Add ability to require e-mail verification

app/routing/middleware/Traps.middleware.js

@@ -58,7 +58,29 @@ class TrapUtility {
 
     allows(route) {
         const config = this.config()
-        return route.startsWith('/assets') || config.allowed_routes.includes(route.toLowerCase().trim())
+        const allowed = route.startsWith('/assets') || config.allowed_routes.includes(route.toLowerCase().trim())
+        if ( allowed ) return true
+
+        for ( const allowed_route of config.allowed_routes ) {
+            console.log('comparing', allowed_route, 'to', route)
+            const allowed_parts = allowed_route.split('/')
+            const parts = route.split('/')
+
+            let matches = true
+            for ( let i = 0; i < allowed_parts.length; i += 1 ) {
+                if ( allowed_parts[i] !== parts[i] && allowed_parts[i] !== '*' ) {
+                    matches = false
+                }
+            }
+
+            if ( matches ) {
+                console.log('allows true')
+                return true
+            }
+        }
+
+        console.log('allows false')
+        return false
     }
 }
 
@@ -68,8 +90,19 @@ class TrapsMiddleware extends Middleware {
     }
 
     async test(req, res, next, args = {}) {
+        const Setting = this.models.get('Setting')
         req.trap = new TrapUtility(req, res, this.configs.get('traps.types'))
 
+        if (
+            !req.trap.has_trap()
+            && req.user
+            && !req.user.email_verified
+            && (await Setting.get('auth.require_email_verify'))
+        ) {
+            req.session.email_verify_flow = req.originalUrl
+            await req.trap.begin('verify_email', { session_only: false })
+        }
+
         if ( !req.trap.has_trap() ) return next()
         else if ( req.trap.allows(req.path) ) return next()
         else return req.trap.redirect()

app/routing/routers/auth/forms.routes.js

@@ -72,6 +72,16 @@ const index = {
             'controller::auth:Forms.finish_registration',
         ],
 
+        '/verify-email': [
+            'middleware::auth:UserOnly',
+            'controller::auth:Forms.show_verify_email',
+        ],
+
+        '/verify-email/sent': [
+            'middleware::auth:UserOnly',
+            'controller::auth:Forms.send_verify_email',
+        ],
+
         '/login-message': [
             'middleware::auth:UserOnly',
             'controller::api:v1:System.show_login_message',