chore(auth): refactor the last auth handlers

2024-09-19 23:20:17 +02:00
parent f83a404206
commit 7e3e9388e2
2 changed files with 278 additions and 246 deletions
--- a/handler/auth.go
+++ b/handler/auth.go
@@ -1,14 +1,18 @@
 package handler

 import (
+	"context"
 	"me-fit/service"
 	"me-fit/template"
 	"me-fit/template/auth"
+	mail "me-fit/template/mail"
 	"me-fit/types"
 	"me-fit/utils"
+	"strings"

 	"database/sql"
 	"net/http"
+	"net/url"
 )

 func authUi(db *sql.DB) http.Handler {
@@ -31,12 +35,12 @@ func authApi(db *sql.DB) http.Handler {

 	router.Handle("/api/auth/signup", handleSignUp(db))
 	router.Handle("/api/auth/signin", handleSignIn(db))
-	router.Handle("/api/auth/signout", service.HandleSignOutComp(db))
-	router.Handle("/api/auth/delete-account", service.HandleDeleteAccountComp(db))
-	router.Handle("/api/auth/verify-resend", service.HandleVerifyResendComp(db))
-	router.Handle("/api/auth/change-password", service.HandleChangePasswordComp(db))
-	router.Handle("/api/auth/reset-password", service.HandleResetPasswordComp(db))
-	router.Handle("/api/auth/reset-password-actual", service.HandleActualResetPasswordComp(db))
+	router.Handle("/api/auth/signout", handleSignOut(db))
+	router.Handle("/api/auth/delete-account", handleDeleteAccount(db))
+	router.Handle("/api/auth/verify-resend", handleVerifyResend(db))
+	router.Handle("/api/auth/change-password", handleChangePassword(db))
+	router.Handle("/api/auth/reset-password", handleResetPassword(db))
+	router.Handle("/api/auth/reset-password-actual", handleActualResetPassword(db))

 	return router
 }
@@ -226,3 +230,140 @@ func handleSignIn(db *sql.DB) http.HandlerFunc {
 		utils.DoRedirect(w, r, "/auth/verify")
 	}
 }
+
+func handleSignOut(db *sql.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user := service.GetUserFromRequest(db, r)
+
+		err := service.SignOut(db, user)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			utils.TriggerToast(w, r, "error", "Internal Server Error")
+			return
+		}
+
+		c := http.Cookie{
+			Name:     "id",
+			Value:    "",
+			MaxAge:   -1,
+			Secure:   true,
+			HttpOnly: true,
+			SameSite: http.SameSiteStrictMode,
+			Path:     "/",
+		}
+
+		http.SetCookie(w, &c)
+		utils.DoRedirect(w, r, "/")
+	}
+}
+
+func handleDeleteAccount(db *sql.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user := service.GetUserFromRequest(db, r)
+
+		if user == nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		password := r.FormValue("password")
+
+		err := service.DeleteAccount(db, user, password)
+		if err != nil {
+			utils.LogError("Could not delete account", err)
+			utils.TriggerToast(w, r, "error", err.Error())
+		}
+
+		utils.DoRedirect(w, r, "/")
+	}
+}
+
+func handleVerifyResend(db *sql.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		user := service.GetUserFromRequest(db, r)
+		if user == nil || user.EmailVerified {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		go service.SendVerificationEmail(db, user.Id.String(), user.Email)
+
+		w.Write([]byte("<p class=\"mt-8\">Verification email sent</p>"))
+	}
+}
+
+func handleChangePassword(db *sql.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		user := service.GetUserFromRequest(db, r)
+		if user == nil {
+			utils.DoRedirect(w, r, "/auth/signin")
+			return
+		}
+
+		currPass := r.FormValue("current-password")
+		newPass := r.FormValue("new-password")
+
+		err := service.ChangePassword(db, user, currPass, newPass)
+		if err != nil {
+			utils.TriggerToast(w, r, "error", err.Error())
+			return
+		}
+
+		utils.TriggerToast(w, r, "success", "Password changed")
+	}
+}
+
+func handleResetPassword(db *sql.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		email := r.FormValue("email")
+
+		token, err := service.ResetPassword(db, email)
+		if err != nil {
+			utils.TriggerToast(w, r, "error", err.Error())
+			return
+		}
+
+		if token != "" {
+			var string strings.Builder
+			err = mail.ResetPassword(token).Render(context.Background(), &string)
+			if err != nil {
+				utils.LogError("Could not render reset password email", err)
+				utils.TriggerToast(w, r, "error", "Internal Server Error")
+				return
+			}
+			utils.SendMail(email, "Reset Password", string.String())
+		}
+
+		utils.TriggerToast(w, r, "info", "If the email exists, an email has been sent")
+	}
+}
+
+func handleActualResetPassword(db *sql.DB) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+
+		pageUrl, err := url.Parse(r.Header.Get("HX-Current-URL"))
+		if err != nil {
+			utils.LogError("Could not get current URL", err)
+			utils.TriggerToast(w, r, "error", "Internal Server Error")
+			return
+		}
+
+		token := pageUrl.Query().Get("token")
+		if token == "" {
+			utils.TriggerToast(w, r, "error", "No token")
+			return
+		}
+
+		newPass := r.FormValue("new-password")
+
+		service.ActualResetPassword(db, token, newPass)
+		if err != nil {
+			utils.TriggerToast(w, r, "error", err.Error())
+			return
+		}
+
+		utils.TriggerToast(w, r, "success", "Password changed")
+	}
+}