resend verification mail

src/models/users.rs

@@ -13,6 +13,9 @@ pub use crate::models::_entities::users::{self, ActiveModel, Entity, Model};
 pub const MAGIC_LINK_LENGTH: i8 = 32;
 pub const MAGIC_LINK_EXPIRATION_MIN: i8 = 5;
 
+/// Minimum gap between verification-email resends for one account, in seconds.
+pub const VERIFICATION_RESEND_COOLDOWN_SECS: i64 = 60;
+
 #[derive(Debug, Deserialize, Serialize)]
 pub struct LoginParams {
     pub email: String,
@@ -238,6 +241,22 @@ impl Model {
         self.account_type == "company"
     }
 
+    /// Seconds the user must still wait before another verification email may be
+    /// sent — 0 means a resend is allowed now. Throttling resends off the last
+    /// `email_verification_sent_at` keeps the endpoint from being an easy way to
+    /// spam someone's inbox.
+    #[must_use]
+    pub fn verification_resend_wait_secs(&self) -> i64 {
+        match self.email_verification_sent_at {
+            Some(sent) => {
+                let elapsed =
+                    (chrono::Utc::now() - sent.with_timezone(&chrono::Utc)).num_seconds();
+                (VERIFICATION_RESEND_COOLDOWN_SECS - elapsed).max(0)
+            }
+            None => 0,
+        }
+    }
+
     /// Asynchronously creates a user with a password and saves it to the
     /// database.
     ///