Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0

Merge pull request #231 from sfan5/branchnamehere

Stateless Email Verification
Cette révision appartient à :
ewhal 2017-05-10 08:05:21 +10:00 révisé par GitHub
révision 3afc2ff118
3 fichiers modifiés avec 44 ajouts et 47 suppressions

Voir le fichier

@ -13,3 +13,5 @@ const (
// EmailTimeout = 80 * time.Millisecond
EmailTimeout = 10 * time.Second
)
var EmailTokenHashKey = []byte("CHANGE_THIS_BEFORE_DEPLOYING_YOU_RETARD")

Voir le fichier

@ -3,6 +3,7 @@ package router
import (
"net/http"
"github.com/ewhal/nyaa/model"
"github.com/ewhal/nyaa/service/captcha"
"github.com/ewhal/nyaa/service/user"
"github.com/ewhal/nyaa/service/user/form"
@ -180,7 +181,10 @@ func UserRegisterPostHandler(w http.ResponseWriter, r *http.Request) {
}
if (len(err) == 0) {
languages.SetTranslationFromRequest(viewRegisterSuccessTemplate, r, "en-us")
htv := UserRegisterTemplateVariables{b, err, NewSearchForm(), Navigation{}, GetUser(r), r.URL, mux.CurrentRoute(r)}
u := model.User{
Email: r.PostFormValue("email"), // indicate whether user had email set
}
htv := UserRegisterTemplateVariables{b, err, NewSearchForm(), Navigation{}, &u, r.URL, mux.CurrentRoute(r)}
errorTmpl := viewRegisterSuccessTemplate.ExecuteTemplate(w, "index.html", htv)
if errorTmpl != nil {
http.Error(w, errorTmpl.Error(), http.StatusInternalServerError)

Voir le fichier

@ -2,51 +2,48 @@ package userService
import (
"errors"
"fmt"
"net/http"
// "time"
"strconv"
"time"
"github.com/ewhal/nyaa/config"
"github.com/ewhal/nyaa/db"
"github.com/ewhal/nyaa/model"
// "github.com/ewhal/nyaa/util/crypto"
"github.com/ewhal/nyaa/util/email"
// "github.com/ewhal/nyaa/util/log"
// "github.com/ewhal/nyaa/util/timeHelper"
"github.com/ewhal/nyaa/util/timeHelper"
"github.com/gorilla/securecookie"
"github.com/nicksnyder/go-i18n/i18n"
)
var verificationHandler = securecookie.New(config.EmailTokenHashKey, nil)
// SendEmailVerfication sends an email verification token via email.
func SendEmailVerfication(to string, token string, locale string) error {
func SendEmailVerification(to string, token string, locale string) error {
T, _ := i18n.Tfunc(locale)
err := email.SendEmailFromAdmin(to,
T("verify_email_title"),
T("link")+" : "+config.WebAddress+"/verify/email/"+token,
T("verify_email_content")+"<br/><a href=\""+config.WebAddress+"/verify/email/"+token+"\" target=\"_blank\">"+config.WebAddress+"/verify/email/"+token+"</a>")
return err
content := T("link")+" : https://"+config.WebAddress+"/verify/email/"+token
content_html := T("verify_email_content")+"<br/>"+"<a href=\"https://"+config.WebAddress+"/verify/email/"+token+"\" target=\"_blank\">"+config.WebAddress+"/verify/email/"+token+"</a>"
return email.SendEmailFromAdmin(to, T("verify_email_title"), content, content_html)
return nil
}
// SendVerificationToUser sends an email verification token to user.
func SendVerificationToUser(user model.User) (int, error) {
/*var status int
var err error
user.ActivateUntil = timeHelper.TwentyFourHoursLater()
user.ActivationToken, err = crypto.GenerateRandomToken32()
validUntil := timeHelper.TwentyFourHoursLater() // TODO: longer duration?
value := map[string]string{
"t": strconv.FormatInt(validUntil.Unix(), 10),
"u": strconv.FormatUint(uint64(user.Id), 10),
"e": user.Email,
}
encoded, err := verificationHandler.Encode("", value)
if err != nil {
return http.StatusInternalServerError, err
}
user.Activation = false
log.Debugf("generated token : %s", user.ActivationToken)
status, err = UpdateUserCore(&user)
if err != nil {
return status, err
}
err = SendEmailVerfication(user.Email, user.ActivationToken, "en-us")
err = SendEmailVerification(user.Email, encoded, "en-us")
if err != nil {
return http.StatusInternalServerError, err
}
return http.StatusOK, err*/
return 0, errors.New("NotImpl")
return http.StatusOK, nil
}
// SendVerification sends an email verification token.
@ -63,28 +60,22 @@ func SendVerification(r *http.Request) (int, error) {
return status, err
}
// EmailVerification verifies an email of user.
// EmailVerification verifies the token used for email verification
func EmailVerification(token string, w http.ResponseWriter) (int, error) {
/*var user model.User
log.Debugf("verifyEmailForm.ActivationToken : %s", token)
if db.ORM.Where(&model.User{ActivationToken: token}).First(&user).RecordNotFound() {
value := make(map[string]string)
err := verificationHandler.Decode("", token, &value)
if err != nil {
fmt.Printf("%+v\n", err)
return http.StatusForbidden, errors.New("Token is not valid.")
}
time_int, _ := strconv.ParseInt(value["t"], 10, 0)
if timeHelper.IsExpired(time.Unix(time_int, 0)) {
return http.StatusForbidden, errors.New("Token has expired.")
}
var user model.User
if db.ORM.Where("user_id = ?", value["u"]).First(&user).RecordNotFound() {
return http.StatusNotFound, errors.New("User is not found.")
}
isExpired := timeHelper.IsExpired(user.ActivateUntil)
log.Debugf("passwordResetUntil : %s", user.ActivateUntil.UTC())
log.Debugf("expired : %t", isExpired)
if isExpired {
return http.StatusForbidden, errors.New("token not valid.")
}
user.ActivationToken = ""
user.ActivateUntil = time.Now()
user.ActivatedAt = time.Now()
user.Activation = true
status, err := UpdateUserCore(&user)
if err != nil {
return status, err
}
status, err = SetCookie(w, user.Token)
return status, err*/
return 0, errors.New("NotImpl")
user.Email = value["e"]
return UpdateUserCore(&user)
}