1
0
mirror of https://github.com/volatiletech/authboss.git synced 2024-12-14 10:53:23 +02:00
authboss/confirm/confirm.go

185 lines
4.5 KiB
Go
Raw Normal View History

// Package confirm implements user confirming after N bad sign-in attempts.
package confirm
import (
"crypto/md5"
"crypto/rand"
"encoding/base64"
"errors"
"fmt"
"net/http"
2015-02-10 10:43:45 +02:00
"net/url"
"gopkg.in/authboss.v0"
2015-02-22 10:09:52 +02:00
"gopkg.in/authboss.v0/internal/render"
)
const (
StoreConfirmToken = "confirm_token"
StoreConfirmed = "confirmed"
FormValueConfirm = "cnf"
tplConfirmHTML = "confirm_email.html.tpl"
tplConfirmText = "confirm_email.txt.tpl"
)
var (
2015-02-22 10:09:52 +02:00
errUserMissing = errors.New("confirm: After registration user must be loaded")
)
2015-02-24 21:04:27 +02:00
// ConfirmStorer must be implemented in order to satisfy the confirm module's
// storage requirements.
type ConfirmStorer interface {
authboss.Storer
// ConfirmUser looks up a user by a confirm token. See confirm module for
// attribute names. If the token is not found in the data store,
// simply return nil, ErrUserNotFound.
ConfirmUser(confirmToken string) (interface{}, error)
}
// C is the singleton instance of the confirm module which will have been
// configured and ready to use after authboss.Init()
var C *Confirm
func init() {
C = &Confirm{}
authboss.RegisterModule("confirm", C)
}
type Confirm struct {
2015-02-22 10:09:52 +02:00
emailTemplates render.Templates
}
func (c *Confirm) Initialize() (err error) {
2015-02-10 10:43:45 +02:00
var ok bool
2015-02-24 21:04:27 +02:00
storer, ok := authboss.Cfg.Storer.(ConfirmStorer)
if storer == nil || !ok {
2015-02-10 10:43:45 +02:00
return errors.New("confirm: Need a ConfirmStorer.")
}
2015-02-22 10:09:52 +02:00
c.emailTemplates, err = render.LoadTemplates(authboss.Cfg.LayoutEmail, authboss.Cfg.ViewsPath, tplConfirmHTML, tplConfirmText)
if err != nil {
return err
}
authboss.Cfg.Callbacks.Before(authboss.EventGet, c.BeforeGet)
authboss.Cfg.Callbacks.After(authboss.EventRegister, c.AfterRegister)
return nil
}
func (c *Confirm) Routes() authboss.RouteTable {
return authboss.RouteTable{
"/confirm": c.confirmHandler,
}
}
func (c *Confirm) Storage() authboss.StorageOptions {
return authboss.StorageOptions{
StoreConfirmToken: authboss.String,
StoreConfirmed: authboss.Bool,
}
}
2015-02-22 10:09:52 +02:00
func (c *Confirm) BeforeGet(ctx *authboss.Context) (authboss.Interrupt, error) {
if confirmed, err := ctx.User.BoolErr(StoreConfirmed); err != nil {
return authboss.InterruptNone, err
} else if !confirmed {
return authboss.InterruptAccountNotConfirmed, nil
}
2015-02-10 10:43:45 +02:00
2015-02-22 10:09:52 +02:00
return authboss.InterruptNone, nil
}
// AfterRegister ensures the account is not activated.
2015-02-22 10:09:52 +02:00
func (c *Confirm) AfterRegister(ctx *authboss.Context) error {
if ctx.User == nil {
2015-02-22 10:09:52 +02:00
return errUserMissing
}
token := make([]byte, 32)
if _, err := rand.Read(token); err != nil {
2015-02-22 10:09:52 +02:00
return err
}
sum := md5.Sum(token)
ctx.User[StoreConfirmToken] = base64.StdEncoding.EncodeToString(sum[:])
if err := ctx.SaveUser(); err != nil {
2015-02-22 10:09:52 +02:00
return err
}
2015-02-22 10:09:52 +02:00
email, err := ctx.User.StringErr(authboss.StoreEmail)
if err != nil {
return err
}
2015-02-22 10:09:52 +02:00
goConfirmEmail(c, email, base64.URLEncoding.EncodeToString(sum[:]))
return nil
}
2015-02-10 10:43:45 +02:00
var goConfirmEmail = func(c *Confirm, to, token string) {
go c.confirmEmail(to, token)
}
// confirmEmail sends a confirmation e-mail.
func (c *Confirm) confirmEmail(to, token string) {
url := fmt.Sprintf("%s/confirm?%s=%s", authboss.Cfg.HostName, url.QueryEscape(FormValueConfirm), url.QueryEscape(token))
2015-02-22 10:09:52 +02:00
email := authboss.Email{
To: []string{to},
From: authboss.Cfg.EmailFrom,
Subject: authboss.Cfg.EmailSubjectPrefix + "Confirm New Account",
}
2015-02-22 10:09:52 +02:00
err := c.emailTemplates.RenderEmail(email, tplConfirmHTML, tplConfirmText, url)
if err != nil {
fmt.Fprintf(authboss.Cfg.LogWriter, "confirm: Failed to send e-mail: %v", err)
}
}
2015-02-22 10:09:52 +02:00
func (c *Confirm) confirmHandler(ctx *authboss.Context, w http.ResponseWriter, r *http.Request) error {
token, err := ctx.FirstFormValueErr(FormValueConfirm)
if err != nil {
return err
2015-02-10 10:43:45 +02:00
}
toHash, err := base64.URLEncoding.DecodeString(token)
if err != nil {
2015-02-22 10:09:52 +02:00
return authboss.ErrAndRedirect{
Endpoint: "/", Err: fmt.Errorf("confirm: token failed to decode %q => %v\n", token, err),
}
2015-02-10 10:43:45 +02:00
}
sum := md5.Sum(toHash)
dbTok := base64.StdEncoding.EncodeToString(sum[:])
2015-02-24 21:04:27 +02:00
user, err := authboss.Cfg.Storer.(ConfirmStorer).ConfirmUser(dbTok)
2015-02-10 10:43:45 +02:00
if err == authboss.ErrUserNotFound {
2015-02-22 10:09:52 +02:00
return authboss.ErrAndRedirect{Endpoint: "/", Err: errors.New("confirm: token not found")}
2015-02-10 10:43:45 +02:00
} else if err != nil {
2015-02-22 10:09:52 +02:00
return err
}
2015-02-10 10:43:45 +02:00
ctx.User = authboss.Unbind(user)
ctx.User[StoreConfirmToken] = ""
ctx.User[StoreConfirmed] = true
2015-02-22 10:09:52 +02:00
key, err := ctx.User.StringErr(authboss.StoreUsername)
if err != nil {
return err
}
if err := ctx.SaveUser(); err != nil {
2015-02-22 10:09:52 +02:00
return err
2015-02-10 10:43:45 +02:00
}
2015-02-22 10:09:52 +02:00
ctx.SessionStorer.Put(authboss.SessionKey, key)
render.Redirect(ctx, w, r, "/", "You have successfully confirmed your account.", "")
return nil
}