package userService import ( "errors" "fmt" "net/http" "strconv" "time" "github.com/NyaaPantsu/nyaa/config" "github.com/NyaaPantsu/nyaa/db" "github.com/NyaaPantsu/nyaa/model" "github.com/NyaaPantsu/nyaa/util/email" "github.com/NyaaPantsu/nyaa/util/publicSettings" "github.com/NyaaPantsu/nyaa/util/timeHelper" "github.com/gorilla/securecookie" ) var verificationHandler = securecookie.New(config.EmailTokenHashKey, nil) // SendEmailVerification sends an email verification token via email. func SendEmailVerification(to string, token string) error { T, err := publicSettings.GetDefaultTfunc() if err != nil { return err } content := T("link") + " : https://" + config.Conf.WebAddress + "/verify/email/" + token contentHTML := T("verify_email_content") + "
" + "" + config.Conf.WebAddress + "/verify/email/" + token + "" return email.SendEmailFromAdmin(to, T("verify_email_title"), content, contentHTML) } // SendVerificationToUser sends an email verification token to user. func SendVerificationToUser(user model.User, newEmail string) (int, error) { validUntil := timeHelper.TwentyFourHoursLater() // TODO: longer duration? value := map[string]string{ "t": strconv.FormatInt(validUntil.Unix(), 10), "u": strconv.FormatUint(uint64(user.ID), 10), "e": newEmail, } encoded, err := verificationHandler.Encode("", value) if err != nil { return http.StatusInternalServerError, err } err = SendEmailVerification(newEmail, encoded) if err != nil { return http.StatusInternalServerError, err } return http.StatusOK, nil } // EmailVerification verifies the token used for email verification func EmailVerification(token string, w http.ResponseWriter) (int, error) { value := make(map[string]string) err := verificationHandler.Decode("", token, &value) if err != nil { fmt.Printf("%+v\n", err) return http.StatusForbidden, errors.New("Token is not valid") } timeInt, _ := strconv.ParseInt(value["t"], 10, 0) if timeHelper.IsExpired(time.Unix(timeInt, 0)) { return http.StatusForbidden, errors.New("Token has expired") } var user model.User if db.ORM.Where("user_id = ?", value["u"]).First(&user).RecordNotFound() { return http.StatusNotFound, errors.New("User is not found") } user.Email = value["e"] return UpdateUserCore(&user) }