2017-07-02 23:53:23 +02:00
package email
2017-05-06 21:21:39 +02:00
import (
"errors"
2017-05-10 00:04:07 +02:00
"fmt"
2017-05-06 21:21:39 +02:00
"net/http"
2017-05-10 00:04:07 +02:00
"strconv"
"time"
2017-05-06 21:21:39 +02:00
2017-05-17 07:58:40 +02:00
"github.com/NyaaPantsu/nyaa/config"
2017-07-02 23:53:23 +02:00
"github.com/NyaaPantsu/nyaa/models"
"github.com/NyaaPantsu/nyaa/models/users"
"github.com/NyaaPantsu/nyaa/utils/format"
2017-07-02 16:54:55 +02:00
"github.com/NyaaPantsu/nyaa/utils/publicSettings"
"github.com/NyaaPantsu/nyaa/utils/timeHelper"
2017-06-28 13:42:38 +02:00
"github.com/gin-gonic/gin"
2017-05-10 00:04:07 +02:00
"github.com/gorilla/securecookie"
2017-05-06 21:21:39 +02:00
)
2017-05-10 00:04:07 +02:00
var verificationHandler = securecookie . New ( config . EmailTokenHashKey , nil )
2017-05-26 12:12:52 +02:00
// SendEmailVerification sends an email verification token via email.
2017-05-14 21:45:50 +02:00
func SendEmailVerification ( to string , token string ) error {
2017-05-27 19:08:47 +02:00
T , err := publicSettings . GetDefaultTfunc ( )
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245)
* Checkpoint: it builds
The config, db, model, network, os, and public packages have had some
fixes to glaringly obvious flaws, dead code removed, and stylistic
changes.
* Style changes and old code removal in router
Router needs a lot of work done to its (lack of) error handling.
* Dead code removal and style changes
Now up to util/email/email.go. After I'm finished with the initial sweep
I'll go back and fix error handling and security issues. Then I'll fix
the broken API. Then I'll go through to add documentation and fix code
visibility.
* Finish dead code removal and style changes
Vendored libraries not touched. Everything still needs security fixes
and documentation. There's also one case of broken functionality.
* Fix accidental find-and-replace
* Style, error checking, saftey, bug fix changes
* Redo error checking erased during merge
* Re-add merge-erased fix. Make Safe safe.
2017-05-10 04:34:40 +02:00
if err != nil {
return err
}
2017-07-10 14:11:05 +02:00
content := T ( "link" ) + " : " + config . Get ( ) . WebAddress . Nyaa + "/verify/email/" + token
contentHTML := T ( "verify_email_content" ) + "<br/>" + "<a href=\"" + config . Get ( ) . WebAddress . Nyaa + "/verify/email/" + token + "\" target=\"_blank\">" + format . GetHostname ( config . Get ( ) . WebAddress . Nyaa ) + "/verify/email/" + token + "</a>"
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
return SendEmailFromAdmin ( to , T ( "verify_email_title" ) , content , contentHTML )
2017-05-06 21:21:39 +02:00
}
// SendVerificationToUser sends an email verification token to user.
2017-07-02 23:53:23 +02:00
func SendVerificationToUser ( user * models . User , newEmail string ) ( int , error ) {
2017-05-10 00:04:07 +02:00
validUntil := timeHelper . TwentyFourHoursLater ( ) // TODO: longer duration?
value := map [ string ] string {
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245)
* Checkpoint: it builds
The config, db, model, network, os, and public packages have had some
fixes to glaringly obvious flaws, dead code removed, and stylistic
changes.
* Style changes and old code removal in router
Router needs a lot of work done to its (lack of) error handling.
* Dead code removal and style changes
Now up to util/email/email.go. After I'm finished with the initial sweep
I'll go back and fix error handling and security issues. Then I'll fix
the broken API. Then I'll go through to add documentation and fix code
visibility.
* Finish dead code removal and style changes
Vendored libraries not touched. Everything still needs security fixes
and documentation. There's also one case of broken functionality.
* Fix accidental find-and-replace
* Style, error checking, saftey, bug fix changes
* Redo error checking erased during merge
* Re-add merge-erased fix. Make Safe safe.
2017-05-10 04:34:40 +02:00
"t" : strconv . FormatInt ( validUntil . Unix ( ) , 10 ) ,
"u" : strconv . FormatUint ( uint64 ( user . ID ) , 10 ) ,
2017-05-10 21:16:30 +02:00
"e" : newEmail ,
2017-05-06 21:21:39 +02:00
}
2017-05-10 00:04:07 +02:00
encoded , err := verificationHandler . Encode ( "" , value )
2017-05-06 21:21:39 +02:00
if err != nil {
2017-05-10 00:04:07 +02:00
return http . StatusInternalServerError , err
2017-05-06 21:21:39 +02:00
}
2017-05-14 21:45:50 +02:00
err = SendEmailVerification ( newEmail , encoded )
2017-05-06 21:21:39 +02:00
if err != nil {
return http . StatusInternalServerError , err
}
2017-05-10 00:04:07 +02:00
return http . StatusOK , nil
2017-05-06 21:21:39 +02:00
}
2017-05-10 00:04:07 +02:00
// EmailVerification verifies the token used for email verification
2017-06-28 13:42:38 +02:00
func EmailVerification ( token string , c * gin . Context ) ( int , error ) {
2017-05-10 00:04:07 +02:00
value := make ( map [ string ] string )
err := verificationHandler . Decode ( "" , token , & value )
if err != nil {
fmt . Printf ( "%+v\n" , err )
2017-06-28 13:42:38 +02:00
return http . StatusForbidden , errors . New ( "token_valid" )
2017-05-06 21:21:39 +02:00
}
2017-05-26 12:12:52 +02:00
timeInt , _ := strconv . ParseInt ( value [ "t" ] , 10 , 0 )
if timeHelper . IsExpired ( time . Unix ( timeInt , 0 ) ) {
2017-06-28 13:42:38 +02:00
return http . StatusForbidden , errors . New ( "token_expired" )
2017-05-06 21:21:39 +02:00
}
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
id , _ := strconv . Atoi ( value [ "u" ] )
2017-07-02 23:53:23 +02:00
user , _ , err := users . FindByID ( uint ( id ) )
if err != nil {
2017-06-28 13:42:38 +02:00
return http . StatusNotFound , errors . New ( "user_not_found" )
2017-05-06 21:21:39 +02:00
}
2017-05-10 00:04:07 +02:00
user . Email = value [ "e" ]
2017-07-02 23:53:23 +02:00
return user . Update ( )
2017-05-06 21:21:39 +02:00
}