375 lines
9.7 KiB
Go
375 lines
9.7 KiB
Go
package handler
|
|
|
|
import (
|
|
"me-fit/handler/middleware"
|
|
"me-fit/log"
|
|
"me-fit/service"
|
|
"me-fit/template/auth"
|
|
"me-fit/types"
|
|
"me-fit/utils"
|
|
|
|
"errors"
|
|
"net/http"
|
|
"net/url"
|
|
"time"
|
|
)
|
|
|
|
type Auth interface {
|
|
Handle(router *http.ServeMux)
|
|
}
|
|
|
|
type AuthImpl struct {
|
|
service service.Auth
|
|
render *Render
|
|
}
|
|
|
|
func NewAuth(service service.Auth, render *Render) Auth {
|
|
return AuthImpl{
|
|
service: service,
|
|
render: render,
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) Handle(router *http.ServeMux) {
|
|
router.Handle("GET /auth/signin", handler.handleSignInPage())
|
|
router.Handle("POST /api/auth/signin", handler.handleSignIn())
|
|
|
|
router.Handle("/auth/signup", handler.handleSignUpPage())
|
|
router.Handle("/auth/verify", handler.handleSignUpVerifyPage())
|
|
router.Handle("/api/auth/verify-resend", handler.handleVerifyResendComp())
|
|
router.Handle("/auth/verify-email", handler.handleSignUpVerifyResponsePage())
|
|
router.Handle("/api/auth/signup", handler.handleSignUp())
|
|
|
|
router.Handle("POST /api/auth/signout", handler.handleSignOut())
|
|
|
|
router.Handle("/auth/delete-account", handler.handleDeleteAccountPage())
|
|
router.Handle("/api/auth/delete-account", handler.handleDeleteAccountComp())
|
|
|
|
router.Handle("/auth/change-password", handler.handleChangePasswordPage())
|
|
router.Handle("/api/auth/change-password", handler.handleChangePasswordComp())
|
|
|
|
router.Handle("/auth/forgot-password", handler.handleForgotPasswordPage())
|
|
router.Handle("/api/auth/forgot-password", handler.handleForgotPasswordComp())
|
|
router.Handle("/api/auth/forgot-password-actual", handler.handleForgotPasswordResponseComp())
|
|
}
|
|
|
|
var (
|
|
securityWaitDuration = 250 * time.Millisecond
|
|
)
|
|
|
|
func (handler AuthImpl) handleSignInPage() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user := middleware.GetUser(r)
|
|
if user != nil {
|
|
if !user.EmailVerified {
|
|
utils.DoRedirect(w, r, "/auth/verify")
|
|
} else {
|
|
utils.DoRedirect(w, r, "/")
|
|
}
|
|
return
|
|
}
|
|
|
|
comp := auth.SignInOrUpComp(true)
|
|
|
|
handler.render.RenderLayout(r, w, comp, nil)
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleSignIn() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
user, err := utils.WaitMinimumTime(securityWaitDuration, func() (*types.User, error) {
|
|
session := middleware.GetSession(r)
|
|
email := r.FormValue("email")
|
|
password := r.FormValue("password")
|
|
|
|
session, user, err := handler.service.SignIn(session, email, password)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
cookie := middleware.CreateSessionCookie(session.Id)
|
|
http.SetCookie(w, &cookie)
|
|
|
|
return user, nil
|
|
})
|
|
|
|
if err != nil {
|
|
if err == service.ErrInvalidCredentials {
|
|
utils.TriggerToast(w, r, "error", "Invalid email or password", http.StatusUnauthorized)
|
|
} else {
|
|
utils.TriggerToast(w, r, "error", "An error occurred", http.StatusInternalServerError)
|
|
}
|
|
return
|
|
}
|
|
|
|
if user.EmailVerified {
|
|
utils.DoRedirect(w, r, "/")
|
|
} else {
|
|
utils.DoRedirect(w, r, "/auth/verify")
|
|
}
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleSignUpPage() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user := middleware.GetUser(r)
|
|
|
|
if user != nil {
|
|
if !user.EmailVerified {
|
|
utils.DoRedirect(w, r, "/auth/verify")
|
|
} else {
|
|
utils.DoRedirect(w, r, "/")
|
|
}
|
|
return
|
|
}
|
|
|
|
signUpComp := auth.SignInOrUpComp(false)
|
|
handler.render.RenderLayout(r, w, signUpComp, nil)
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleSignUpVerifyPage() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user := middleware.GetUser(r)
|
|
if user == nil {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
return
|
|
}
|
|
|
|
if user.EmailVerified {
|
|
utils.DoRedirect(w, r, "/")
|
|
return
|
|
}
|
|
|
|
signIn := auth.VerifyComp()
|
|
handler.render.RenderLayout(r, w, signIn, user)
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleVerifyResendComp() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user := middleware.GetUser(r)
|
|
if user == nil {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
return
|
|
}
|
|
|
|
go handler.service.SendVerificationMail(user.Id, user.Email)
|
|
|
|
_, err := w.Write([]byte("<p class=\"mt-8\">Verification email sent</p>"))
|
|
if err != nil {
|
|
log.Error("Could not write response: %v", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleSignUpVerifyResponsePage() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
token := r.URL.Query().Get("token")
|
|
|
|
err := handler.service.VerifyUserEmail(token)
|
|
|
|
if err != nil {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
} else {
|
|
utils.DoRedirect(w, r, "/")
|
|
}
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleSignUp() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
var email = r.FormValue("email")
|
|
var password = r.FormValue("password")
|
|
|
|
_, err := utils.WaitMinimumTime(securityWaitDuration, func() (interface{}, error) {
|
|
log.Info("Signing up %v", email)
|
|
user, err := handler.service.SignUp(email, password)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
log.Info("Sending verification email to %v", user.Email)
|
|
go handler.service.SendVerificationMail(user.Id, user.Email)
|
|
return nil, nil
|
|
})
|
|
|
|
if err != nil {
|
|
if errors.Is(err, types.ErrInternal) {
|
|
utils.TriggerToast(w, r, "error", "An error occurred", http.StatusInternalServerError)
|
|
return
|
|
} else if errors.Is(err, service.ErrInvalidEmail) {
|
|
utils.TriggerToast(w, r, "error", "The email provided is invalid", http.StatusBadRequest)
|
|
return
|
|
}
|
|
// If the "service.ErrAccountExists", then just continue
|
|
}
|
|
|
|
utils.TriggerToast(w, r, "success", "A link to activate your account has been emailed to the address provided.", http.StatusOK)
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleSignOut() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
session := middleware.GetSession(r)
|
|
|
|
if session != nil {
|
|
err := handler.service.SignOut(session.Id)
|
|
if err != nil {
|
|
http.Error(w, "An error occurred", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
}
|
|
|
|
c := http.Cookie{
|
|
Name: "id",
|
|
Value: "",
|
|
MaxAge: -1,
|
|
Secure: true,
|
|
HttpOnly: true,
|
|
SameSite: http.SameSiteStrictMode,
|
|
Path: "/",
|
|
}
|
|
|
|
http.SetCookie(w, &c)
|
|
utils.DoRedirect(w, r, "/")
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleDeleteAccountPage() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user := middleware.GetUser(r)
|
|
if user == nil {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
return
|
|
}
|
|
|
|
comp := auth.DeleteAccountComp()
|
|
handler.render.RenderLayout(r, w, comp, user)
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleDeleteAccountComp() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user := middleware.GetUser(r)
|
|
if user == nil {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
return
|
|
}
|
|
|
|
password := r.FormValue("password")
|
|
|
|
err := handler.service.DeleteAccount(user, password)
|
|
if err != nil {
|
|
if err == service.ErrInvalidCredentials {
|
|
utils.TriggerToast(w, r, "error", "Password not correct", http.StatusBadRequest)
|
|
} else {
|
|
utils.TriggerToast(w, r, "error", "Internal Server Error", http.StatusInternalServerError)
|
|
}
|
|
return
|
|
}
|
|
|
|
utils.DoRedirect(w, r, "/")
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleChangePasswordPage() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
isPasswordReset := r.URL.Query().Has("token")
|
|
|
|
user := middleware.GetUser(r)
|
|
|
|
if user == nil && !isPasswordReset {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
return
|
|
}
|
|
|
|
comp := auth.ChangePasswordComp(isPasswordReset)
|
|
handler.render.RenderLayout(r, w, comp, user)
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleChangePasswordComp() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
session := middleware.GetSession(r)
|
|
user := middleware.GetUser(r)
|
|
if session == nil || user == nil {
|
|
utils.DoRedirect(w, r, "/auth/signin")
|
|
return
|
|
}
|
|
|
|
currPass := r.FormValue("current-password")
|
|
newPass := r.FormValue("new-password")
|
|
|
|
err := handler.service.ChangePassword(user, session.Id, currPass, newPass)
|
|
if err != nil {
|
|
utils.TriggerToast(w, r, "error", "Password not correct", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
utils.TriggerToast(w, r, "success", "Password changed", http.StatusOK)
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleForgotPasswordPage() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
user := middleware.GetUser(r)
|
|
if user != nil {
|
|
utils.DoRedirect(w, r, "/")
|
|
return
|
|
}
|
|
|
|
comp := auth.ResetPasswordComp()
|
|
handler.render.RenderLayout(r, w, comp, user)
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleForgotPasswordComp() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
email := r.FormValue("email")
|
|
if email == "" {
|
|
utils.TriggerToast(w, r, "error", "Please enter an email", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
_, err := utils.WaitMinimumTime(securityWaitDuration, func() (interface{}, error) {
|
|
err := handler.service.SendForgotPasswordMail(email)
|
|
return nil, err
|
|
})
|
|
|
|
if err != nil {
|
|
utils.TriggerToast(w, r, "error", "Internal Server Error", http.StatusInternalServerError)
|
|
} else {
|
|
utils.TriggerToast(w, r, "info", "If the email exists, an email has been sent", http.StatusOK)
|
|
}
|
|
}
|
|
}
|
|
|
|
func (handler AuthImpl) handleForgotPasswordResponseComp() http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
pageUrl, err := url.Parse(r.Header.Get("HX-Current-URL"))
|
|
if err != nil {
|
|
log.Error("Could not get current URL: %v", err)
|
|
utils.TriggerToast(w, r, "error", "Internal Server Error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
token := pageUrl.Query().Get("token")
|
|
newPass := r.FormValue("new-password")
|
|
|
|
err = handler.service.ForgotPassword(token, newPass)
|
|
if err != nil {
|
|
utils.TriggerToast(w, r, "error", err.Error(), http.StatusInternalServerError)
|
|
} else {
|
|
utils.TriggerToast(w, r, "success", "Password changed", http.StatusOK)
|
|
}
|
|
}
|
|
}
|