Prodexa implements TWO INDEPENDENT verification systems that serve different purposes.
Like Facebook's email verification - confirms the user owns the email address they signed up with.
- Backend Field:
emailVerified(boolean) - Frontend State:
isVerified(in AuthContext) - Sync:
isVerifiedis automatically synced withuser.emailVerified
- User signs up with email
- Goes to Edit Profile page
- Clicks "Verify Email" button
- System sends OTP to email via
POST /users/mail-verification/request - User enters OTP
- System verifies OTP via
POST /users/mail-verification/verify emailVerifiedbecomestrue
- Request OTP:
POST /users/mail-verification/request - Verify OTP:
POST /users/mail-verification/verify
- Edit Profile: First verification card shows email verification status
- No badge displayed for email verification
Verification badge for influencers, famous people, or important users - shows they are who they claim to be.
- Backend Field:
verifiedAccount(boolean) - Frontend State:
accountVerified(in AuthContext) - Sync:
accountVerifiedis automatically synced withuser.verifiedAccount
- User goes to Edit Profile page
- Clicks "Request Verification" button
- System submits request via
POST /users/verification-request/request - Admin reviews and approves (backend process)
verifiedAccountbecomestrue- Blue verification badge appears next to user's name throughout the app
- Request Verification:
POST /users/verification-request/request - Revoke Request:
POST /users/verification-request/revoke
- Edit Profile: Second verification card shows account verification status
- Profile Page: Blue badge next to display name when verified
- Sidebar: Blue badge next to username in footer when verified
- Other locations: Badge can appear anywhere user's name is displayed
The VerificationBadge component displays a blue checkmark badge for verified accounts.
{
isVerified: false, // Email verification
accountVerified: false, // Account/influencer verification
user: {
emailVerified: false, // Synced with isVerified
verifiedAccount: false // Synced with accountVerified
}
}Both verification states are automatically synchronized whenever:
- User logs in (
login()) - User signs up (
submitSignup()) - User data is fetched (
getMe()) - User data is updated (
UPDATE_USERaction)
The Edit Profile page displays TWO separate verification cards:
-
Email Verification Card
- Shows current email verification status
- Button: "Verify Email" (if not verified)
- Uses OTP flow
-
Account Verification Card (below email card)
- Shows current account verification status
- Button: "Request Verification" (if not verified)
- Button: "Revoke Request" (if verification requested but not approved)
- Shows blue verification badge when verified
| Feature | Email Verification | Account Verification |
|---|---|---|
| Purpose | Confirm email ownership | Verify identity/importance |
| Process | OTP via email | Admin approval |
| Badge | No | Yes (blue checkmark) |
| Field | emailVerified / isVerified |
verifiedAccount / accountVerified |
| Requirements | Valid email | Special status |
| UI | Card in Edit Profile | Card in Edit Profile + Badge everywhere |
-
Independence: These two systems are completely independent - a user can have:
- Email verified but not account verified
- Account verified but not email verified (unusual but possible)
- Both verified
- Neither verified
-
Naming Convention:
- Backend uses:
emailVerifiedandverifiedAccount - Frontend uses:
isVerified(email) andaccountVerified(badge)
- Backend uses:
-
Badge Display: Only
accountVerifiedshows the blue badge - email verification does NOT show any badge. -
Sync Logic: Both states are kept in sync across the entire app automatically through the AuthContext reducer.