Add postal backend integration
This commit is contained in:
parent
5a7281f1ae
commit
cba9967af0
2 changed files with 86 additions and 29 deletions
|
|
@ -1,6 +1,7 @@
|
|||
package auth
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"database/sql"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
|
|
@ -12,6 +13,7 @@ import (
|
|||
"github.com/go-chi/jwtauth"
|
||||
"github.com/go-chi/render"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"os"
|
||||
"strings"
|
||||
|
|
@ -25,26 +27,27 @@ var (
|
|||
PostalEnabled bool
|
||||
PostalKey string
|
||||
PostalAPI string
|
||||
PostalEmail string
|
||||
)
|
||||
|
||||
func Init() {
|
||||
if postal_key, ok := os.LookupEnv("POSTAL_KEY"); ok {
|
||||
if postal_api, ok := os.LookupEnv("POSTAL_API"); ok {
|
||||
if email_auth, ok := os.LookupEnv("EMAIL_SECRET"); ok {
|
||||
EmailAuth = jwtauth.New("HS256", []byte(os.Getenv(email_auth)), nil)
|
||||
PostalKey = postal_key
|
||||
PostalAPI = postal_api
|
||||
PostalEnabled = true
|
||||
if email_src, ok := os.LookupEnv("POSTAL_SRC_EMAIL"); ok {
|
||||
if email_auth, ok := os.LookupEnv("EMAIL_SECRET"); ok {
|
||||
EmailAuth = jwtauth.New("HS256", []byte(os.Getenv(email_auth)), nil)
|
||||
PostalKey = postal_key
|
||||
PostalAPI = postal_api
|
||||
PostalEmail = email_src
|
||||
PostalEnabled = true
|
||||
fmt.Println("Postal Enabled")
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
type ReturnError struct {
|
||||
Message string `json:"error"`
|
||||
}
|
||||
|
||||
type ReturnSuccess struct {
|
||||
type ReturnMessage struct {
|
||||
Message string `json:"msg"`
|
||||
}
|
||||
|
||||
|
|
@ -68,6 +71,13 @@ type JWT struct {
|
|||
JWT string `json:"jwt"`
|
||||
}
|
||||
|
||||
type ComposedEmail struct {
|
||||
To [1]string `json:"to"`
|
||||
From string `json:"from"`
|
||||
Subject string `json:"subject"`
|
||||
Plain_body string `json:"plain_body"`
|
||||
}
|
||||
|
||||
func Routes() *chi.Mux {
|
||||
r := chi.NewRouter()
|
||||
r.Post("/signin", signin)
|
||||
|
|
@ -81,40 +91,39 @@ func Routes() *chi.Mux {
|
|||
}
|
||||
|
||||
func register(w http.ResponseWriter, r *http.Request) {
|
||||
returnError := ReturnError{}
|
||||
returnSuccess := ReturnSuccess{}
|
||||
returnMessage := ReturnMessage{}
|
||||
creds := &SignUpCredentials{}
|
||||
err := json.NewDecoder(r.Body).Decode(creds)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
returnError.Message = "unexpected error. please contact the administrator"
|
||||
render.JSON(w, r, returnError)
|
||||
returnMessage.Message = "unexpected error. please contact the administrator"
|
||||
render.JSON(w, r, returnMessage)
|
||||
return
|
||||
}
|
||||
if creds.Username == "" {
|
||||
returnError.Message = "username is required"
|
||||
returnMessage.Message = "username is required"
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
render.JSON(w, r, returnError)
|
||||
render.JSON(w, r, returnMessage)
|
||||
return
|
||||
}
|
||||
if creds.Password == "" {
|
||||
returnError.Message = "password is required"
|
||||
returnMessage.Message = "password is required"
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
render.JSON(w, r, returnError)
|
||||
render.JSON(w, r, returnMessage)
|
||||
return
|
||||
}
|
||||
if creds.Email == "" {
|
||||
returnError.Message = "email is required"
|
||||
returnMessage.Message = "email is required"
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
render.JSON(w, r, returnError)
|
||||
render.JSON(w, r, returnMessage)
|
||||
return
|
||||
}
|
||||
err = checkmail.ValidateFormat(creds.Email)
|
||||
if err != nil {
|
||||
returnError.Message = "email not valid"
|
||||
returnMessage.Message = "email not valid"
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
render.JSON(w, r, returnError)
|
||||
render.JSON(w, r, returnMessage)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -123,9 +132,9 @@ func register(w http.ResponseWriter, r *http.Request) {
|
|||
VALUES ($1, $2, $3, $4, $5)`
|
||||
if _, err = DB.Exec(s, creds.Username, creds.Email, string(hashedPassword), false, false); err != nil {
|
||||
fmt.Println(err)
|
||||
returnError.Message = "unexpected error. please contact the administrator"
|
||||
returnMessage.Message = "unexpected error. please contact the administrator"
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
render.JSON(w, r, returnError)
|
||||
render.JSON(w, r, returnMessage)
|
||||
return
|
||||
}
|
||||
users.CreateProfile(creds.Username, creds.Email)
|
||||
|
|
@ -138,17 +147,21 @@ func register(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
if PostalEnabled {
|
||||
_, emailToken, _ := EmailAuth.Encode(claims)
|
||||
returnMessage, ok := sendEmailToken(w, emailToken, creds.Username, creds.Email)
|
||||
if !ok {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
render.JSON(w, r, returnMessage)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(http.StatusCreated)
|
||||
//returnSuccess.Message = "User added. Please check your email for a verification link"
|
||||
returnSuccess.Message = emailToken
|
||||
render.JSON(w, r, returnSuccess)
|
||||
render.JSON(w, r, returnMessage)
|
||||
return
|
||||
}
|
||||
_, tokenString, _ := TokenAuth.Encode(claims)
|
||||
setCookies(w, tokenString, expirationTime)
|
||||
w.WriteHeader(http.StatusCreated)
|
||||
returnSuccess.Message = "User created! Welcome to the site!"
|
||||
render.JSON(w, r, returnSuccess)
|
||||
returnMessage.Message = "User created! Welcome to the site!"
|
||||
render.JSON(w, r, returnMessage)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -210,3 +223,45 @@ func setCookies(w http.ResponseWriter, jwt string, expiration time.Time) string
|
|||
http.SetCookie(w, &signatureCookie)
|
||||
return strings.Join(splitToken[:2], ".")
|
||||
}
|
||||
|
||||
func sendEmailToken(w http.ResponseWriter, token string, name string, email string) (returnMessage ReturnMessage, ok bool) {
|
||||
header := "Thanks for joining sudoscientist, " + name + "!"
|
||||
body := "\n\nPlease click the following link to verify your email: "
|
||||
link := os.Getenv("WEB_ADDR") + "/v1/api/auth/verify/" + token
|
||||
email_array := [1]string{email}
|
||||
composed_email := ComposedEmail{
|
||||
To: email_array,
|
||||
From: PostalEmail,
|
||||
Subject: "sudoscientist: Please confirm your e-mail address",
|
||||
Plain_body: header + body + link,
|
||||
}
|
||||
postal_req, err := json.Marshal(&composed_email)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
returnMessage.Message = "unexpected error. your account may be in limbo. please contact the administrator"
|
||||
ok = false
|
||||
return returnMessage, ok
|
||||
}
|
||||
req, err := http.NewRequest("POST", fmt.Sprintf("%s/api/v1/send/message", PostalAPI), bytes.NewBuffer(postal_req))
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
req.Header.Set("X-Server-API-Key", PostalKey)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
returnMessage.Message = "unexpected error. your account may be in limbo. please contact the administrator"
|
||||
ok = false
|
||||
return returnMessage, ok
|
||||
}
|
||||
client := &http.Client{}
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
returnMessage.Message = "unexpected error. your account may be in limbo. please contact the administrator"
|
||||
ok = false
|
||||
return returnMessage, ok
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
respbody, _ := ioutil.ReadAll(resp.Body)
|
||||
returnMessage.Message = "verification email sent"
|
||||
ok = true
|
||||
return returnMessage, ok
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,3 +2,5 @@ export API_PORT="8080"
|
|||
export EMAIL_SECRET="CHANGEMEALSOPLS"
|
||||
export JWT_SECRET="CHANGEMEALSO"
|
||||
export POSTAL_API="https://POSTAL_URL"
|
||||
export POSTAL_SRC_EMAIL="postal-source@domain.com"
|
||||
export WEB_ADDR="https://domain.tld"
|
||||
|
|
|
|||
Reference in a new issue