Make email verification work correctly
Previously the email was set before it had been verified, which was very wrong.
Cette révision appartient à :
Parent
a857c1abe3
révision
d178ab23b6
3 fichiers modifiés avec 11 ajouts et 29 suppressions
|
@ -85,7 +85,6 @@ func ClearCookie(w http.ResponseWriter) (int, error) {
|
|||
// SetCookieHandler sets a cookie with email and password.
|
||||
func SetCookieHandler(w http.ResponseWriter, email string, pass string) (int, error) {
|
||||
if email != "" && pass != "" {
|
||||
log.Debugf("User email : %s , password : %s", email, pass)
|
||||
var user model.User
|
||||
isValidEmail, _ := formStruct.EmailValidation(email, formStruct.NewErrors())
|
||||
if isValidEmail {
|
||||
|
@ -115,14 +114,9 @@ func SetCookieHandler(w http.ResponseWriter, email string, pass string) (int, er
|
|||
|
||||
// RegisterHanderFromForm sets cookie from a RegistrationForm.
|
||||
func RegisterHanderFromForm(w http.ResponseWriter, registrationForm formStruct.RegistrationForm) (int, error) {
|
||||
email := registrationForm.Email
|
||||
if email == "" {
|
||||
email = registrationForm.Username
|
||||
}
|
||||
username := registrationForm.Username // email isn't set at this point
|
||||
pass := registrationForm.Password
|
||||
log.Debugf("RegisterHandler UserEmail : %s", email)
|
||||
log.Debugf("RegisterHandler UserPassword : %s", pass)
|
||||
return SetCookieHandler(w, email, pass)
|
||||
return SetCookieHandler(w, username, pass)
|
||||
}
|
||||
|
||||
// RegisterHandler sets a cookie when user registered.
|
||||
|
|
|
@ -62,6 +62,7 @@ func CreateUserFromForm(registrationForm formStruct.RegistrationForm) (model.Use
|
|||
if user.Email == "" {
|
||||
user.MD5 = ""
|
||||
} else {
|
||||
// Despite the email not being verified yet we calculate this for convenience reasons
|
||||
var err error
|
||||
user.MD5, err = crypto.GenerateMD5Hash(user.Email)
|
||||
if err != nil {
|
||||
|
@ -72,6 +73,7 @@ func CreateUserFromForm(registrationForm formStruct.RegistrationForm) (model.Use
|
|||
if err != nil {
|
||||
return user, errors.New("token not generated")
|
||||
}
|
||||
user.Email = "" // unset email because it will be verified later
|
||||
|
||||
user.Token = token
|
||||
user.TokenExpiration = timeHelper.FewDaysLater(config.AuthTokenExpirationDay)
|
||||
|
@ -108,7 +110,7 @@ func CreateUser(w http.ResponseWriter, r *http.Request) (int, error) {
|
|||
if err != nil {
|
||||
return http.StatusInternalServerError, err
|
||||
}
|
||||
SendVerificationToUser(user)
|
||||
SendVerificationToUser(user, registrationForm.Email)
|
||||
status, err = RegisterHandler(w, r)
|
||||
return status, err
|
||||
}
|
||||
|
|
|
@ -10,8 +10,7 @@ import (
|
|||
"github.com/ewhal/nyaa/config"
|
||||
"github.com/ewhal/nyaa/db"
|
||||
"github.com/ewhal/nyaa/model"
|
||||
// "github.com/ewhal/nyaa/util/crypto"
|
||||
"github.com/ewhal/nyaa/util/email"
|
||||
//"github.com/ewhal/nyaa/util/email"
|
||||
"github.com/ewhal/nyaa/util/timeHelper"
|
||||
"github.com/gorilla/securecookie"
|
||||
"github.com/nicksnyder/go-i18n/i18n"
|
||||
|
@ -27,43 +26,30 @@ func SendEmailVerification(to string, token string, locale string) error {
|
|||
}
|
||||
content := T("link") + " : https://" + config.WebAddress + "/verify/email/" + token
|
||||
content_html := T("verify_email_content") + "<br/>" + "<a href=\"https://" + config.WebAddress + "/verify/email/" + token + "\" target=\"_blank\">" + config.WebAddress + "/verify/email/" + token + "</a>"
|
||||
return email.SendEmailFromAdmin(to, T("verify_email_title"), content, content_html)
|
||||
//return email.SendEmailFromAdmin(to, T("verify_email_title"), content, content_html)
|
||||
fmt.Printf("sending email to %s\n----\n%s\n%s\n----\n", to, content, content_html)
|
||||
return nil
|
||||
}
|
||||
|
||||
// SendVerificationToUser sends an email verification token to user.
|
||||
func SendVerificationToUser(user model.User) (int, error) {
|
||||
func SendVerificationToUser(user model.User, newEmail string) (int, error) {
|
||||
validUntil := timeHelper.TwentyFourHoursLater() // TODO: longer duration?
|
||||
value := map[string]string{
|
||||
"t": strconv.FormatInt(validUntil.Unix(), 10),
|
||||
"u": strconv.FormatUint(uint64(user.ID), 10),
|
||||
"e": user.Email,
|
||||
"e": newEmail,
|
||||
}
|
||||
encoded, err := verificationHandler.Encode("", value)
|
||||
if err != nil {
|
||||
return http.StatusInternalServerError, err
|
||||
}
|
||||
err = SendEmailVerification(user.Email, encoded, "en-us")
|
||||
err = SendEmailVerification(newEmail, encoded, "en-us")
|
||||
if err != nil {
|
||||
return http.StatusInternalServerError, err
|
||||
}
|
||||
return http.StatusOK, nil
|
||||
}
|
||||
|
||||
// SendVerification sends an email verification token.
|
||||
func SendVerification(r *http.Request) (int, error) {
|
||||
var user model.User
|
||||
currentUser, err := CurrentUser(r)
|
||||
if err != nil {
|
||||
return http.StatusUnauthorized, errors.New("unauthorized")
|
||||
}
|
||||
if db.ORM.First(&user, currentUser.ID).RecordNotFound() {
|
||||
return http.StatusNotFound, errors.New("user not found")
|
||||
}
|
||||
status, err := SendVerificationToUser(user)
|
||||
return status, err
|
||||
}
|
||||
|
||||
// EmailVerification verifies the token used for email verification
|
||||
func EmailVerification(token string, w http.ResponseWriter) (int, error) {
|
||||
value := make(map[string]string)
|
||||
|
|
Référencer dans un nouveau ticket