From d83127a26563e833e74511859073dc7c08b8690a Mon Sep 17 00:00:00 2001
From: Azalea <22280294+hykilpikonna@users.noreply.github.com>
Date: Wed, 21 Feb 2024 00:02:58 -0500
Subject: [PATCH] [+] Check email confirmation on login

---
 .../icu/samnyan/aqua/net/UserRegistrar.kt     | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/src/main/java/icu/samnyan/aqua/net/UserRegistrar.kt b/src/main/java/icu/samnyan/aqua/net/UserRegistrar.kt
index 279b1079..06af4dcb 100644
--- a/src/main/java/icu/samnyan/aqua/net/UserRegistrar.kt
+++ b/src/main/java/icu/samnyan/aqua/net/UserRegistrar.kt
@@ -102,6 +102,26 @@ class UserRegistrar(
             ?: (400 - "User not found")
         if (!hasher.matches(password, user.pwHash)) 400 - "Invalid password"
 
+        // Check if email is verified
+        if (!user.emailConfirmed) {
+            // Check if last confirmation email was sent within a minute
+            val confirmations = async { confirmationRepo.findByAquaNetUserAuId(user.auId) }
+            val lastConfirmation = confirmations.maxByOrNull { it.createdAt }
+
+            if (lastConfirmation?.createdAt?.plusSeconds(60)?.isAfter(Instant.now()) == true) {
+                400 - "Email not verified - STATE_0"
+            }
+
+            // Check if we have sent more than 3 confirmation emails in the last 24 hours
+            if (confirmations.count { it.createdAt.plusSeconds(60 * 60 * 24).isAfter(Instant.now()) } > 3) {
+                400 - "Email not verified - STATE_1"
+            }
+
+            // Send another confirmation email
+            emailService.sendConfirmation(user)
+            400 - "Email not verified - STATE_2"
+        }
+
         // Generate JWT token
         val token = jwt.gen(user)