nyaa-pantsu/service/user/verification.go

package userService

import (
	"errors"
	"fmt"
	"net/http"
	"strconv"
	"time"

	"github.com/ewhal/nyaa/config"
	"github.com/ewhal/nyaa/db"
	"github.com/ewhal/nyaa/model"
	"github.com/ewhal/nyaa/util/email"
	"github.com/ewhal/nyaa/util/languages"
	"github.com/ewhal/nyaa/util/timeHelper"
	"github.com/gorilla/securecookie"
)

var verificationHandler = securecookie.New(config.EmailTokenHashKey, nil)

// SendEmailVerfication sends an email verification token via email.
func SendEmailVerification(to string, token string) error {
	T, err := languages.GetDefaultTfunc()
	if err != nil {
		return err
	}
	content := T("link") + " : https://" + config.WebAddress + "/verify/email/" + token
	content_html := T("verify_email_content") + "<br/>" + "<a href=\"https://" + config.WebAddress + "/verify/email/" + token + "\" target=\"_blank\">" + config.WebAddress + "/verify/email/" + token + "</a>"
	return email.SendEmailFromAdmin(to, T("verify_email_title"), content, content_html)
}

// SendVerificationToUser sends an email verification token to user.
func SendVerificationToUser(user model.User, newEmail string) (int, error) {
	validUntil := timeHelper.TwentyFourHoursLater() // TODO: longer duration?
	value := map[string]string{
		"t": strconv.FormatInt(validUntil.Unix(), 10),
		"u": strconv.FormatUint(uint64(user.ID), 10),
		"e": newEmail,
	}
	encoded, err := verificationHandler.Encode("", value)
	if err != nil {
		return http.StatusInternalServerError, err
	}
	err = SendEmailVerification(newEmail, encoded)
	if err != nil {
		return http.StatusInternalServerError, err
	}
	return http.StatusOK, nil
}

// EmailVerification verifies the token used for email verification
func EmailVerification(token string, w http.ResponseWriter) (int, error) {
	value := make(map[string]string)
	err := verificationHandler.Decode("", token, &value)
	if err != nil {
		fmt.Printf("%+v\n", err)
		return http.StatusForbidden, errors.New("Token is not valid.")
	}
	time_int, _ := strconv.ParseInt(value["t"], 10, 0)
	if timeHelper.IsExpired(time.Unix(time_int, 0)) {
		return http.StatusForbidden, errors.New("Token has expired.")
	}
	var user model.User
	if db.ORM.Where("user_id = ?", value["u"]).First(&user).RecordNotFound() {
		return http.StatusNotFound, errors.New("User is not found.")
	}
	user.Email = value["e"]
	return UpdateUserCore(&user)
}
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`package userService`

			`import (`
			`"errors"`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`"fmt"`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`"net/http"`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`"strconv"`
			`"time"`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00
			`"github.com/ewhal/nyaa/config"`
			`"github.com/ewhal/nyaa/db"`
			`"github.com/ewhal/nyaa/model"`
Fixing 2017-05-10 22:42:11 +02:00			`"github.com/ewhal/nyaa/util/email"`
Replace 'en-us' literals with the default language This consolidates the places where a default language has to be set. - Removed import of the 'userService' package into the 'languages' util package This was required to prevent a cyclic import between the two packages. - Added a 'UserRetriever' interface to read the language setting of users inside the 'languages' package 2017-05-14 21:45:50 +02:00			`"github.com/ewhal/nyaa/util/languages"`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`"github.com/ewhal/nyaa/util/timeHelper"`
			`"github.com/gorilla/securecookie"`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`)`

Stateless Email Verification 2017-05-10 00:04:07 +02:00			`var verificationHandler = securecookie.New(config.EmailTokenHashKey, nil)`

User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`// SendEmailVerfication sends an email verification token via email.`
Replace 'en-us' literals with the default language This consolidates the places where a default language has to be set. - Removed import of the 'userService' package into the 'languages' util package This was required to prevent a cyclic import between the two packages. - Added a 'UserRetriever' interface to read the language setting of users inside the 'languages' package 2017-05-14 21:45:50 +02:00			`func SendEmailVerification(to string, token string) error {`
			`T, err := languages.GetDefaultTfunc()`
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe. 2017-05-10 04:34:40 +02:00			`if err != nil {`
			`return err`
			`}`
			`content := T("link") + " : https://" + config.WebAddress + "/verify/email/" + token`
			`content_html := T("verify_email_content") + "<br/>" + "<a href=\"https://" + config.WebAddress + "/verify/email/" + token + "\" target=\"_blank\">" + config.WebAddress + "/verify/email/" + token + "</a>"`
Fixing 2017-05-10 22:42:11 +02:00			`return email.SendEmailFromAdmin(to, T("verify_email_title"), content, content_html)`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`

			`// SendVerificationToUser sends an email verification token to user.`
Make email verification work correctly Previously the email was set before it had been verified, which was very wrong. 2017-05-10 21:16:30 +02:00			`func SendVerificationToUser(user model.User, newEmail string) (int, error) {`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`validUntil := timeHelper.TwentyFourHoursLater() // TODO: longer duration?`
			`value := map[string]string{`
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe. 2017-05-10 04:34:40 +02:00			`"t": strconv.FormatInt(validUntil.Unix(), 10),`
			`"u": strconv.FormatUint(uint64(user.ID), 10),`
Make email verification work correctly Previously the email was set before it had been verified, which was very wrong. 2017-05-10 21:16:30 +02:00			`"e": newEmail,`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`encoded, err := verificationHandler.Encode("", value)`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`if err != nil {`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`return http.StatusInternalServerError, err`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Replace 'en-us' literals with the default language This consolidates the places where a default language has to be set. - Removed import of the 'userService' package into the 'languages' util package This was required to prevent a cyclic import between the two packages. - Added a 'UserRetriever' interface to read the language setting of users inside the 'languages' package 2017-05-14 21:45:50 +02:00			`err = SendEmailVerification(newEmail, encoded)`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`if err != nil {`
			`return http.StatusInternalServerError, err`
			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`return http.StatusOK, nil`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`

Stateless Email Verification 2017-05-10 00:04:07 +02:00			`// EmailVerification verifies the token used for email verification`
			`func EmailVerification(token string, w http.ResponseWriter) (int, error) {`
			`value := make(map[string]string)`
			`err := verificationHandler.Decode("", token, &value)`
			`if err != nil {`
			`fmt.Printf("%+v\n", err)`
			`return http.StatusForbidden, errors.New("Token is not valid.")`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`time_int, _ := strconv.ParseInt(value["t"], 10, 0)`
			`if timeHelper.IsExpired(time.Unix(time_int, 0)) {`
			`return http.StatusForbidden, errors.New("Token has expired.")`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`var user model.User`
			`if db.ORM.Where("user_id = ?", value["u"]).First(&user).RecordNotFound() {`
			`return http.StatusNotFound, errors.New("User is not found.")`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`user.Email = value["e"]`
			`return UpdateUserCore(&user)`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`