feat: store verified status in dataroom session object

2025-12-20 01:03:24 +08:00 · 2025-06-29 12:22:05 +02:00
parent 815b6097f0
commit 72c61a6c60
2 changed files with 15 additions and 2 deletions
--- a/app/api/views-dataroom/route.ts
+++ b/app/api/views-dataroom/route.ts
@@ -5,6 +5,7 @@ import { authOptions } from "@/pages/api/auth/[...nextauth]";
 import { ItemType, LinkAudienceType } from "@prisma/client";
 import { ipAddress, waitUntil } from "@vercel/functions";
 import { getServerSession } from "next-auth";
+
 import { hashToken } from "@/lib/api/auth/token";
 import {
  DataroomSession,
@@ -209,6 +210,11 @@ export async function POST(request: NextRequest) {
        linkId,
        link.dataroomId!,
      );
+
+      // If we have a dataroom session, use its verified status
+      if (dataroomSession) {
+        isEmailVerified = dataroomSession.verified;
+      }
    }

    // If there is no session, then we need to check if the link is protected and enforce the checks
@@ -564,6 +570,8 @@ export async function POST(request: NextRequest) {
          where: { id: viewer.id },
          data: { verified: isEmailVerified },
        });
+        // Update the viewer object to reflect the new verified status
+        viewer.verified = isEmailVerified;
      }
    }

@@ -661,6 +669,7 @@ export async function POST(request: NextRequest) {
            linkId,
            newDataroomView?.id!,
            ipAddress(request) ?? LOCALHOST_IP,
+            isEmailVerified,
            viewer?.id,
          );

@@ -907,7 +916,7 @@ export async function POST(request: NextRequest) {
            ? documentVersion.file
            : undefined,
        pages: documentPages ? documentPages : undefined,
-        notionData: undefined, 
+        notionData: undefined,
        sheetData:
          documentVersion &&
          documentVersion.type === "sheet" &&
@@ -945,13 +954,14 @@ export async function POST(request: NextRequest) {

      const response = NextResponse.json(returnObject, { status: 200 });

-      // Create a dataroom session token if a dataroom session doesn't exist yet// Create a dataroom session token if a dataroom session doesn't exist yet
+      // Create a dataroom session token if a dataroom session doesn't exist yet
      if (!dataroomSession && !isPreview) {
        const newDataroomSession = await createDataroomSession(
          dataroomId,
          linkId,
          dataroomView?.id!,
          ipAddress(request) ?? LOCALHOST_IP,
+          isEmailVerified,
          viewer?.id,
        );

--- a/lib/auth/dataroom-auth.ts
+++ b/lib/auth/dataroom-auth.ts
@@ -22,6 +22,7 @@ export const DataroomSessionSchema = z.object({
  viewerId: z.string().optional(),
  expiresAt: z.number(),
  ipAddress: z.string(),
+  verified: z.boolean(),
 });

 // Generate TypeScript type from Zod schema
@@ -32,6 +33,7 @@ async function createDataroomSession(
  linkId: string,
  viewId: string,
  ipAddress: string,
+  verified: boolean,
  viewerId?: string,
 ): Promise<{ token: string; expiresAt: number }> {
  const sessionToken = crypto.randomBytes(32).toString("hex");
@@ -44,6 +46,7 @@ async function createDataroomSession(
    viewerId,
    expiresAt,
    ipAddress,
+    verified,
  };

  // Validate session data before storing