> ## Documentation Index
> Fetch the complete documentation index at: https://docs.auction-rise.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Email Notifications

> Resend integration, welcome emails, activity digests, and per-user notification preferences.

# Email Notifications

The template uses [Resend](https://resend.com) for transactional email. Two systems work together: Supabase's built-in auth emails (verification, password reset) are relayed through Resend SMTP, while application emails (welcome, digests, invitations) use the Resend SDK directly.

## Resend SDK (Direct Send)

All application emails go through `sendEmail()` in `lib/email/send.ts`, which wraps the Resend SDK with:

* Up to 3 automatic retries on failure
* Graceful skip when `RESEND_API_KEY` is missing (logs a warning instead of throwing)
* Structured logging for every send attempt

```typescript theme={null}
import { sendEmail } from "@/lib/email/send";

await sendEmail({
  to: user.email,
  subject: "Welcome!",
  html: await renderWelcomeEmail(firstName),
});
```

## Welcome Email

Sent once per user after their first email verification. The `sendWelcomeEmail(userId)` server action in `lib/email/actions.ts` guards against double-sends by checking `profiles.welcomed_at` and the user's `welcome_email` notification preference before sending.

The template is a React Email component in `lib/email/templates/welcome.tsx`.

## Activity Digests

Users can receive daily or weekly digests. The digest template lives in `lib/email/templates/activity-digest.tsx`.

Digests are triggered by a Vercel cron job:

```json theme={null}
// vercel.json
{
  "crons": [
    { "path": "/api/notifications/digest?frequency=daily", "schedule": "0 8 * * *" },
    { "path": "/api/notifications/digest?frequency=weekly", "schedule": "0 8 * * 1" }
  ]
}
```

The endpoint is protected by `CRON_SECRET`:

```typescript theme={null}
const authHeader = request.headers.get("authorization");
if (authHeader !== `Bearer ${process.env.CRON_SECRET}`) {
  return new Response("Unauthorized", { status: 401 });
}
```

## Notification Preferences

Each user has a row in the `notification_preferences` table (created on first access via upsert). The `/settings/notifications` page renders `NotificationPreferencesForm` with toggle switches for each email type and a digest frequency selector (`daily` | `weekly` | `never`).

```typescript theme={null}
import {
  getNotificationPreferences,
  updateNotificationPreferences,
} from "@/lib/notifications/actions";
```

## Supabase Auth Emails via SMTP Relay

Auth emails (signup confirmation, password reset, email change) can be routed through Resend's SMTP relay. Configure in `supabase/config.toml` under `[auth.email.smtp]`. This is commented out locally so Inbucket handles dev emails — enable it for production deployments.

## Environment Variables

| Variable               | Required       | Description                                              |
| ---------------------- | -------------- | -------------------------------------------------------- |
| `RESEND_API_KEY`       | Yes            | Resend API key                                           |
| `RESEND_FROM_EMAIL`    | Yes            | Verified sender address (e.g., `noreply@yourdomain.com`) |
| `RESEND_SMTP_PASSWORD` | For auth relay | Resend SMTP password for Supabase relay                  |
| `NEXT_PUBLIC_APP_URL`  | Yes            | Base URL used in email links                             |
| `CRON_SECRET`          | Yes            | Secret for protecting cron endpoints                     |
