add email verification actions

components/pages/inspector/AccountActions.tsx

@@ -11,6 +11,7 @@ import {
   disableAccount,
   queueAccountDeletion,
   restoreAccount,
+  verifyAccountEmail,
 } from "@/lib/actions";
 import dayjs from "dayjs";
 
@@ -86,6 +87,56 @@ export function AccountActions({
           </AlertDialogFooter>
         </AlertDialogContent>
       </AlertDialog>
+      
+      <AlertDialog>
+        <AlertDialogTrigger asChild>
+          <Button
+            className="flex-1"
+            disabled={accountDraft.verification.status == "Verified"}
+          >
+            {accountDraft.verification.status == "Verified" ? "Email is verified" : "Verify email"}
+          </Button>
+        </AlertDialogTrigger>
+        <AlertDialogContent>
+          <AlertDialogHeader>
+            <AlertDialogTitle>
+              Mark Email as verified
+            </AlertDialogTitle>
+            <AlertDialogDescription>
+              Verification status is currently {accountDraft.verification.status}.
+            </AlertDialogDescription>
+          </AlertDialogHeader>
+          <AlertDialogFooter>
+            <AlertDialogCancel>Cancel</AlertDialogCancel>
+            <AlertDialogAction
+              onClick={async () => {
+                try {
+                  await verifyAccountEmail(account._id);
+                  toast({ title: "Verified email" });
+                  setAccountDraft({ ...accountDraft, verification: { status: "Verified" } });
+                } catch(e) {
+                  toast({
+                    title: "Failed to verify",
+                    description: String(e),
+                    variant: "destructive",
+                  })
+                }
+              }}
+            >
+              Mark verified
+            </AlertDialogAction>
+            <AlertDialogAction
+              disabled={!(accountDraft.verification.status != "Verified" && accountDraft.verification.token)}
+              onClick={() => {
+                navigator.clipboard.writeText(`https://app.revolt.chat/login/verify/${(accountDraft.verification as any).token}`);
+                toast({ title: "Copied verification link" })
+              }}
+            >
+              Copy link
+            </AlertDialogAction>
+          </AlertDialogFooter>
+        </AlertDialogContent>
+      </AlertDialog>
 
       <AlertDialog>
         <AlertDialogTrigger asChild>

lib/actions.ts

@@ -5,6 +5,7 @@ import { PLATFORM_MOD_ID, RESTRICT_ACCESS_LIST } from "./constants";
 import mongo, {
   Account,
   createDM,
+  fetchAccountById,
   fetchChannels,
   fetchMembershipsByUser,
   fetchMessages,
@@ -211,6 +212,35 @@ export async function changeAccountEmail(userId: string, email: string) {
     )
 }
 
+export async function verifyAccountEmail(userId: string) {
+  if (RESTRICT_ACCESS_LIST.includes(userId)) throw "restricted access";
+  await checkPermission("accounts/update/email", userId);
+
+  const account = await fetchAccountById(userId);
+
+  if (!account) throw new Error("couldn't find account");
+  if (account.verification.status == "Verified") throw new Error("already verified");
+
+  let email = account.email;
+  if (account.verification.status == "Moving") {
+    email = account.verification.new_email;
+  }
+
+  await mongo()
+    .db("revolt")
+    .collection<Account>("accounts")
+    .updateOne(
+      { _id: userId },
+      {
+        $set: {
+          email: email,
+          email_normalised: email, // <-- should be fine but someone should fix this in the future
+          verification: { status: "Verified" },
+        }
+      }
+    )
+}
+
 export async function suspendUser(userId: string) {
   if (RESTRICT_ACCESS_LIST.includes(userId)) throw "restricted access";