feat: email delivery after payment

schemas/get-birth-certificate.json

@@ -482,31 +482,39 @@
       ]
     }
   ],
-  "processors": [
-    {
-      "type": "payment",
-      "config": {
-        "provider": "ezpay",
-        "department": "oag_registration",
-        "paymentCode": "{{db:get-birth-certificate:payment_code}}",
-        "amount": "{{formData.order.numberOfCopies * db:get-birth-certificate:payment_amount}}",
-        "description": "Birth Certificate Processing Fee (per copy)",
-        "confirmationEmailTo": ["{{db:get-birth-certificate:admin_email}}"],
-        "customerEmail": "{{formData.applicant.email}}",
-        "required": true,
-        "timing": "after_validation",
-        "responseData": {
-          "include": ["order.numberOfCopies"]
-        }
-      }
-    },
-    {
-      "type": "email",
-      "config": {
-        "to": "{{db:get-birth-certificate:admin_email}}",
-        "subject": "New Birth Certificate Application - {{formData.applicant.firstName}} {{formData.applicant.lastName}}",
-        "template": "birth-certificate"
-      }
-    }
-  ]
+	"processors": [
+		{
+			"type": "payment",
+			"config": {
+				"provider": "ezpay",
+				"department": "oag_registration",
+				"paymentCode": "{{db:get-birth-certificate:payment_code}}",
+				"amount": "{{formData.order.numberOfCopies * db:get-birth-certificate:payment_amount}}",
+				"description": "Birth Certificate Processing Fee (per copy)",
+				"required": true,
+				"timing": "after_validation",
+				"responseData": {
+					"include": ["order.numberOfCopies"]
+				}
+			}
+		},
+		{
+			"type": "email",
+			"config": {
+				"to": "{{db:get-birth-certificate:admin_email}}",
+				"subject": "New Birth Certificate Application - {{formData.applicant.firstName}} {{formData.applicant.lastName}}",
+				"template": "birth-certificate",
+				"recipientType": "admin"
+			}
+		},
+		{
+			"type": "email",
+			"config": {
+				"to": "{{formData.applicant.email}}",
+				"subject": "Birth Certificate - Submission Received",
+				"template": "birth-certificate-receipt",
+				"recipientType": "user"
+			}
+		}
+	]
 }

schemas/get-death-certificate.json

@@ -263,8 +263,6 @@
         "department": "oag_registration",
         "paymentCode": "{{db:get-death-certificate:payment_code}}",
         "amount": "{{formData.order.numberOfCopies * db:get-death-certificate:payment_amount}}",
-        "confirmationEmailTo": ["{{db:get-death-certificate:admin_email}}"],
-        "customerEmail": "{{formData.applicant.email}}",
         "description": "Death Certificate Processing Fee (per copy)",
         "required": true,
         "timing": "after_validation",
@@ -278,7 +276,17 @@
       "config": {
         "to": "{{db:get-death-certificate:admin_email}}",
         "subject": "New Death Certificate Application - {{formData.applicant.firstName}} {{formData.applicant.lastName}}",
-        "template": "death-certificate"
+        "template": "death-certificate",
+        "recipientType": "admin"
+      }
+    },
+    {
+      "type": "email",
+      "config": {
+        "to": "{{formData.applicant.email}}",
+        "subject": "Death Certificate - Submission Received",
+        "template": "death-certificate-receipt",
+        "recipientType": "user"
       }
     },
     {

schemas/get-marriage-certificate.json

@@ -324,8 +324,6 @@
         "department": "oag_registration",
         "paymentCode": "{{db:get-marriage-certificate:payment_code}}",
         "amount": "{{formData.order.numberOfCopies * db:get-marriage-certificate:payment_amount}}",
-        "confirmationEmailTo": ["{{db:get-marriage-certificate:admin_email}}"],
-        "customerEmail": "{{formData.applicant.email}}",
         "description": "Marriage Certificate Processing Fee (per copy)",
         "required": true,
         "timing": "after_validation",
@@ -339,7 +337,17 @@
       "config": {
         "to": "{{db:get-marriage-certificate:admin_email}}",
         "subject": "New Marriage Certificate Application - {{formData.applicant.firstName}} {{formData.applicant.lastName}}",
-        "template": "marriage-certificate"
+        "template": "marriage-certificate",
+        "recipientType": "admin"
+      }
+    },
+    {
+      "type": "email",
+      "config": {
+        "to": "{{formData.applicant.email}}",
+        "subject": "Marriage Certificate - Submission Received",
+        "template": "marriage-certificate-receipt",
+        "recipientType": "user"
       }
     }
   ]

src/common/utils/date.util.ts

@@ -0,0 +1,32 @@
+export function formatDisplayDate(
+  date: Date | string | undefined | null,
+): string {
+  const dateObj = parseDate(date);
+
+  const datePart = dateObj.toLocaleDateString('en-US', {
+    year: 'numeric',
+    month: 'long',
+    day: 'numeric',
+  });
+
+  const timePart = dateObj.toLocaleTimeString('en-US', {
+    hour: 'numeric',
+    minute: '2-digit',
+    hour12: true,
+  });
+
+  return `${datePart} at ${timePart}`;
+}
+
+function parseDate(date: Date | string | undefined | null): Date {
+  if (!date) {
+    return new Date();
+  }
+
+  if (typeof date === 'string') {
+    const parsed = new Date(date);
+    return isNaN(parsed.getTime()) ? new Date() : parsed;
+  }
+
+  return date;
+}

src/common/utils/encryption.util.ts

@@ -0,0 +1,55 @@
+import * as crypto from 'crypto';
+
+const ALGORITHM = 'aes-256-gcm';
+const IV_LENGTH = 16;
+const AUTH_TAG_LENGTH = 16;
+
+function getEncryptionKey(): Buffer {
+  const key = process.env.FORM_DATA_ENCRYPTION_KEY;
+  return crypto.createHash('sha256').update(key).digest();
+}
+
+/**
+ * Encrypt data using AES-256-GCM
+ * Returns base64 encoded string containing: IV + AuthTag + CipherText
+ */
+export function encryptFormData(data: Record<string, any>): string {
+  const key = getEncryptionKey();
+  const iv = crypto.randomBytes(IV_LENGTH);
+  const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
+
+  const jsonData = JSON.stringify(data);
+  const encrypted = Buffer.concat([
+    cipher.update(jsonData, 'utf8'),
+    cipher.final(),
+  ]);
+
+  const authTag = cipher.getAuthTag();
+
+  const combined = Buffer.concat([iv, authTag, encrypted]);
+
+  return combined.toString('base64');
+}
+
+/**
+ * Decrypt data that was encrypted with encryptFormData
+ * Expects base64 encoded string containing: IV + AuthTag + CipherText
+ */
+export function decryptFormData(encryptedData: string): Record<string, any> {
+  const key = getEncryptionKey();
+  const combined = Buffer.from(encryptedData, 'base64');
+
+  const iv = combined.subarray(0, IV_LENGTH);
+  const authTag = combined.subarray(IV_LENGTH, IV_LENGTH + AUTH_TAG_LENGTH);
+  const encrypted = combined.subarray(IV_LENGTH + AUTH_TAG_LENGTH);
+
+  const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
+  decipher.setAuthTag(authTag);
+
+  const decrypted = Buffer.concat([
+    decipher.update(encrypted),
+    decipher.final(),
+  ]);
+
+  return JSON.parse(decrypted.toString('utf8'));
+}

src/common/utils/index.ts

@@ -1 +1,3 @@
 export * from './reference-code.util';
+export * from './encryption.util';
+export * from './date.util';

src/database/entities/form-submission-payment.entity.ts

@@ -32,12 +32,15 @@ export class FormSubmissionPayment {
   @Column({ name: 'payment_completed', default: false })
   paymentCompleted: boolean;
 
-  @Column({ name: 'payment_verified', default: false })
-  paymentVerified: boolean;
-
   @Column({ name: 'notification_sent', default: false })
   notificationSent: boolean;
 
+  @Column({ name: 'encrypted_form_data', type: 'text', nullable: true })
+  encryptedFormData?: string;
+
+  @Column({ name: 'form_data_deleted', default: false })
+  formDataDeleted: boolean;
+
   @ManyToOne(() => Payment, (payment) => payment.formSubmissions, {
     onDelete: 'CASCADE',
   })

src/database/migrations/1769545014343-AddEncryptedFormDataToFormSubmissionPayments.ts

@@ -0,0 +1,38 @@
+import { MigrationInterface, QueryRunner, TableColumn } from 'typeorm';
+
+export class AddEncryptedFormDataToFormSubmissionPayments1769545014343
+  implements MigrationInterface
+{
+  name = 'AddEncryptedFormDataToFormSubmissionPayments1769545014343';
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.addColumn(
+      'form_submission_payments',
+      new TableColumn({
+        name: 'encrypted_form_data',
+        type: 'text',
+        isNullable: true,
+      }),
+    );
+
+    await queryRunner.addColumn(
+      'form_submission_payments',
+      new TableColumn({
+        name: 'form_data_deleted',
+        type: 'boolean',
+        default: false,
+      }),
+    );
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.dropColumn(
+      'form_submission_payments',
+      'form_data_deleted',
+    );
+    await queryRunner.dropColumn(
+      'form_submission_payments',
+      'encrypted_form_data',
+    );
+  }
+}

src/database/migrations/1769545016193-RemovePaymentVerified.ts

@@ -0,0 +1,27 @@
+import { MigrationInterface, QueryRunner, TableColumn } from 'typeorm';
+
+export class RemovePaymentVerified1769545016193 implements MigrationInterface {
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    const table = await queryRunner.getTable('form_submission_payments');
+    const column = table?.findColumnByName('payment_verified');
+
+    if (column) {
+      await queryRunner.dropColumn(
+        'form_submission_payments',
+        'payment_verified',
+      );
+    }
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.addColumn(
+      'form_submission_payments',
+      new TableColumn({
+        name: 'payment_verified',
+        type: 'boolean',
+        default: false,
+        isNullable: false,
+      }),
+    );
+  }
+}