From 0228c74f71569c9f6013116490b00a5bf9b30563 Mon Sep 17 00:00:00 2001
From: Hemachandar <hmac.devo@gmail.com>
Date: Mon, 22 Sep 2025 14:26:23 +0530
Subject: [PATCH 1/2] Throw error when email is not available for account
 verification

---
 app/controllers/api/account.php               |  4 ++++
 .../Account/AccountCustomClientTest.php       | 20 +++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php
index 8aaa5283c4..09f5036188 100644
--- a/app/controllers/api/account.php
+++ b/app/controllers/api/account.php
@@ -3544,6 +3544,10 @@ App::post('/v1/account/verification')
             throw new Exception(Exception::GENERAL_SMTP_DISABLED, 'SMTP Disabled');
         }
 
+        if (empty($user->getAttribute('email'))) {
+            throw new Exception(Exception::USER_EMAIL_NOT_FOUND);
+        }
+
         $url = htmlentities($url);
         if ($user->getAttribute('emailVerification')) {
             throw new Exception(Exception::USER_EMAIL_ALREADY_VERIFIED);
diff --git a/tests/e2e/Services/Account/AccountCustomClientTest.php b/tests/e2e/Services/Account/AccountCustomClientTest.php
index bd3fec8439..5cec3770f7 100644
--- a/tests/e2e/Services/Account/AccountCustomClientTest.php
+++ b/tests/e2e/Services/Account/AccountCustomClientTest.php
@@ -1850,6 +1850,26 @@ class AccountCustomClientTest extends Scope
         return $session;
     }
 
+    /**
+     * @depends testCreateAnonymousAccount
+     */
+    public function testCreateAnonymousAccountVerification($session): array
+    {
+        $response = $this->client->call(Client::METHOD_POST, '/account/verification', array_merge([
+            'origin' => 'http://localhost',
+            'content-type' => 'application/json',
+            'x-appwrite-project' => $this->getProject()['$id'],
+            'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
+        ]), [
+            'url' => 'http://localhost/verification',
+        ]);
+
+        $this->assertEquals(500, $response['body']['code']);
+        $this->assertEquals('user_email_not_found', $response['body']['type']);
+
+        return [];
+    }
+
     /**
      * @depends testCreateAnonymousAccount
      */

From b145c609bd81457282d9d29a693cf1ee86d11f53 Mon Sep 17 00:00:00 2001
From: Hemachandar <hmac.devo@gmail.com>
Date: Fri, 3 Oct 2025 16:29:39 +0530
Subject: [PATCH 2/2] change error codes

---
 app/config/errors.php                             | 15 +++++++++++++++
 .../Services/Account/AccountCustomClientTest.php  |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/app/config/errors.php b/app/config/errors.php
index 156af5db8f..4345884ff5 100644
--- a/app/config/errors.php
+++ b/app/config/errors.php
@@ -211,6 +211,11 @@ return [
         'description' => 'User with the requested ID could not be found.',
         'code' => 404,
     ],
+    Exception::USER_EMAIL_NOT_FOUND => [
+        'name' => Exception::USER_EMAIL_NOT_FOUND,
+        'description' => 'User email could not be found.',
+        'code' => 400,
+    ],
     Exception::USER_EMAIL_ALREADY_EXISTS => [
         'name' => Exception::USER_EMAIL_ALREADY_EXISTS,
         'description' => 'A user with the same email already exists in the current project.',
@@ -312,11 +317,21 @@ return [
         'description' => 'OAuth2 provider returned some error.',
         'code' => 424,
     ],
+    Exception::USER_EMAIL_NOT_VERIFIED => [
+        'name' => Exception::USER_EMAIL_NOT_VERIFIED,
+        'description' => 'User email is not verified',
+        'code' => 400,
+    ],
     Exception::USER_EMAIL_ALREADY_VERIFIED => [
         'name' => Exception::USER_EMAIL_ALREADY_VERIFIED,
         'description' => 'User email is already verified',
         'code' => 409,
     ],
+    Exception::USER_PHONE_NOT_VERIFIED => [
+        'name' => Exception::USER_PHONE_NOT_VERIFIED,
+        'description' => 'User phone is not verified',
+        'code' => 400,
+    ],
     Exception::USER_PHONE_ALREADY_VERIFIED => [
         'name' => Exception::USER_PHONE_ALREADY_VERIFIED,
         'description' => 'User phone is already verified',
diff --git a/tests/e2e/Services/Account/AccountCustomClientTest.php b/tests/e2e/Services/Account/AccountCustomClientTest.php
index 5cec3770f7..8ebd89c983 100644
--- a/tests/e2e/Services/Account/AccountCustomClientTest.php
+++ b/tests/e2e/Services/Account/AccountCustomClientTest.php
@@ -1864,7 +1864,7 @@ class AccountCustomClientTest extends Scope
             'url' => 'http://localhost/verification',
         ]);
 
-        $this->assertEquals(500, $response['body']['code']);
+        $this->assertEquals(400, $response['body']['code']);
         $this->assertEquals('user_email_not_found', $response['body']['type']);
 
         return [];