import (
"fmt"
"regexp"
+ "strconv"
+ "time"
+ "github.com/dchest/passwordreset"
"github.com/gin-gonic/gin"
"immae.eu/Immae/Projets/Cryptomonnaies/Cryptoportfolio/Front/db"
return nil, NewInternalError(err)
}
+ if MAIL_CONFIG.IsEnabled {
+ mailConfirmationToken := passwordreset.NewToken(q.In.Email, time.Hour*24*1, []byte(strconv.FormatUint(uint64(newUser.Status), 10)), PASSWORD_RESET_SECRET)
+ err = SendConfirmationMail(q.In.Email, mailConfirmationToken)
+ if err != nil {
+ return nil, NewInternalError(err)
+ }
+ }
+
+ if CONFIG.FreeSMSUser != "" {
+ err := SendSMS(CONFIG.FreeSMSUser, CONFIG.FreeSMSPass, fmt.Sprintf("'%v' request a password reset. Token '/change-password?token=%v'", q.In.Email, token))
+ if err != nil {
+ return nil, NewInternalError(err)
+ }
+ }
+
return SignResult{token}, nil
}
return user.(db.User)
}
+
+type ConfirmEmailQuery struct {
+ In struct {
+ Token string
+ }
+}
+
+func (q ConfirmEmailQuery) ValidateParams() *Error {
+
+ if q.In.Token == "" {
+ return &Error{BadRequest, "invalid token", fmt.Errorf("invalid token")}
+ }
+
+ return nil
+}
+
+func (q ConfirmEmailQuery) Run() (interface{}, *Error) {
+ var user *db.User
+
+ email, err := passwordreset.VerifyToken(q.In.Token, func(email string) ([]byte, error) {
+ var err error
+ user, err = db.GetUserByEmail(email)
+ if err != nil {
+ return nil, err
+ }
+
+ if user == nil {
+ return nil, fmt.Errorf("'%v' is not registered", email)
+ }
+
+ return []byte(strconv.FormatUint(uint64(user.Status), 10)), nil
+
+ }, PASSWORD_RESET_SECRET)
+
+ if err != nil && (err == passwordreset.ErrExpiredToken) {
+ return nil, &Error{BadRequest, "expired token", fmt.Errorf("expired token")}
+ } else if err != nil && (err == passwordreset.ErrMalformedToken || err == passwordreset.ErrWrongSignature) {
+ return nil, &Error{BadRequest, "wrong token", fmt.Errorf("wrong token")}
+ } else if err != nil {
+ return nil, NewInternalError(err)
+ }
+
+ if user == nil {
+ return nil, &Error{BadRequest, "bad request", fmt.Errorf("no user found for email '%v'", email)}
+ }
+
+ err = db.SetUserStatus(user, db.Confirmed)
+ if err != nil {
+ return nil, NewInternalError(err)
+ }
+
+ return nil, nil
+}