From 20ee00df4936fd9eac3a34472513f54630aae599 Mon Sep 17 00:00:00 2001
From: Elias Schneider <login@eliasschneider.com>
Date: Sat, 10 Jan 2026 23:53:38 +0100
Subject: [PATCH] pr feedback

---
 backend/internal/dto/user_dto.go                      |  2 +-
 .../postgres/20260109090200_email_verification.up.sql |  2 +-
 frontend/src/lib/services/user-service.ts             |  6 +++---
 frontend/src/lib/types/user.type.ts                   |  2 ++
 frontend/src/lib/utils/redirection-util.ts            |  2 ++
 frontend/src/routes/settings/account/+page.svelte     |  4 ++--
 .../src/routes/settings/account/account-form.svelte   | 11 ++++-------
 .../src/routes/settings/admin/users/user-form.svelte  |  2 +-
 8 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/backend/internal/dto/user_dto.go b/backend/internal/dto/user_dto.go
index 87761d06..90e457ff 100644
--- a/backend/internal/dto/user_dto.go
+++ b/backend/internal/dto/user_dto.go
@@ -9,7 +9,7 @@ import (
 type UserDto struct {
 	ID            string                `json:"id"`
 	Username      string                `json:"username"`
-	Email         *string               `json:"email" `
+	Email         *string               `json:"email"`
 	EmailVerified bool                  `json:"emailVerified"`
 	FirstName     string                `json:"firstName"`
 	LastName      *string               `json:"lastName"`
diff --git a/backend/resources/migrations/postgres/20260109090200_email_verification.up.sql b/backend/resources/migrations/postgres/20260109090200_email_verification.up.sql
index 2f27759b..66e1222d 100644
--- a/backend/resources/migrations/postgres/20260109090200_email_verification.up.sql
+++ b/backend/resources/migrations/postgres/20260109090200_email_verification.up.sql
@@ -1,6 +1,6 @@
 CREATE TABLE email_verification_tokens
 (
-    id         TEXT UUID KEY,
+    id         UUID PRIMARY KEY,
     created_at TIMESTAMPTZ NOT NULL,
     token      TEXT        NOT NULL UNIQUE,
     expires_at TIMESTAMPTZ NOT NULL,
diff --git a/frontend/src/lib/services/user-service.ts b/frontend/src/lib/services/user-service.ts
index 9cbaeeed..e577d513 100644
--- a/frontend/src/lib/services/user-service.ts
+++ b/frontend/src/lib/services/user-service.ts
@@ -2,7 +2,7 @@ import userStore from '$lib/stores/user-store';
 import type { ListRequestOptions, Paginated } from '$lib/types/list-request.type';
 import type { SignupToken } from '$lib/types/signup-token.type';
 import type { UserGroup } from '$lib/types/user-group.type';
-import type { User, UserCreate, UserSignUp } from '$lib/types/user.type';
+import type { AccountUpdate, User, UserCreate, UserSignUp } from '$lib/types/user.type';
 import { cachedProfilePicture } from '$lib/utils/cached-image-util';
 import { get } from 'svelte/store';
 import APIService from './api-service';
@@ -38,7 +38,7 @@ export default class UserService extends APIService {
 		return res.data as User;
 	};
 
-	updateCurrent = async (user: UserCreate) => {
+	updateCurrent = async (user: AccountUpdate) => {
 		const res = await this.api.put('/users/me', user);
 		return res.data as User;
 	};
@@ -130,5 +130,5 @@ export default class UserService extends APIService {
 	verifyEmail = async (token: string) => {
 		const res = await this.api.post('/users/me/verify-email', { token });
 		return res.data as User;
-	}
+	};
 }
diff --git a/frontend/src/lib/types/user.type.ts b/frontend/src/lib/types/user.type.ts
index eb675d19..13c6f721 100644
--- a/frontend/src/lib/types/user.type.ts
+++ b/frontend/src/lib/types/user.type.ts
@@ -20,6 +20,8 @@ export type User = {
 
 export type UserCreate = Omit<User, 'id' | 'customClaims' | 'ldapId' | 'userGroups'>;
 
+export type AccountUpdate = Omit<UserCreate, 'isAdmin' | 'disabled' | 'emailVerified'>
+
 export type UserSignUp = Omit<
 	UserCreate,
 	'isAdmin' | 'disabled' | 'displayName' | 'emailVerified'
diff --git a/frontend/src/lib/utils/redirection-util.ts b/frontend/src/lib/utils/redirection-util.ts
index 20757158..b6c878b0 100644
--- a/frontend/src/lib/utils/redirection-util.ts
+++ b/frontend/src/lib/utils/redirection-util.ts
@@ -31,4 +31,6 @@ export function getAuthRedirectPath(url: URL, user: User | null) {
 	if (isAdminPath && !isAdmin) {
 		return '/settings';
 	}
+
+	return null;
 }
diff --git a/frontend/src/routes/settings/account/+page.svelte b/frontend/src/routes/settings/account/+page.svelte
index 884abcb1..4c3b91a0 100644
--- a/frontend/src/routes/settings/account/+page.svelte
+++ b/frontend/src/routes/settings/account/+page.svelte
@@ -10,7 +10,7 @@
 	import appConfigStore from '$lib/stores/application-configuration-store';
 	import userStore from '$lib/stores/user-store';
 	import type { Passkey } from '$lib/types/passkey.type';
-	import type { UserCreate } from '$lib/types/user.type';
+	import type { AccountUpdate, UserCreate } from '$lib/types/user.type';
 	import { axiosErrorToast, getWebauthnErrorMessage } from '$lib/utils/error-util';
 	import {
 		KeyRound,
@@ -40,7 +40,7 @@
 		!$appConfigStore.allowOwnAccountEdit || (!!account.ldapId && $appConfigStore.ldapEnabled)
 	);
 
-	async function updateAccount(user: UserCreate) {
+	async function updateAccount(user: AccountUpdate) {
 		let success = true;
 		await userService
 			.updateCurrent(user)
diff --git a/frontend/src/routes/settings/account/account-form.svelte b/frontend/src/routes/settings/account/account-form.svelte
index 1c568c2e..c0c231fc 100644
--- a/frontend/src/routes/settings/account/account-form.svelte
+++ b/frontend/src/routes/settings/account/account-form.svelte
@@ -6,7 +6,7 @@
 	import { m } from '$lib/paraglide/messages';
 	import UserService from '$lib/services/user-service';
 	import appConfigStore from '$lib/stores/application-configuration-store';
-	import type { UserCreate } from '$lib/types/user.type';
+	import type { AccountUpdate } from '$lib/types/user.type';
 	import { axiosErrorToast } from '$lib/utils/error-util';
 	import { preventDefault } from '$lib/utils/event-util';
 	import { createForm } from '$lib/utils/form-util';
@@ -22,9 +22,9 @@
 		isLdapUser = false,
 		userInfoInputDisabled = false
 	}: {
-		account: UserCreate;
+		account: AccountUpdate;
 		userId: string;
-		callback: (user: UserCreate) => Promise<boolean>;
+		callback: (user: AccountUpdate) => Promise<boolean>;
 		isLdapUser?: boolean;
 		userInfoInputDisabled?: boolean;
 	} = $props();
@@ -39,10 +39,7 @@
 		lastName: emptyToUndefined(z.string().max(50).optional()),
 		displayName: z.string().min(1).max(100),
 		username: usernameSchema,
-		email: get(appConfigStore).requireUserEmail
-			? z.email()
-			: emptyToUndefined(z.email().optional()),
-		isAdmin: z.boolean()
+		email: get(appConfigStore).requireUserEmail ? z.email() : emptyToUndefined(z.email().optional())
 	});
 	type FormSchema = typeof formSchema;
 
diff --git a/frontend/src/routes/settings/admin/users/user-form.svelte b/frontend/src/routes/settings/admin/users/user-form.svelte
index 18cfff5b..3513abbc 100644
--- a/frontend/src/routes/settings/admin/users/user-form.svelte
+++ b/frontend/src/routes/settings/admin/users/user-form.svelte
@@ -33,7 +33,7 @@
 		lastName: existingUser?.lastName || '',
 		displayName: existingUser?.displayName || '',
 		email: existingUser?.email || '',
-		emailVerified: existingUser?.emailVerified || emailsVerifiedPerDefault,
+		emailVerified: existingUser?.emailVerified ?? emailsVerifiedPerDefault,
 		username: existingUser?.username || '',
 		isAdmin: existingUser?.isAdmin || false,
 		disabled: existingUser?.disabled || false