9 "github.com/dchest/passwordreset"
10 "github.com/gin-gonic/gin"
12 "immae.eu/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front/db"
16 VALID_EMAIL_REGEX = `(?i)^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$`
19 func UserConfirmed(c *gin.Context) *Error {
20 user, exists := c.Get("user")
23 return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
26 if user.(db.User).Status != db.Confirmed {
27 return &Error{UserNotConfirmed, "user awaiting admin validation", fmt.Errorf("user '%v' not confirmed", user)}
33 func GetUser(c *gin.Context) db.User {
34 user, _ := c.Get("user")
39 func IsValidEmailAddress(email string) bool {
40 r := regexp.MustCompile(VALID_EMAIL_REGEX)
42 return r.MatchString(email)
45 type SignParams struct {
50 type SignResult struct {
51 Token string `json:"token"`
54 func (s SignParams) Validate() *Error {
55 if !IsValidEmailAddress(s.Email) {
56 return &Error{InvalidEmail, "invalid email", fmt.Errorf("'%v' is not a valid email", s.Email)}
60 return &Error{InvalidPassword, "invalid password", fmt.Errorf("invalid password")}
66 type SignupQuery struct {
70 func (q SignupQuery) ValidateParams() *Error {
71 return q.In.Validate()
74 func (q SignupQuery) Run() (interface{}, *Error) {
75 user, err := db.GetUserByEmail(q.In.Email)
77 return nil, NewInternalError(err)
81 return nil, &Error{EmailExists, "email already taken", fmt.Errorf("'%v' is already registered '%v'", q.In.Email, user)}
84 newUser := db.User{Email: q.In.Email, Status: db.AwaitingConfirmation}
85 newUser.PasswordHash, err = db.HashPassword(q.In.Password)
87 return nil, NewInternalError(err)
90 err = db.InsertUser(&newUser)
92 return nil, NewInternalError(err)
95 token, err := CreateJwtToken(newUser.Id)
97 return nil, NewInternalError(fmt.Errorf("cannot create jwt token %v", err))
100 if CONFIG.FreeSMSUser != "" {
101 err := SendSMS(CONFIG.FreeSMSUser, CONFIG.FreeSMSPass, fmt.Sprintf("New user signup '%v'", q.In.Email))
103 return nil, NewInternalError(err)
107 configMap := make(map[string]string)
108 configMap["key"] = ""
109 configMap["secret"] = ""
111 _, err = db.SetUserMarketConfig(newUser.Id, "poloniex", configMap)
113 return nil, NewInternalError(err)
116 if MAIL_CONFIG.IsEnabled {
117 mailConfirmationToken := passwordreset.NewToken(q.In.Email, time.Hour*24*1, []byte(strconv.FormatUint(uint64(newUser.Status), 10)), PASSWORD_RESET_SECRET)
118 err = SendConfirmationMail(q.In.Email, mailConfirmationToken)
120 return nil, NewInternalError(err)
124 if CONFIG.FreeSMSUser != "" {
125 err := SendSMS(CONFIG.FreeSMSUser, CONFIG.FreeSMSPass, fmt.Sprintf("'%v' request a password reset. Token '/change-password?token=%v'", q.In.Email, token))
127 return nil, NewInternalError(err)
131 return SignResult{token}, nil
134 type SigninQuery struct {
138 func (q SigninQuery) ValidateParams() *Error {
139 return q.In.Validate()
142 func (q SigninQuery) Run() (interface{}, *Error) {
143 user, err := db.GetUserByEmail(q.In.Email)
145 return nil, NewInternalError(err)
149 return nil, &Error{InvalidCredentials, "invalid credentials", fmt.Errorf("no email '%v' found", q.In.Email)}
152 err = db.ValidatePassword(q.In.Password, user.PasswordHash)
154 return nil, &Error{InvalidCredentials, "invalid credentials", err}
157 token, err := CreateJwtToken(user.Id)
159 return nil, NewInternalError(err)
162 return SignResult{token}, nil
165 type ConfirmEmailQuery struct {
171 func (q ConfirmEmailQuery) ValidateParams() *Error {
173 if q.In.Token == "" {
174 return &Error{BadRequest, "invalid token", fmt.Errorf("invalid token")}
180 func (q ConfirmEmailQuery) Run() (interface{}, *Error) {
183 email, err := passwordreset.VerifyToken(q.In.Token, func(email string) ([]byte, error) {
185 user, err = db.GetUserByEmail(email)
191 return nil, fmt.Errorf("'%v' is not registered", email)
194 return []byte(strconv.FormatUint(uint64(user.Status), 10)), nil
196 }, PASSWORD_RESET_SECRET)
198 if err != nil && (err == passwordreset.ErrExpiredToken) {
199 return nil, &Error{BadRequest, "expired token", fmt.Errorf("expired token")}
200 } else if err != nil && (err == passwordreset.ErrMalformedToken || err == passwordreset.ErrWrongSignature) {
201 return nil, &Error{BadRequest, "wrong token", fmt.Errorf("wrong token")}
202 } else if err != nil {
203 return nil, NewInternalError(err)
207 return nil, &Error{BadRequest, "bad request", fmt.Errorf("no user found for email '%v'", email)}
210 err = db.SetUserStatus(user, db.Confirmed)
212 return nil, NewInternalError(err)
218 type UserAccountQuery struct {
223 Email string `json:"email"`
227 func (q UserAccountQuery) ValidateParams() *Error {
231 func (q UserAccountQuery) Run() (interface{}, *Error) {
232 q.Out.Email = q.In.User.Email