nyaa-pantsu/service/user/verification.go

package userService

import (
	"errors"
	"fmt"
	"net/http"
	"strconv"
	"time"

	"github.com/ewhal/nyaa/config"
	"github.com/ewhal/nyaa/db"
	"github.com/ewhal/nyaa/model"
	//	"github.com/ewhal/nyaa/util/crypto"
	"github.com/ewhal/nyaa/util/email"
	"github.com/ewhal/nyaa/util/timeHelper"
	"github.com/gorilla/securecookie"
	"github.com/nicksnyder/go-i18n/i18n"
)

var verificationHandler = securecookie.New(config.EmailTokenHashKey, nil)

// SendEmailVerfication sends an email verification token via email.
func SendEmailVerification(to string, token string, locale string) error {
	T, err := i18n.Tfunc(locale)
	if err != nil {
		return err
	}
	content := T("link") + " : https://" + config.WebAddress + "/verify/email/" + token
	content_html := T("verify_email_content") + "<br/>" + "<a href=\"https://" + config.WebAddress + "/verify/email/" + token + "\" target=\"_blank\">" + config.WebAddress + "/verify/email/" + token + "</a>"
	return email.SendEmailFromAdmin(to, T("verify_email_title"), content, content_html)
	return nil
}

// SendVerificationToUser sends an email verification token to user.
func SendVerificationToUser(user model.User) (int, error) {
	validUntil := timeHelper.TwentyFourHoursLater() // TODO: longer duration?
	value := map[string]string{
		"t": strconv.FormatInt(validUntil.Unix(), 10),
		"u": strconv.FormatUint(uint64(user.ID), 10),
		"e": user.Email,
	}
	encoded, err := verificationHandler.Encode("", value)
	if err != nil {
		return http.StatusInternalServerError, err
	}
	err = SendEmailVerification(user.Email, encoded, "en-us")
	if err != nil {
		return http.StatusInternalServerError, err
	}
	return http.StatusOK, nil
}

// SendVerification sends an email verification token.
func SendVerification(r *http.Request) (int, error) {
	var user model.User
	currentUser, err := CurrentUser(r)
	if err != nil {
		return http.StatusUnauthorized, errors.New("unauthorized")
	}
	if db.ORM.First(&user, currentUser.ID).RecordNotFound() {
		return http.StatusNotFound, errors.New("user not found")
	}
	status, err := SendVerificationToUser(user)
	return status, err
}

// EmailVerification verifies the token used for email verification
func EmailVerification(token string, w http.ResponseWriter) (int, error) {
	value := make(map[string]string)
	err := verificationHandler.Decode("", token, &value)
	if err != nil {
		fmt.Printf("%+v\n", err)
		return http.StatusForbidden, errors.New("Token is not valid.")
	}
	time_int, _ := strconv.ParseInt(value["t"], 10, 0)
	if timeHelper.IsExpired(time.Unix(time_int, 0)) {
		return http.StatusForbidden, errors.New("Token has expired.")
	}
	var user model.User
	if db.ORM.Where("user_id = ?", value["u"]).First(&user).RecordNotFound() {
		return http.StatusNotFound, errors.New("User is not found.")
	}
	user.Email = value["e"]
	return UpdateUserCore(&user)
}
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`package userService`

			`import (`
			`"errors"`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`"fmt"`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`"net/http"`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`"strconv"`
			`"time"`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00
			`"github.com/ewhal/nyaa/config"`
			`"github.com/ewhal/nyaa/db"`
			`"github.com/ewhal/nyaa/model"`
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe. 2017-05-10 04:34:40 +02:00			`// "github.com/ewhal/nyaa/util/crypto"`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`"github.com/ewhal/nyaa/util/email"`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`"github.com/ewhal/nyaa/util/timeHelper"`
			`"github.com/gorilla/securecookie"`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`"github.com/nicksnyder/go-i18n/i18n"`
			`)`

Stateless Email Verification 2017-05-10 00:04:07 +02:00			`var verificationHandler = securecookie.New(config.EmailTokenHashKey, nil)`

User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`// SendEmailVerfication sends an email verification token via email.`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`func SendEmailVerification(to string, token string, locale string) error {`
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe. 2017-05-10 04:34:40 +02:00			`T, err := i18n.Tfunc(locale)`
			`if err != nil {`
			`return err`
			`}`
			`content := T("link") + " : https://" + config.WebAddress + "/verify/email/" + token`
			`content_html := T("verify_email_content") + "<br/>" + "<a href=\"https://" + config.WebAddress + "/verify/email/" + token + "\" target=\"_blank\">" + config.WebAddress + "/verify/email/" + token + "</a>"`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`return email.SendEmailFromAdmin(to, T("verify_email_title"), content, content_html)`
			`return nil`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`

			`// SendVerificationToUser sends an email verification token to user.`
			`func SendVerificationToUser(user model.User) (int, error) {`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`validUntil := timeHelper.TwentyFourHoursLater() // TODO: longer duration?`
			`value := map[string]string{`
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe. 2017-05-10 04:34:40 +02:00			`"t": strconv.FormatInt(validUntil.Unix(), 10),`
			`"u": strconv.FormatUint(uint64(user.ID), 10),`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`"e": user.Email,`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`encoded, err := verificationHandler.Encode("", value)`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`if err != nil {`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`return http.StatusInternalServerError, err`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`err = SendEmailVerification(user.Email, encoded, "en-us")`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`if err != nil {`
			`return http.StatusInternalServerError, err`
			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`return http.StatusOK, nil`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`

			`// SendVerification sends an email verification token.`
			`func SendVerification(r *http.Request) (int, error) {`
			`var user model.User`
			`currentUser, err := CurrentUser(r)`
			`if err != nil {`
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe. 2017-05-10 04:34:40 +02:00			`return http.StatusUnauthorized, errors.New("unauthorized")`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245) * Checkpoint: it builds The config, db, model, network, os, and public packages have had some fixes to glaringly obvious flaws, dead code removed, and stylistic changes. * Style changes and old code removal in router Router needs a lot of work done to its (lack of) error handling. * Dead code removal and style changes Now up to util/email/email.go. After I'm finished with the initial sweep I'll go back and fix error handling and security issues. Then I'll fix the broken API. Then I'll go through to add documentation and fix code visibility. * Finish dead code removal and style changes Vendored libraries not touched. Everything still needs security fixes and documentation. There's also one case of broken functionality. * Fix accidental find-and-replace * Style, error checking, saftey, bug fix changes * Redo error checking erased during merge * Re-add merge-erased fix. Make Safe safe. 2017-05-10 04:34:40 +02:00			`if db.ORM.First(&user, currentUser.ID).RecordNotFound() {`
			`return http.StatusNotFound, errors.New("user not found")`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
			`status, err := SendVerificationToUser(user)`
			`return status, err`
			`}`

Stateless Email Verification 2017-05-10 00:04:07 +02:00			`// EmailVerification verifies the token used for email verification`
			`func EmailVerification(token string, w http.ResponseWriter) (int, error) {`
			`value := make(map[string]string)`
			`err := verificationHandler.Decode("", token, &value)`
			`if err != nil {`
			`fmt.Printf("%+v\n", err)`
			`return http.StatusForbidden, errors.New("Token is not valid.")`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`time_int, _ := strconv.ParseInt(value["t"], 10, 0)`
			`if timeHelper.IsExpired(time.Unix(time_int, 0)) {`
			`return http.StatusForbidden, errors.New("Token has expired.")`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`var user model.User`
			`if db.ORM.Where("user_id = ?", value["u"]).First(&user).RecordNotFound() {`
			`return http.StatusNotFound, errors.New("User is not found.")`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`
Stateless Email Verification 2017-05-10 00:04:07 +02:00			`user.Email = value["e"]`
			`return UpdateUserCore(&user)`
User Package (WIP) Added services and utils needed 2017-05-06 21:21:39 +02:00			`}`