diff --git a/CHANGELOG.md b/CHANGELOG.md index b3f78ec..6199056 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. - Add Config option for MailRoot. This is a URL that overrides the typical URL building using Root/MountPath that recover and confirm do to enable creating mail links to a different location than where the API is hosted. +- Add a configuration option that allows confirm to change the method type + it expects since in an API setting a GET is strange as there is body details. ### Changed diff --git a/config.go b/config.go index 1865130..5262035 100644 --- a/config.go +++ b/config.go @@ -1,6 +1,7 @@ package authboss import ( + "net/http" "time" "golang.org/x/crypto/bcrypt" @@ -50,6 +51,12 @@ type Config struct { // BCryptCost is the cost of the bcrypt password hashing function. BCryptCost int + // ConfirmMethod controls which http method confirm expects. This is because + // typically this is a GET request since it's a link from an e-mail, but in + // api-like cases it needs to be able to be a post since there's data that + // must be sent to it. + ConfirmMethod string + // ExpireAfter controls the time an account is idle before being logged out // by the ExpireMiddleware. ExpireAfter time.Duration @@ -183,6 +190,7 @@ func (c *Config) Defaults() { c.Paths.RootURL = "http://localhost:8080" c.Modules.BCryptCost = bcrypt.DefaultCost + c.Modules.ConfirmMethod = http.MethodGet c.Modules.ExpireAfter = time.Hour c.Modules.LockAfter = 3 c.Modules.LockWindow = 5 * time.Minute diff --git a/confirm/confirm.go b/confirm/confirm.go index cb8788d..54b7ff3 100644 --- a/confirm/confirm.go +++ b/confirm/confirm.go @@ -55,7 +55,14 @@ func (c *Confirm) Init(ab *authboss.Authboss) (err error) { return err } - c.Authboss.Config.Core.Router.Get("/confirm", c.Authboss.Config.Core.ErrorHandler.Wrap(c.Get)) + var callbackMethod func(string, http.Handler) + switch c.Config.Modules.ConfirmMethod { + case http.MethodGet: + callbackMethod = c.Authboss.Config.Core.Router.Get + case http.MethodPost: + callbackMethod = c.Authboss.Config.Core.Router.Post + } + callbackMethod("/confirm", c.Authboss.Config.Core.ErrorHandler.Wrap(c.Get)) c.Events.Before(authboss.EventAuth, c.PreventAuth) c.Events.After(authboss.EventRegister, c.StartConfirmationWeb)