bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(api): registration auth, account creation, check-email & email notifications

Browse Source 
- Add POST /public/check-email endpoint with rate limiting (10/min)
- Create user accounts during volunteer registration (new or returning)
- Returning volunteers authenticate with existing password
- Add password validation to VolunteerRegistrationRequest
- Normalize emails to lowercase throughout registration flow
- Handle race condition on duplicate accounts gracefully
- Create RegistrationConfirmationMail, RegistrationApprovedMail, RegistrationRejectedMail
- Wire approval/rejection emails into PersonController
- Add POST persons/{person}/reject endpoint
- Trigger TagSyncService on registration and approval
- Add CheckEmailTest, PersonApprovalEmailTest, extend VolunteerRegistrationTest

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
bert.hausmans
2026-04-13 00:37:04 +02:00
parent 4df82d8358
commit 8435e74fd3
17 changed files with 802 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

91
api/app/Services/VolunteerRegistrationService.php
View File

@@ -5,22 +5,24 @@ declare(strict_types=1);
namespace App\Services;
use App\Enums\PersonStatus;
use App\Mail\RegistrationConfirmationMail;
use App\Models\CrowdType;
use App\Models\Event;
use App\Models\Person;
use App\Models\User;
use App\Models\VolunteerAvailability;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Schema;
use Illuminate\Support\Facades\Mail;
use Illuminate\Validation\ValidationException;
final class VolunteerRegistrationService
{
public function __construct(
private readonly PersonIdentityService $identityService,
private readonly RegistrationFormFieldService $registrationFormFieldService,
private readonly PersonSectionPreferenceService $personSectionPreferenceService,
private readonly TagSyncService $tagSyncService,
) {}
/**
@@ -37,23 +39,28 @@ final class VolunteerRegistrationService
}
$festivalEvent = $this->resolveFestivalEvent($event);
$email = $user?->email ?? $validated['email'];
$email = strtolower($user?->email ?? $validated['email']);
$this->checkDuplicateRegistration($festivalEvent, $email);
// Resolve or create user account for unauthenticated registrations
if ($user === null) {
$user = $this->resolveUserAccount($email, $validated);
}
$volunteerCrowdType = $this->resolveVolunteerCrowdType($event);
return DB::transaction(function () use ($festivalEvent, $validated, $user, $email, $volunteerCrowdType): Person {
$person = DB::transaction(function () use ($festivalEvent, $validated, $user, $email, $volunteerCrowdType): Person {
$person = Person::updateOrCreate(
[
'event_id' => $festivalEvent->id,
'email' => $email,
],
[
'user_id' => $user?->id,
'user_id' => $user->id,
'crowd_type_id' => $volunteerCrowdType->id,
'first_name' => $user?->first_name ?? $validated['first_name'],
'last_name' => $user?->last_name ?? $validated['last_name'],
'first_name' => $validated['first_name'] ?? $user->first_name,
'last_name' => $validated['last_name'] ?? $user->last_name,
'phone' => $validated['phone'] ?? null,
'date_of_birth' => $validated['date_of_birth'] ?? null,
'status' => PersonStatus::PENDING,
@@ -84,11 +91,10 @@ final class VolunteerRegistrationService
);
}
if ($user === null) {
$this->detectIdentityMatch($person);
}
// Trigger tag sync — user_id is always known now
$this->tagSyncService->syncFromRegistration($person);
$source = $user !== null ? 'authenticated_form' : 'public_form';
$source = auth('sanctum')->check() ? 'authenticated_form' : 'public_form';
$activityLogger = activity('volunteer_registration')
->performedOn($person)
@@ -97,16 +103,55 @@ final class VolunteerRegistrationService
'event_id' => $festivalEvent->id,
'person_id' => $person->id,
'email' => $email,
]);
if ($user !== null) {
$activityLogger->causedBy($user);
}
])
->causedBy($user);
$activityLogger->log('person.registered');
return $person;
});
// Send confirmation email (queued, outside transaction)
Mail::to($person->email)->queue(new RegistrationConfirmationMail($person, $festivalEvent));
return $person;
}
/**
* Resolve or create user account for the registering email.
*
* @param array<string, mixed> $validated
*
* @throws ValidationException
*/
private function resolveUserAccount(string $email, array $validated): User
{
$existingUser = User::where('email', $email)->first();
if ($existingUser !== null) {
// Returning volunteer: authenticate with provided password
if (!Hash::check($validated['password'], $existingUser->password)) {
throw ValidationException::withMessages([
'password' => ['Wachtwoord onjuist.'],
]);
}
return $existingUser;
}
// New volunteer: create user account
try {
return User::create([
'first_name' => $validated['first_name'],
'last_name' => $validated['last_name'],
'email' => $email,
'password' => Hash::make($validated['password']),
]);
} catch (\Illuminate\Database\UniqueConstraintViolationException) {
throw ValidationException::withMessages([
'email' => ['Dit emailadres heeft al een account. Gebruik je bestaande wachtwoord.'],
]);
}
}
private function resolveFestivalEvent(Event $event): Event
@@ -188,18 +233,4 @@ final class VolunteerRegistrationService
]);
}
}
private function detectIdentityMatch(Person $person): void
{
if (! Schema::hasTable('person_identity_matches')) {
activity('volunteer_registration')
->performedOn($person)
->withProperties(['email' => $person->email])
->log('person.identity_match_skipped_table_missing');
return;
}
$this->identityService->detectMatchForPerson($person);
}
}