Merge pull request #196 from Hestia-Homes/bug/magic-email-flagged-as-phish

Bug/magic email flagged as phish

src/app/api/auth/[...nextauth]/authOptions.ts

@@ -146,8 +146,8 @@ export const AuthOptions: NextAuthOptions = {
             .where(
               and(
                 eq(accounts.userId, dbUser.id),
-                eq(accounts.provider, account.provider)
-              )
+                eq(accounts.provider, account.provider),
+              ),
             );
 
           const emailVerified =
@@ -157,7 +157,7 @@ export const AuthOptions: NextAuthOptions = {
             // This handles the case where we had not set up accounts but
             // signed up users with oauth
             console.log(
-              `Linking ${account.provider} account for user ${normalisedEmail}`
+              `Linking ${account.provider} account for user ${normalisedEmail}`,
             );
 
             await db

src/app/email_templates/magic_link.ts

@@ -13,7 +13,21 @@ export async function MagicLinksEmail({
   url: string;
   provider: { server: any; from: string };
 }) {
-  const { host } = new URL(url);
+  const parsed = new URL(url);
+  const host = parsed.host;
+
+  const baseUrl = parsed.origin;
+  const logoUrl = `${baseUrl}/domna-email-logo.png`;
+
+  const token = parsed.searchParams.get("token");
+  const email = parsed.searchParams.get("email");
+
+  if (!token || !email) {
+    throw new Error("Magic link token or email missing");
+  }
+
+  // Create a clean login link instead of the NextAuth callback
+  const loginUrl = `${parsed.origin}/login/${token}/${encodeURIComponent(email)}`;
 
   const transport = createTransport(provider.server);
 
@@ -25,9 +39,20 @@ export async function MagicLinksEmail({
   const result = await transport.sendMail({
     to: identifier,
     from: provider.from,
-    subject: "Your secure Ara sign-in link",
-    text: plainText({ url, host }),
-    html: domnaHtml({ url, host, brandColor, accentColor, brown, background }),
+    subject: "Sign in to Ara",
+    text: plainText({ url: loginUrl, host }),
+    html: domnaHtml({
+      url: loginUrl,
+      logoUrl,
+      host,
+      brandColor,
+      accentColor,
+      brown,
+      background,
+    }),
+    headers: {
+      "List-Unsubscribe": `<mailto:${provider.from}>`,
+    },
   });
 
   const failed = result.rejected.filter(Boolean);
@@ -38,6 +63,7 @@ export async function MagicLinksEmail({
 
 function domnaHtml({
   url,
+  logoUrl,
   host,
   brandColor,
   accentColor,
@@ -45,6 +71,7 @@ function domnaHtml({
   background,
 }: {
   url: string;
+  logoUrl: string;
   host: string;
   brandColor: string;
   accentColor: string;
@@ -60,7 +87,7 @@ function domnaHtml({
       <tr>
         <td align="center" style="background: linear-gradient(90deg, ${brandColor}, ${accentColor}); padding: 12px 8px;">
           <img 
-            src="https://145275138.fs1.hubspotusercontent-eu1.net/hubfs/145275138/base_logo_transparent_background.png"
+            src="${logoUrl}"
             alt="Domna Logo"
             width="120"
             height="auto"

src/app/login/[token]/[email]/page.tsx

@@ -0,0 +1,19 @@
+import { redirect } from "next/navigation";
+
+export default async function LoginPage({
+  params,
+}: {
+  params: Promise<{ token: string; email: string }>;
+}) {
+  const { token, email } = await params;
+
+  if (!token || !email) {
+    redirect("/");
+  }
+
+  const decodedEmail = decodeURIComponent(email);
+
+  redirect(
+    `/api/auth/callback/email?token=${token}&email=${encodeURIComponent(decodedEmail)}`,
+  );
+}