]> git.immae.eu Git - perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front.git/blob - api/user.go
projects / perso / Immae / Projets / Cryptomonnaies / Cryptoportfolio / Front.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Password reset.
[perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front.git] / api / user.go
1 package api
2
3 import (
4 "fmt"
5 "regexp"
6
7 "github.com/gin-gonic/gin"
8
9 "immae.eu/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front/db"
10 )
11
12 const (
13 VALID_EMAIL_REGEX = `(?i)^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$`
14 )
15
16 func IsValidEmailAddress(email string) bool {
17 r := regexp.MustCompile(VALID_EMAIL_REGEX)
18
19 return r.MatchString(email)
20 }
21
22 type SignParams struct {
23 Email string
24 Password string
25 }
26
27 type SignResult struct {
28 Token string `json:"token"`
29 }
30
31 func (s SignParams) Validate() *Error {
32 if !IsValidEmailAddress(s.Email) {
33 return &Error{InvalidEmail, "invalid email", fmt.Errorf("'%v' is not a valid email", s.Email)}
34 }
35
36 if s.Password == "" {
37 return &Error{InvalidPassword, "invalid password", fmt.Errorf("invalid password")}
38 }
39
40 return nil
41 }
42
43 type SignupQuery struct {
44 In SignParams
45 }
46
47 func (q SignupQuery) ValidateParams() *Error {
48 return q.In.Validate()
49 }
50
51 func (q SignupQuery) Run() (interface{}, *Error) {
52 user, err := db.GetUserByEmail(q.In.Email)
53 if err != nil {
54 return nil, NewInternalError(err)
55 }
56
57 if user != nil {
58 return nil, &Error{EmailExists, "email already taken", fmt.Errorf("'%v' is already registered '%v'", q.In.Email, user)}
59 }
60
61 newUser := db.User{Email: q.In.Email, Status: db.AwaitingConfirmation}
62 newUser.PasswordHash, err = db.HashPassword(q.In.Password)
63 if err != nil {
64 return nil, NewInternalError(err)
65 }
66
67 err = db.InsertUser(&newUser)
68 if err != nil {
69 return nil, NewInternalError(err)
70 }
71
72 token, err := CreateJwtToken(newUser.Id)
73 if err != nil {
74 return nil, NewInternalError(fmt.Errorf("cannot create jwt token %v", err))
75 }
76
77 if CONFIG.FreeSMSUser != "" {
78 err := SendSMS(CONFIG.FreeSMSUser, CONFIG.FreeSMSPass, fmt.Sprintf("New user signup '%v'", q.In.Email))
79 if err != nil {
80 return nil, NewInternalError(err)
81 }
82 }
83
84 return SignResult{token}, nil
85 }
86
87 type SigninQuery struct {
88 In SignParams
89 }
90
91 func (q SigninQuery) ValidateParams() *Error {
92 return q.In.Validate()
93 }
94
95 func (q SigninQuery) Run() (interface{}, *Error) {
96 user, err := db.GetUserByEmail(q.In.Email)
97 if err != nil {
98 return nil, NewInternalError(err)
99 }
100
101 if user == nil {
102 return nil, &Error{InvalidCredentials, "invalid credentials", fmt.Errorf("no email '%v' found", q.In.Email)}
103 }
104
105 err = db.ValidatePassword(q.In.Password, user.PasswordHash)
106 if err != nil {
107 return nil, &Error{InvalidCredentials, "invalid credentials", err}
108 }
109
110 token, err := CreateJwtToken(user.Id)
111 if err != nil {
112 return nil, NewInternalError(err)
113 }
114
115 return SignResult{token}, nil
116 }
117
118 func UserConfirmed(c *gin.Context) *Error {
119 user, exists := c.Get("user")
120
121 if !exists {
122 return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
123 }
124
125 if user.(db.User).Status != db.Confirmed {
126 return &Error{UserNotConfirmed, "user awaiting admin validation", fmt.Errorf("user '%v' not confirmed", user)}
127 }
128
129 return nil
130 }
131
132 func GetUser(c *gin.Context) db.User {
133 user, _ := c.Get("user")
134
135 return user.(db.User)
136 }
The front site https://cryptoportfolio.immae.eu