2017-05-06 21:21:39 +02:00
package userService
import (
"errors"
2017-05-10 00:04:07 +02:00
"fmt"
2017-05-06 21:21:39 +02:00
"net/http"
2017-05-10 00:04:07 +02:00
"strconv"
"time"
2017-05-06 21:21:39 +02:00
2017-05-17 07:58:40 +02:00
"github.com/NyaaPantsu/nyaa/config"
"github.com/NyaaPantsu/nyaa/db"
"github.com/NyaaPantsu/nyaa/model"
"github.com/NyaaPantsu/nyaa/util/email"
"github.com/NyaaPantsu/nyaa/util/languages"
"github.com/NyaaPantsu/nyaa/util/timeHelper"
2017-05-10 00:04:07 +02:00
"github.com/gorilla/securecookie"
2017-05-06 21:21:39 +02:00
)
2017-05-10 00:04:07 +02:00
var verificationHandler = securecookie . New ( config . EmailTokenHashKey , nil )
2017-05-06 21:21:39 +02:00
// SendEmailVerfication sends an email verification token via email.
2017-05-14 21:45:50 +02:00
func SendEmailVerification ( to string , token string ) error {
T , err := languages . GetDefaultTfunc ( )
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245)
* Checkpoint: it builds
The config, db, model, network, os, and public packages have had some
fixes to glaringly obvious flaws, dead code removed, and stylistic
changes.
* Style changes and old code removal in router
Router needs a lot of work done to its (lack of) error handling.
* Dead code removal and style changes
Now up to util/email/email.go. After I'm finished with the initial sweep
I'll go back and fix error handling and security issues. Then I'll fix
the broken API. Then I'll go through to add documentation and fix code
visibility.
* Finish dead code removal and style changes
Vendored libraries not touched. Everything still needs security fixes
and documentation. There's also one case of broken functionality.
* Fix accidental find-and-replace
* Style, error checking, saftey, bug fix changes
* Redo error checking erased during merge
* Re-add merge-erased fix. Make Safe safe.
2017-05-10 04:34:40 +02:00
if err != nil {
return err
}
content := T ( "link" ) + " : https://" + config . WebAddress + "/verify/email/" + token
content_html := T ( "verify_email_content" ) + "<br/>" + "<a href=\"https://" + config . WebAddress + "/verify/email/" + token + "\" target=\"_blank\">" + config . WebAddress + "/verify/email/" + token + "</a>"
2017-05-10 22:42:11 +02:00
return email . SendEmailFromAdmin ( to , T ( "verify_email_title" ) , content , content_html )
2017-05-06 21:21:39 +02:00
}
// SendVerificationToUser sends an email verification token to user.
2017-05-10 21:16:30 +02:00
func SendVerificationToUser ( user model . User , newEmail string ) ( int , error ) {
2017-05-10 00:04:07 +02:00
validUntil := timeHelper . TwentyFourHoursLater ( ) // TODO: longer duration?
value := map [ string ] string {
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245)
* Checkpoint: it builds
The config, db, model, network, os, and public packages have had some
fixes to glaringly obvious flaws, dead code removed, and stylistic
changes.
* Style changes and old code removal in router
Router needs a lot of work done to its (lack of) error handling.
* Dead code removal and style changes
Now up to util/email/email.go. After I'm finished with the initial sweep
I'll go back and fix error handling and security issues. Then I'll fix
the broken API. Then I'll go through to add documentation and fix code
visibility.
* Finish dead code removal and style changes
Vendored libraries not touched. Everything still needs security fixes
and documentation. There's also one case of broken functionality.
* Fix accidental find-and-replace
* Style, error checking, saftey, bug fix changes
* Redo error checking erased during merge
* Re-add merge-erased fix. Make Safe safe.
2017-05-10 04:34:40 +02:00
"t" : strconv . FormatInt ( validUntil . Unix ( ) , 10 ) ,
"u" : strconv . FormatUint ( uint64 ( user . ID ) , 10 ) ,
2017-05-10 21:16:30 +02:00
"e" : newEmail ,
2017-05-06 21:21:39 +02:00
}
2017-05-10 00:04:07 +02:00
encoded , err := verificationHandler . Encode ( "" , value )
2017-05-06 21:21:39 +02:00
if err != nil {
2017-05-10 00:04:07 +02:00
return http . StatusInternalServerError , err
2017-05-06 21:21:39 +02:00
}
2017-05-14 21:45:50 +02:00
err = SendEmailVerification ( newEmail , encoded )
2017-05-06 21:21:39 +02:00
if err != nil {
return http . StatusInternalServerError , err
}
2017-05-10 00:04:07 +02:00
return http . StatusOK , nil
2017-05-06 21:21:39 +02:00
}
2017-05-10 00:04:07 +02:00
// EmailVerification verifies the token used for email verification
func EmailVerification ( token string , w http . ResponseWriter ) ( int , error ) {
value := make ( map [ string ] string )
err := verificationHandler . Decode ( "" , token , & value )
if err != nil {
fmt . Printf ( "%+v\n" , err )
return http . StatusForbidden , errors . New ( "Token is not valid." )
2017-05-06 21:21:39 +02:00
}
2017-05-10 00:04:07 +02:00
time_int , _ := strconv . ParseInt ( value [ "t" ] , 10 , 0 )
if timeHelper . IsExpired ( time . Unix ( time_int , 0 ) ) {
return http . StatusForbidden , errors . New ( "Token has expired." )
2017-05-06 21:21:39 +02:00
}
2017-05-10 00:04:07 +02:00
var user model . User
if db . ORM . Where ( "user_id = ?" , value [ "u" ] ) . First ( & user ) . RecordNotFound ( ) {
return http . StatusNotFound , errors . New ( "User is not found." )
2017-05-06 21:21:39 +02:00
}
2017-05-10 00:04:07 +02:00
user . Email = value [ "e" ]
return UpdateUserCore ( & user )
2017-05-06 21:21:39 +02:00
}