]> git.immae.eu Git - perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front.git/blob - api/user.go
projects / perso / Immae / Projets / Cryptomonnaies / Cryptoportfolio / Front.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Admin minimal dashboard.
[perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front.git] / api / user.go
1 package api
2
3 import (
4 "fmt"
5 "regexp"
6 "strconv"
7 "time"
8
9 "github.com/dchest/passwordreset"
10 "github.com/gin-gonic/gin"
11
12 "immae.eu/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front/db"
13 )
14
15 const (
16 VALID_EMAIL_REGEX = `(?i)^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$`
17 )
18
19 func UserConfirmed(c *gin.Context) *Error {
20 user, exists := c.Get("user")
21
22 if !exists {
23 return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
24 }
25
26 if user.(db.User).Status != db.Confirmed {
27 return &Error{UserNotConfirmed, "user awaiting admin validation", fmt.Errorf("user '%v' not confirmed", user)}
28 }
29
30 return nil
31 }
32
33 func UserIsAdmin(c *gin.Context) *Error {
34 user, exists := c.Get("user")
35
36 if !exists {
37 return &Error{NotAuthorized, "not authorized", fmt.Errorf("no user key in context")}
38 }
39
40 if user.(db.User).Role != db.RoleAdmin {
41 return &Error{NotAuthorized, "not authorized", fmt.Errorf("user '%v' is not admin", user)}
42 }
43
44 return nil
45 }
46
47 func GetUser(c *gin.Context) db.User {
48 user, _ := c.Get("user")
49
50 return user.(db.User)
51 }
52
53 func IsValidEmailAddress(email string) bool {
54 r := regexp.MustCompile(VALID_EMAIL_REGEX)
55
56 return r.MatchString(email)
57 }
58
59 type SignParams struct {
60 Email string
61 Password string
62 }
63
64 type SignResult struct {
65 Token string `json:"token"`
66 IsAdmin bool `json:"isAdmin"`
67 }
68
69 func (s SignParams) Validate() *Error {
70 if !IsValidEmailAddress(s.Email) {
71 return &Error{InvalidEmail, "invalid email", fmt.Errorf("'%v' is not a valid email", s.Email)}
72 }
73
74 if s.Password == "" {
75 return &Error{InvalidPassword, "invalid password", fmt.Errorf("invalid password")}
76 }
77
78 return nil
79 }
80
81 type SignupQuery struct {
82 In SignParams
83 }
84
85 func (q SignupQuery) ValidateParams() *Error {
86 return q.In.Validate()
87 }
88
89 func (q SignupQuery) Run() (interface{}, *Error) {
90 user, err := db.GetUserByEmail(q.In.Email)
91 if err != nil {
92 return nil, NewInternalError(err)
93 }
94
95 if user != nil {
96 return nil, &Error{EmailExists, "email already taken", fmt.Errorf("'%v' is already registered '%v'", q.In.Email, user)}
97 }
98
99 newUser := db.User{Email: q.In.Email, Status: db.AwaitingConfirmation}
100 newUser.PasswordHash, err = db.HashPassword(q.In.Password)
101 if err != nil {
102 return nil, NewInternalError(err)
103 }
104
105 err = db.InsertUser(&newUser)
106 if err != nil {
107 return nil, NewInternalError(err)
108 }
109
110 token, err := CreateJwtToken(newUser.Id)
111 if err != nil {
112 return nil, NewInternalError(fmt.Errorf("cannot create jwt token %v", err))
113 }
114
115 if CONFIG.FreeSMSUser != "" {
116 err := SendSMS(CONFIG.FreeSMSUser, CONFIG.FreeSMSPass, fmt.Sprintf("New user signup '%v'", q.In.Email))
117 if err != nil {
118 return nil, NewInternalError(err)
119 }
120 }
121
122 configMap := make(map[string]string)
123 configMap["key"] = ""
124 configMap["secret"] = ""
125
126 _, err = db.SetUserMarketConfig(newUser.Id, "poloniex", configMap)
127 if err != nil {
128 return nil, NewInternalError(err)
129 }
130
131 if MAIL_CONFIG.IsEnabled {
132 mailConfirmationToken := passwordreset.NewToken(q.In.Email, time.Hour*24*1, []byte(strconv.FormatUint(uint64(newUser.Status), 10)), PASSWORD_RESET_SECRET)
133 err = SendConfirmationMail(q.In.Email, mailConfirmationToken)
134 if err != nil {
135 return nil, NewInternalError(err)
136 }
137 }
138
139 if CONFIG.FreeSMSUser != "" {
140 err := SendSMS(CONFIG.FreeSMSUser, CONFIG.FreeSMSPass, fmt.Sprintf("'%v' request a password reset. Token '/change-password?token=%v'", q.In.Email, token))
141 if err != nil {
142 return nil, NewInternalError(err)
143 }
144 }
145
146 return SignResult{token, newUser.Role == db.RoleAdmin}, nil
147 }
148
149 type SigninQuery struct {
150 In SignParams
151 }
152
153 func (q SigninQuery) ValidateParams() *Error {
154 return q.In.Validate()
155 }
156
157 func (q SigninQuery) Run() (interface{}, *Error) {
158 user, err := db.GetUserByEmail(q.In.Email)
159 if err != nil {
160 return nil, NewInternalError(err)
161 }
162
163 if user == nil {
164 return nil, &Error{InvalidCredentials, "invalid credentials", fmt.Errorf("no email '%v' found", q.In.Email)}
165 }
166
167 err = db.ValidatePassword(q.In.Password, user.PasswordHash)
168 if err != nil {
169 return nil, &Error{InvalidCredentials, "invalid credentials", err}
170 }
171
172 token, err := CreateJwtToken(user.Id)
173 if err != nil {
174 return nil, NewInternalError(err)
175 }
176
177 return SignResult{token, user.Role == db.RoleAdmin}, nil
178 }
179
180 type ConfirmEmailQuery struct {
181 In struct {
182 Token string
183 }
184 }
185
186 func (q ConfirmEmailQuery) ValidateParams() *Error {
187
188 if q.In.Token == "" {
189 return &Error{BadRequest, "invalid token", fmt.Errorf("invalid token")}
190 }
191
192 return nil
193 }
194
195 func (q ConfirmEmailQuery) Run() (interface{}, *Error) {
196 var user *db.User
197
198 email, err := passwordreset.VerifyToken(q.In.Token, func(email string) ([]byte, error) {
199 var err error
200 user, err = db.GetUserByEmail(email)
201 if err != nil {
202 return nil, err
203 }
204
205 if user == nil {
206 return nil, fmt.Errorf("'%v' is not registered", email)
207 }
208
209 return []byte(strconv.FormatUint(uint64(user.Status), 10)), nil
210
211 }, PASSWORD_RESET_SECRET)
212
213 if err != nil && (err == passwordreset.ErrExpiredToken) {
214 return nil, &Error{BadRequest, "expired token", fmt.Errorf("expired token")}
215 } else if err != nil && (err == passwordreset.ErrMalformedToken || err == passwordreset.ErrWrongSignature) {
216 return nil, &Error{BadRequest, "wrong token", fmt.Errorf("wrong token")}
217 } else if err != nil {
218 return nil, NewInternalError(err)
219 }
220
221 if user == nil {
222 return nil, &Error{BadRequest, "bad request", fmt.Errorf("no user found for email '%v'", email)}
223 }
224
225 err = db.SetUserStatus(user, db.Confirmed)
226 if err != nil {
227 return nil, NewInternalError(err)
228 }
229
230 return nil, nil
231 }
232
233 type UserAccountQuery struct {
234 In struct {
235 User db.User
236 }
237 Out struct {
238 Email string `json:"email"`
239 }
240 }
241
242 func (q UserAccountQuery) ValidateParams() *Error {
243 return nil
244 }
245
246 func (q UserAccountQuery) Run() (interface{}, *Error) {
247 q.Out.Email = q.In.User.Email
248
249 return q.Out, nil
250 }
The front site https://cryptoportfolio.immae.eu