Add circuit breaker pattern to email verification system

Implement rate limiting and attempt tracking to prevent verification abuse and infinite reload loops. Add temporary blocking with clear user feedback, enhanced error states, and retry logic. Includes new verification state utilities and improved UI components for better user experience during blocked states.
2025-08-10 15:48:11 +02:00
parent c4379f0813
commit 62be77ec34
5 changed files with 816 additions and 57 deletions
--- a/server/api/auth/verify-email.get.ts
+++ b/server/api/auth/verify-email.get.ts
@@ -11,8 +11,8 @@ export default defineEventHandler(async (event) => {

    console.log('[verify-email] Processing verification token...');

-    // Verify the token
-    const { verifyEmailToken } = await import('~/server/utils/email-tokens');
+    // Verify the token WITHOUT consuming it yet
+    const { verifyEmailToken, consumeEmailToken } = await import('~/server/utils/email-tokens');
    const { userId, email } = await verifyEmailToken(token);

    // Update user verification status in Keycloak
@@ -20,6 +20,7 @@ export default defineEventHandler(async (event) => {
    const keycloak = createKeycloakAdminClient();
    
    let partialSuccess = false;
+    let keycloakError = null;

    try {
      await keycloak.updateUserProfile(userId, {
@@ -31,11 +32,25 @@ export default defineEventHandler(async (event) => {

      console.log('[verify-email] Successfully verified user:', userId, 'email:', email);
      
+      // ONLY consume token after successful Keycloak update
+      await consumeEmailToken(token);
+      
    } catch (keycloakError: any) {
      console.error('[verify-email] Keycloak update failed:', keycloakError.message);
-      // Even if Keycloak update fails, consider verification successful if token was valid
-      // This prevents user frustration due to backend issues
-      partialSuccess = true;
+      
+      // Check if this is a retryable error or a permanent failure
+      if (keycloakError.message?.includes('error-user-attribute-required')) {
+        // This is a configuration issue - don't consume token, allow retries
+        console.log('[verify-email] Keycloak configuration error - token preserved for retry');
+        partialSuccess = true;
+        keycloakError = keycloakError.message;
+      } else {
+        // For other errors, still consume token to prevent infinite retries
+        console.log('[verify-email] Consuming token despite Keycloak error to prevent loops');
+        await consumeEmailToken(token);
+        partialSuccess = true;
+        keycloakError = keycloakError.message;
+      }
    }

    // Return JSON response for client-side navigation
@@ -44,7 +59,8 @@ export default defineEventHandler(async (event) => {
      data: {
        userId,
        email,
-        partialSuccess
+        partialSuccess,
+        keycloakError: keycloakError || undefined
      }
    };