feat: Add verification to AccountStore

src/identity/interaction/email-password/storage/AccountStore.ts

@@ -19,6 +19,14 @@ export interface AccountStore {
    */
   create: (email: string, webId: string, password: string) => Promise<void>;
 
+  /**
+   * Verifies the account creation. This can be used with, for example, e-mail verification.
+   * The account can only be used after it is verified.
+   * In case verification is not required, this should be called immediately after the `create` call.
+   * @param email - the account email
+   */
+  verify: (email: string) => Promise<void>;
+
   /**
    * Changes the password
    * @param email - the user's email

src/identity/interaction/email-password/storage/BaseAccountStore.ts

@@ -11,6 +11,7 @@ export interface AccountPayload {
   webId: string;
   email: string;
   password: string;
+  verified: boolean;
 }
 
 /**
@@ -72,6 +73,7 @@ export class BaseAccountStore implements AccountStore {
   public async authenticate(email: string, password: string): Promise<string> {
     const { account } = await this.getAccountPayload(email);
     assert(account, 'No account by that email');
+    assert(account.verified, 'Account still needs to be verified');
     assert(await compare(password, account.password), 'Incorrect password');
     return account.webId;
   }
@@ -83,10 +85,18 @@ export class BaseAccountStore implements AccountStore {
       email,
       webId,
       password: await hash(password, this.saltRounds),
+      verified: false,
     };
     await this.storage.set(key, payload);
   }
 
+  public async verify(email: string): Promise<void> {
+    const { key, account } = await this.getAccountPayload(email);
+    assert(account, 'Account does not exist');
+    account.verified = true;
+    await this.storage.set(key, account);
+  }
+
   public async changePassword(email: string, password: string): Promise<void> {
     const { key, account } = await this.getAccountPayload(email);
     assert(account, 'Account does not exist');