Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0
Ce dépôt a été archivé le 2022-05-07. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d'ajout, ni soumettre de changements.
nyaa-pantsu/service/user/verification.go
Chris MacLeod 14378fbf39 Consistency, formatting, error checking, cleanup, and a couple bug fixes (#245)
* Checkpoint: it builds

The config, db, model, network, os, and public packages have had some
fixes to glaringly obvious flaws, dead code removed, and stylistic
changes.

* Style changes and old code removal in router

Router needs a lot of work done to its (lack of) error handling.

* Dead code removal and style changes

Now up to util/email/email.go. After I'm finished with the initial sweep
I'll go back and fix error handling and security issues. Then I'll fix
the broken API. Then I'll go through to add documentation and fix code
visibility.

* Finish dead code removal and style changes

Vendored libraries not touched. Everything still needs security fixes
and documentation. There's also one case of broken functionality.

* Fix accidental find-and-replace

* Style, error checking, saftey, bug fix changes

* Redo error checking erased during merge

* Re-add merge-erased fix. Make Safe safe.
2017-05-09 21:34:40 -05:00

85 lignes
2,8 Kio
Go

package userService
import (
"errors"
"fmt"
"net/http"
"strconv"
"time"
"github.com/ewhal/nyaa/config"
"github.com/ewhal/nyaa/db"
"github.com/ewhal/nyaa/model"
// "github.com/ewhal/nyaa/util/crypto"
"github.com/ewhal/nyaa/util/email"
"github.com/ewhal/nyaa/util/timeHelper"
"github.com/gorilla/securecookie"
"github.com/nicksnyder/go-i18n/i18n"
)
var verificationHandler = securecookie.New(config.EmailTokenHashKey, nil)
// SendEmailVerfication sends an email verification token via email.
func SendEmailVerification(to string, token string, locale string) error {
T, err := i18n.Tfunc(locale)
if err != nil {
return err
}
content := T("link") + " : https://" + config.WebAddress + "/verify/email/" + token
content_html := T("verify_email_content") + "<br/>" + "<a href=\"https://" + config.WebAddress + "/verify/email/" + token + "\" target=\"_blank\">" + config.WebAddress + "/verify/email/" + token + "</a>"
return email.SendEmailFromAdmin(to, T("verify_email_title"), content, content_html)
return nil
}
// SendVerificationToUser sends an email verification token to user.
func SendVerificationToUser(user model.User) (int, error) {
validUntil := timeHelper.TwentyFourHoursLater() // TODO: longer duration?
value := map[string]string{
"t": strconv.FormatInt(validUntil.Unix(), 10),
"u": strconv.FormatUint(uint64(user.ID), 10),
"e": user.Email,
}
encoded, err := verificationHandler.Encode("", value)
if err != nil {
return http.StatusInternalServerError, err
}
err = SendEmailVerification(user.Email, encoded, "en-us")
if err != nil {
return http.StatusInternalServerError, err
}
return http.StatusOK, nil
}
// SendVerification sends an email verification token.
func SendVerification(r *http.Request) (int, error) {
var user model.User
currentUser, err := CurrentUser(r)
if err != nil {
return http.StatusUnauthorized, errors.New("unauthorized")
}
if db.ORM.First(&user, currentUser.ID).RecordNotFound() {
return http.StatusNotFound, errors.New("user not found")
}
status, err := SendVerificationToUser(user)
return status, err
}
// EmailVerification verifies the token used for email verification
func EmailVerification(token string, w http.ResponseWriter) (int, error) {
value := make(map[string]string)
err := verificationHandler.Decode("", token, &value)
if err != nil {
fmt.Printf("%+v\n", err)
return http.StatusForbidden, errors.New("Token is not valid.")
}
time_int, _ := strconv.ParseInt(value["t"], 10, 0)
if timeHelper.IsExpired(time.Unix(time_int, 0)) {
return http.StatusForbidden, errors.New("Token has expired.")
}
var user model.User
if db.ORM.Where("user_id = ?", value["u"]).First(&user).RecordNotFound() {
return http.StatusNotFound, errors.New("User is not found.")
}
user.Email = value["e"]
return UpdateUserCore(&user)
}