Rip out the email verification codes

This considers all user_emails as confirmed, and removes the verification code.
It will be replaced by a new email authentication code flow

Author: sandhose

crates/cli/src/commands/manage.rs

@@ -65,7 +65,7 @@ enum Subcommand {
     /// Add an email address to the specified user
     AddEmail { username: String, email: String },
 
-    /// Mark email address as verified
+    /// [DEPRECATED] Mark email address as verified
     VerifyEmail { username: String, email: String },
 
     /// Set a user password
@@ -252,10 +252,8 @@ impl Options {
                         .await?
                 };
 
-                let email = repo.user_email().mark_as_verified(&clock, email).await?;
-
                 repo.into_inner().commit().await?;
-                info!(?email, "Email added and marked as verified");
+                info!(?email, "Email added");
 
                 Ok(ExitCode::SUCCESS)
             }
@@ -268,26 +266,7 @@ impl Options {
                 )
                 .entered();
 
-                let database_config = DatabaseConfig::extract_or_default(figment)?;
-                let mut conn = database_connection_from_config(&database_config).await?;
-                let txn = conn.begin().await?;
-                let mut repo = PgRepository::from_conn(txn);
-
-                let user = repo
-                    .user()
-                    .find_by_username(&username)
-                    .await?
-                    .context("User not found")?;
-
-                let email = repo
-                    .user_email()
-                    .find(&user, &email)
-                    .await?
-                    .context("Email not found")?;
-                let email = repo.user_email().mark_as_verified(&clock, email).await?;
-
-                repo.into_inner().commit().await?;
-                info!(?email, "Email marked as verified");
+                tracing::warn!("The 'verify-email' command is deprecated and will be removed in a future version. Use 'add-email' instead.");
 
                 Ok(ExitCode::SUCCESS)
             }
@@ -933,13 +912,8 @@ impl UserCreationRequest<'_> {
         }
 
         for email in emails {
-            let user_email = repo
-                .user_email()
-                .add(rng, clock, &user, email.to_string())
-                .await?;
-
             repo.user_email()
-                .mark_as_verified(clock, user_email)
+                .add(rng, clock, &user, email.to_string())
                 .await?;
         }
 

crates/cli/src/sync.rs

@@ -56,17 +56,6 @@ fn map_claims_imports(
             action: map_import_action(config.email.action),
             template: config.email.template.clone(),
         },
-        verify_email: match config.email.set_email_verification {
-            mas_config::UpstreamOAuth2SetEmailVerification::Always => {
-                mas_data_model::UpsreamOAuthProviderSetEmailVerification::Always
-            }
-            mas_config::UpstreamOAuth2SetEmailVerification::Never => {
-                mas_data_model::UpsreamOAuthProviderSetEmailVerification::Never
-            }
-            mas_config::UpstreamOAuth2SetEmailVerification::Import => {
-                mas_data_model::UpsreamOAuthProviderSetEmailVerification::Import
-            }
-        },
         account_name: mas_data_model::UpstreamOAuthProviderSubjectPreference {
             template: config.account_name.template.clone(),
         },

crates/config/src/sections/mod.rs

@@ -52,7 +52,6 @@ pub use self::{
         EmailImportPreference as UpstreamOAuth2EmailImportPreference,
         ImportAction as UpstreamOAuth2ImportAction, PkceMethod as UpstreamOAuth2PkceMethod,
         ResponseMode as UpstreamOAuth2ResponseMode,
-        SetEmailVerification as UpstreamOAuth2SetEmailVerification,
         TokenAuthMethod as UpstreamOAuth2TokenAuthMethod, UpstreamOAuth2Config,
     },
 };

crates/config/src/sections/upstream_oauth2.rs

@@ -180,29 +180,6 @@ impl ImportAction {
     }
 }
 
-/// Should the email address be marked as verified
-#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize, Default, JsonSchema)]
-#[serde(rename_all = "lowercase")]
-pub enum SetEmailVerification {
-    /// Mark the email address as verified
-    Always,
-
-    /// Don't mark the email address as verified
-    Never,
-
-    /// Mark the email address as verified if the upstream provider says it is
-    /// through the `email_verified` claim
-    #[default]
-    Import,
-}
-
-impl SetEmailVerification {
-    #[allow(clippy::trivially_copy_pass_by_ref)]
-    const fn is_default(&self) -> bool {
-        matches!(self, SetEmailVerification::Import)
-    }
-}
-
 /// What should be done for the subject attribute
 #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Default, JsonSchema)]
 pub struct SubjectImportPreference {
@@ -271,17 +248,11 @@ pub struct EmailImportPreference {
     /// If not provided, the default template is `{{ user.email }}`
     #[serde(default, skip_serializing_if = "Option::is_none")]
     pub template: Option<String>,
-
-    /// Should the email address be marked as verified
-    #[serde(default, skip_serializing_if = "SetEmailVerification::is_default")]
-    pub set_email_verification: SetEmailVerification,
 }
 
 impl EmailImportPreference {
     const fn is_default(&self) -> bool {
-        self.action.is_default()
-            && self.template.is_none()
-            && self.set_email_verification.is_default()
+        self.action.is_default() && self.template.is_none()
     }
 }
 

crates/data-model/src/lib.rs

@@ -37,17 +37,17 @@ pub use self::{
         AccessToken, AccessTokenState, RefreshToken, RefreshTokenState, TokenFormatError, TokenType,
     },
     upstream_oauth2::{
-        UpsreamOAuthProviderSetEmailVerification, UpstreamOAuthAuthorizationSession,
-        UpstreamOAuthAuthorizationSessionState, UpstreamOAuthLink, UpstreamOAuthProvider,
-        UpstreamOAuthProviderClaimsImports, UpstreamOAuthProviderDiscoveryMode,
-        UpstreamOAuthProviderImportAction, UpstreamOAuthProviderImportPreference,
-        UpstreamOAuthProviderPkceMode, UpstreamOAuthProviderResponseMode,
-        UpstreamOAuthProviderSubjectPreference, UpstreamOAuthProviderTokenAuthMethod,
+        UpstreamOAuthAuthorizationSession, UpstreamOAuthAuthorizationSessionState,
+        UpstreamOAuthLink, UpstreamOAuthProvider, UpstreamOAuthProviderClaimsImports,
+        UpstreamOAuthProviderDiscoveryMode, UpstreamOAuthProviderImportAction,
+        UpstreamOAuthProviderImportPreference, UpstreamOAuthProviderPkceMode,
+        UpstreamOAuthProviderResponseMode, UpstreamOAuthProviderSubjectPreference,
+        UpstreamOAuthProviderTokenAuthMethod,
     },
     user_agent::{DeviceType, UserAgent},
     users::{
         Authentication, AuthenticationMethod, BrowserSession, Password, User, UserEmail,
-        UserEmailAuthentication, UserEmailAuthenticationCode, UserEmailVerification,
-        UserEmailVerificationState, UserRecoverySession, UserRecoveryTicket,
+        UserEmailAuthentication, UserEmailAuthenticationCode, UserRecoverySession,
+        UserRecoveryTicket,
     },
 };

crates/data-model/src/upstream_oauth2/mod.rs

@@ -17,7 +17,6 @@ pub use self::{
         ImportPreference as UpstreamOAuthProviderImportPreference,
         PkceMode as UpstreamOAuthProviderPkceMode,
         ResponseMode as UpstreamOAuthProviderResponseMode,
-        SetEmailVerification as UpsreamOAuthProviderSetEmailVerification,
         SubjectPreference as UpstreamOAuthProviderSubjectPreference,
         TokenAuthMethod as UpstreamOAuthProviderTokenAuthMethod, UpstreamOAuthProvider,
     },

crates/data-model/src/upstream_oauth2/provider.rs

@@ -263,32 +263,6 @@ impl UpstreamOAuthProvider {
     }
 }
 
-/// Whether to set the email as verified when importing it from the upstream
-#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Default)]
-#[serde(rename_all = "lowercase")]
-pub enum SetEmailVerification {
-    /// Set the email as verified
-    Always,
-
-    /// Never set the email as verified
-    Never,
-
-    /// Set the email as verified if the upstream provider claims it is verified
-    #[default]
-    Import,
-}
-
-impl SetEmailVerification {
-    #[must_use]
-    pub fn should_mark_as_verified(&self, upstream_verified: bool) -> bool {
-        match self {
-            Self::Always => true,
-            Self::Never => false,
-            Self::Import => upstream_verified,
-        }
-    }
-}
-
 #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Default)]
 pub struct ClaimsImports {
     #[serde(default)]
@@ -305,9 +279,6 @@ pub struct ClaimsImports {
 
     #[serde(default)]
     pub account_name: SubjectPreference,
-
-    #[serde(default)]
-    pub verify_email: SetEmailVerification,
 }
 
 // XXX: this should have another name

crates/data-model/src/users.rs

@@ -4,10 +4,10 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 // Please see LICENSE in the repository root for full details.
 
-use std::{net::IpAddr, ops::Deref};
+use std::net::IpAddr;
 
-use chrono::{DateTime, Duration, Utc};
-use rand::{Rng, SeedableRng};
+use chrono::{DateTime, Utc};
+use rand::Rng;
 use serde::Serialize;
 use ulid::Ulid;
 
@@ -171,7 +171,6 @@ pub struct UserEmail {
     pub user_id: Ulid,
     pub email: String,
     pub created_at: DateTime<Utc>,
-    pub confirmed_at: Option<DateTime<Utc>>,
 }
 
 impl UserEmail {
@@ -183,79 +182,13 @@ impl UserEmail {
                 user_id: Ulid::from_datetime_with_source(now.into(), rng),
                 email: "[email protected]".to_owned(),
                 created_at: now,
-                confirmed_at: Some(now),
             },
             Self {
                 id: Ulid::from_datetime_with_source(now.into(), rng),
                 user_id: Ulid::from_datetime_with_source(now.into(), rng),
                 email: "[email protected]".to_owned(),
                 created_at: now,
-                confirmed_at: None,
             },
         ]
     }
 }
-
-#[derive(Debug, Clone, PartialEq, Eq, Serialize)]
-pub enum UserEmailVerificationState {
-    AlreadyUsed { when: DateTime<Utc> },
-    Expired { when: DateTime<Utc> },
-    Valid,
-}
-
-impl UserEmailVerificationState {
-    #[must_use]
-    pub fn is_valid(&self) -> bool {
-        matches!(self, Self::Valid)
-    }
-}
-
-#[derive(Debug, Clone, PartialEq, Eq, Serialize)]
-pub struct UserEmailVerification {
-    pub id: Ulid,
-    pub user_email_id: Ulid,
-    pub code: String,
-    pub created_at: DateTime<Utc>,
-    pub state: UserEmailVerificationState,
-}
-
-impl Deref for UserEmailVerification {
-    type Target = UserEmailVerificationState;
-
-    fn deref(&self) -> &Self::Target {
-        &self.state
-    }
-}
-
-impl UserEmailVerification {
-    #[doc(hidden)]
-    #[must_use]
-    pub fn samples(now: chrono::DateTime<Utc>, rng: &mut impl Rng) -> Vec<Self> {
-        let states = [
-            UserEmailVerificationState::AlreadyUsed {
-                when: now - Duration::microseconds(5 * 60 * 1000 * 1000),
-            },
-            UserEmailVerificationState::Expired {
-                when: now - Duration::microseconds(5 * 60 * 1000 * 1000),
-            },
-            UserEmailVerificationState::Valid,
-        ];
-
-        states
-            .into_iter()
-            .flat_map(move |state| {
-                let mut rng =
-                    rand_chacha::ChaChaRng::from_rng(&mut *rng).expect("could not seed rng");
-                UserEmail::samples(now, &mut rng)
-                    .into_iter()
-                    .map(move |email| Self {
-                        id: Ulid::from_datetime_with_source(now.into(), &mut rng),
-                        user_email_id: email.id,
-                        code: "123456".to_owned(),
-                        created_at: now - Duration::microseconds(10 * 60 * 1000 * 1000),
-                        state: state.clone(),
-                    })
-            })
-            .collect()
-    }
-}

crates/email/src/mailer.rs

@@ -111,8 +111,6 @@ impl Mailer {
             email.to = %to,
             email.language = %context.language(),
             user.id = %context.user().id,
-            user_email_verification.id = %context.verification().id,
-            user_email_verification.code = context.verification().code,
         ),
         err,
     )]

crates/handlers/src/graphql/model/users.rs

@@ -323,7 +323,11 @@ impl User {
         &self,
         ctx: &Context<'_>,
 
-        #[graphql(name = "state", desc = "List only emails in the given state.")]
+        #[graphql(
+            deprecation = "Emails are always confirmed, and have only one state",
+            name = "state",
+            desc = "List only emails in the given state."
+        )]
         state_param: Option<UserEmailState>,
 
         #[graphql(desc = "Returns the elements in the list that come after the cursor.")]
@@ -335,6 +339,7 @@ impl User {
     ) -> Result<Connection<Cursor, UserEmail, PreloadedTotalCount>, async_graphql::Error> {
         let state = ctx.state();
         let mut repo = state.repository().await?;
+        let _ = state_param;
 
         query(
             after,
@@ -352,12 +357,6 @@ impl User {
 
                 let filter = UserEmailFilter::new().for_user(&self.0);
 
-                let filter = match state_param {
-                    Some(UserEmailState::Pending) => filter.pending_only(),
-                    Some(UserEmailState::Confirmed) => filter.verified_only(),
-                    None => filter,
-                };
-
                 let page = repo.user_email().list(filter, pagination).await?;
 
                 // Preload the total count if requested
@@ -738,8 +737,9 @@ impl UserEmail {
 
     /// When the email address was confirmed. Is `null` if the email was never
     /// verified by the user.
+    #[graphql(deprecation = "Emails are always confirmed now.")]
     async fn confirmed_at(&self) -> Option<DateTime<Utc>> {
-        self.0.confirmed_at
+        Some(self.0.created_at)
     }
 }