generateEmailVerificationToken static method

Implementation

static Future<String?> generateEmailVerificationToken(String email) async {
  final qb = QueryBuilder(table: config.table);
  final user = await qb.where(config.emailColumn, '=', email).first();

  if (user == null) {
    return null; // Don't reveal if user exists
  }
  await ensureFrameworkTablesExist();

  // Check if already verified
  if (user['email_verified_at'] != null) {
    throw AuthException('Email already verified');
  }

  // Generate verification token
  final token = Hashing()
      .hash('${DateTime.now().millisecondsSinceEpoch}${email}verify');
  final tokenHash = Hashing().hash(token);

  // Store token in database with expiry (24 hours)
  final expiresAt = DateTime.now().add(Duration(hours: 24)).toIso8601String();

  await QueryBuilder(table: 'email_verification_tokens').insert({
    'email': email,
    'token': tokenHash,
    'expires_at': expiresAt,
    'created_at': DateTime.now().toIso8601String(),
  });

  return token;
}