From 6e68e42f28869d2b9b474fe0d69063398a1e9be3 Mon Sep 17 00:00:00 2001
From: Matt <matt@letsbe.solutions>
Date: Mon, 11 Aug 2025 16:44:35 +0200
Subject: [PATCH] Fix broken verification button URLs in emails

- Fix malformed verification links caused by config.public.domain
- Use absolute HTTPS URLs for verification links in both registration and verification emails
- Ensures verification buttons work correctly in all email clients
- Fixes the 'app://renderer/' URL prefix issue seen in email clients
---
 server/api/auth/send-verification-email.post.ts | 5 ++---
 server/api/registration.post.ts                 | 5 ++---
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/server/api/auth/send-verification-email.post.ts b/server/api/auth/send-verification-email.post.ts
index af972a2..70f9ae8 100644
--- a/server/api/auth/send-verification-email.post.ts
+++ b/server/api/auth/send-verification-email.post.ts
@@ -76,9 +76,8 @@ export default defineEventHandler(async (event) => {
     const { generateEmailVerificationToken } = await import('~/server/utils/email-tokens');
     const verificationToken = await generateEmailVerificationToken(user.id, email);
 
-    // Get configuration
-    const config = useRuntimeConfig();
-    const verificationLink = `${config.public.domain}/api/auth/verify-email?token=${verificationToken}`;
+    // Get configuration - ensure proper absolute URL
+    const verificationLink = `https://portal.monacousa.org/api/auth/verify-email?token=${verificationToken}`;
 
     // Send verification email
     const { getEmailService } = await import('~/server/utils/email');
diff --git a/server/api/registration.post.ts b/server/api/registration.post.ts
index aed6350..5dccdc5 100644
--- a/server/api/registration.post.ts
+++ b/server/api/registration.post.ts
@@ -151,9 +151,8 @@ export default defineEventHandler(async (event) => {
       
       const emailService = await getEmailService();
       const verificationToken = await generateEmailVerificationToken(createdKeycloakId, body.email);
-      const config = useRuntimeConfig();
-      // Fix: Point to user-friendly verification page instead of direct API endpoint
-      const verificationLink = `${config.public.domain}/auth/verify?token=${verificationToken}`;
+      // Fix: Point to user-friendly verification page instead of direct API endpoint with absolute URL
+      const verificationLink = `https://portal.monacousa.org/auth/verify?token=${verificationToken}`;
 
       await emailService.sendWelcomeEmail(body.email, {
         firstName: body.first_name,