 
             { method: "POST", headers: {"Content-Type": "application/json"}, body: JSON.stringify({email: email}) });
           if (isRegistered === undefined) {

pages/api/as/notify.ts

@@ -25,7 +25,6 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
       }
       if (proceed) {
         const access = req.body.access.join(', ');
-        console.log(access)
         const message = req.body.from + ' (' + req.body.from_email + ') has invited you to <b>' + access + '</b> the following health record:';
         const htmlContent = fs.readFileSync(path.join(process.cwd(), 'public', 'email.html'), 'utf-8');
         const htmlFinal = htmlContent.replace(/[\r\n]+/gm, '')

pages/api/as/sendmail.ts

@@ -0,0 +1,74 @@
+import { NextApiRequest, NextApiResponse } from 'next';
+import NextCors from 'nextjs-cors';
+import verifySig from '../../../lib/verifySig';
+import verifyJWT from '../../../lib/verifyJWT';
+import objectPath from 'object-path';
+import fs from 'fs';
+import path from 'path';
+
+const domain: string = process.env.DOMAIN !== undefined ? process.env.DOMAIN: '';
+
+async function handler(req: NextApiRequest, res: NextApiResponse) {
+  await NextCors(req, res, {
+    methods: ["POST"],
+    origin: '*',
+    optionsSuccessStatus: 200
+  });
+  // const body = {
+  //   to: '[email protected]',
+  //   from: '',
+  //   from_email: '[email protected]',
+  //   subject: '',
+  //   title: '',
+  //   previewtext: '',
+  //   paragraphtext: '',
+  //   paragraphtext2: '',
+  //   link: 'https://example.com',
+  //   buttonstyle: 'display:block' || 'display:none',
+  //   buttontext: ''
+  // }
+  if (await verifySig(req)) {
+    if (objectPath.has(req, 'body.to')) {
+      let proceed = false;
+      if (req.headers['authorization'] !== undefined) {
+        const jwt = req.headers['authorization'].split(' ')[1];
+        if (await verifyJWT(jwt, objectPath.get(req, 'body.from_email'))) {
+          proceed = true;
+        }
+      }
+      if (proceed) {
+        const htmlContent = fs.readFileSync(path.join(process.cwd(), 'public', 'email.html'), 'utf-8');
+        const htmlFinal = htmlContent.replace(/[\r\n]+/gm, '')
+          .replace('@title', req.body.title)
+          .replace('@previewtext', req.body.previewtext)
+          .replace('@paragraphtext', req.body.paragraphtext)
+          .replace('@2paragraphtext', req.body.paragraphtext2)
+          .replaceAll('@link', req.body.link)
+          .replace('@buttonstyle', req.body.buttonstyle)
+          .replace('@buttontext', req.body.buttontext);
+        const sendmail = await fetch(domain + "/api/sendmail", {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+          },
+          body: JSON.stringify({
+            email: req.body.to,
+            subject: req.body.subject,
+            html: htmlFinal,
+          })
+        });
+        const { error } = await sendmail.json();
+        if (error) { 
+          console.log(error); 
+        }
+        res.status(200).json({success: true});
+      } else {
+        res.status(401).send('Unauthorized - verify JWT failed');
+      }
+    }
+  } else {
+    res.status(401).send('Unauthorized - verify signature failed');
+  }
+}
+
+export default handler;