Asara/sudoscientist-go-backend
Archived
1
0
Fork 0
Code Issues Pull requests Releases 2 Wiki Activity

Add postal backend integration

Browse source
This commit is contained in:
Amarpreet Minhas 2020-01-20 13:40:05 -05:00
parent 5a7281f1ae
commit cba9967af0
2 changed files with 86 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

113
packages/auth/auth.go
View file

@ -1,6 +1,7 @@
package auth package auth
import ( import (
"bytes"
"database/sql" "database/sql"
"encoding/json" "encoding/json"
"fmt" "fmt"
@ -12,6 +13,7 @@ import (
"github.com/go-chi/jwtauth" "github.com/go-chi/jwtauth"
"github.com/go-chi/render" "github.com/go-chi/render"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
"io/ioutil"
"net/http" "net/http"
"os" "os"
"strings" "strings"
@ -25,26 +27,27 @@ var (
PostalEnabled bool PostalEnabled bool
PostalKey string PostalKey string
PostalAPI string PostalAPI string
PostalEmail string
) )
func Init() { func Init() {
if postal_key, ok := os.LookupEnv("POSTAL_KEY"); ok { if postal_key, ok := os.LookupEnv("POSTAL_KEY"); ok {
if postal_api, ok := os.LookupEnv("POSTAL_API"); ok { if postal_api, ok := os.LookupEnv("POSTAL_API"); ok {
if email_auth, ok := os.LookupEnv("EMAIL_SECRET"); ok { if email_src, ok := os.LookupEnv("POSTAL_SRC_EMAIL"); ok {
EmailAuth = jwtauth.New("HS256", []byte(os.Getenv(email_auth)), nil) if email_auth, ok := os.LookupEnv("EMAIL_SECRET"); ok {
PostalKey = postal_key EmailAuth = jwtauth.New("HS256", []byte(os.Getenv(email_auth)), nil)
PostalAPI = postal_api PostalKey = postal_key
PostalEnabled = true PostalAPI = postal_api
PostalEmail = email_src
PostalEnabled = true
fmt.Println("Postal Enabled")
}
} }
} }
} }
} }
type ReturnError struct { type ReturnMessage struct {
Message string `json:"error"`
}
type ReturnSuccess struct {
Message string `json:"msg"` Message string `json:"msg"`
} }
@ -68,6 +71,13 @@ type JWT struct {
JWT string `json:"jwt"` JWT string `json:"jwt"`
} }
type ComposedEmail struct {
To [1]string `json:"to"`
From string `json:"from"`
Subject string `json:"subject"`
Plain_body string `json:"plain_body"`
}
func Routes() *chi.Mux { func Routes() *chi.Mux {
r := chi.NewRouter() r := chi.NewRouter()
r.Post("/signin", signin) r.Post("/signin", signin)
@ -81,40 +91,39 @@ func Routes() *chi.Mux {
} }
func register(w http.ResponseWriter, r *http.Request) { func register(w http.ResponseWriter, r *http.Request) {
returnError := ReturnError{} returnMessage := ReturnMessage{}
returnSuccess := ReturnSuccess{}
creds := &SignUpCredentials{} creds := &SignUpCredentials{}
err := json.NewDecoder(r.Body).Decode(creds) err := json.NewDecoder(r.Body).Decode(creds)
if err != nil { if err != nil {
fmt.Println(err) fmt.Println(err)
w.WriteHeader(http.StatusInternalServerError) w.WriteHeader(http.StatusInternalServerError)
returnError.Message = "unexpected error. please contact the administrator" returnMessage.Message = "unexpected error. please contact the administrator"
render.JSON(w, r, returnError) render.JSON(w, r, returnMessage)
return return
} }
if creds.Username == "" { if creds.Username == "" {
returnError.Message = "username is required" returnMessage.Message = "username is required"
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError) render.JSON(w, r, returnMessage)
return return
} }
if creds.Password == "" { if creds.Password == "" {
returnError.Message = "password is required" returnMessage.Message = "password is required"
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError) render.JSON(w, r, returnMessage)
return return
} }
if creds.Email == "" { if creds.Email == "" {
returnError.Message = "email is required" returnMessage.Message = "email is required"
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError) render.JSON(w, r, returnMessage)
return return
} }
err = checkmail.ValidateFormat(creds.Email) err = checkmail.ValidateFormat(creds.Email)
if err != nil { if err != nil {
returnError.Message = "email not valid" returnMessage.Message = "email not valid"
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError) render.JSON(w, r, returnMessage)
return return
} }
@ -123,9 +132,9 @@ func register(w http.ResponseWriter, r *http.Request) {
VALUES ($1, $2, $3, $4, $5)` VALUES ($1, $2, $3, $4, $5)`
if _, err = DB.Exec(s, creds.Username, creds.Email, string(hashedPassword), false, false); err != nil { if _, err = DB.Exec(s, creds.Username, creds.Email, string(hashedPassword), false, false); err != nil {
fmt.Println(err) fmt.Println(err)
returnError.Message = "unexpected error. please contact the administrator" returnMessage.Message = "unexpected error. please contact the administrator"
w.WriteHeader(http.StatusInternalServerError) w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError) render.JSON(w, r, returnMessage)
return return
} }
users.CreateProfile(creds.Username, creds.Email) users.CreateProfile(creds.Username, creds.Email)
@ -138,17 +147,21 @@ func register(w http.ResponseWriter, r *http.Request) {
} }
if PostalEnabled { if PostalEnabled {
_, emailToken, _ := EmailAuth.Encode(claims) _, emailToken, _ := EmailAuth.Encode(claims)
returnMessage, ok := sendEmailToken(w, emailToken, creds.Username, creds.Email)
if !ok {
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnMessage)
return
}
w.WriteHeader(http.StatusCreated) w.WriteHeader(http.StatusCreated)
//returnSuccess.Message = "User added. Please check your email for a verification link" render.JSON(w, r, returnMessage)
returnSuccess.Message = emailToken
render.JSON(w, r, returnSuccess)
return return
} }
_, tokenString, _ := TokenAuth.Encode(claims) _, tokenString, _ := TokenAuth.Encode(claims)
setCookies(w, tokenString, expirationTime) setCookies(w, tokenString, expirationTime)
w.WriteHeader(http.StatusCreated) w.WriteHeader(http.StatusCreated)
returnSuccess.Message = "User created! Welcome to the site!" returnMessage.Message = "User created! Welcome to the site!"
render.JSON(w, r, returnSuccess) render.JSON(w, r, returnMessage)
return return
} }
@ -210,3 +223,45 @@ func setCookies(w http.ResponseWriter, jwt string, expiration time.Time) string
http.SetCookie(w, &signatureCookie) http.SetCookie(w, &signatureCookie)
return strings.Join(splitToken[:2], ".") return strings.Join(splitToken[:2], ".")
} }
func sendEmailToken(w http.ResponseWriter, token string, name string, email string) (returnMessage ReturnMessage, ok bool) {
header := "Thanks for joining sudoscientist, " + name + "!"
body := "\n\nPlease click the following link to verify your email: "
link := os.Getenv("WEB_ADDR") + "/v1/api/auth/verify/" + token
email_array := [1]string{email}
composed_email := ComposedEmail{
To: email_array,
From: PostalEmail,
Subject: "sudoscientist: Please confirm your e-mail address",
Plain_body: header + body + link,
}
postal_req, err := json.Marshal(&composed_email)
if err != nil {
fmt.Println(err)
returnMessage.Message = "unexpected error. your account may be in limbo. please contact the administrator"
ok = false
return returnMessage, ok
}
req, err := http.NewRequest("POST", fmt.Sprintf("%s/api/v1/send/message", PostalAPI), bytes.NewBuffer(postal_req))
req.Header.Set("Content-Type", "application/json")
req.Header.Set("X-Server-API-Key", PostalKey)
if err != nil {
fmt.Println(err)
returnMessage.Message = "unexpected error. your account may be in limbo. please contact the administrator"
ok = false
return returnMessage, ok
}
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
returnMessage.Message = "unexpected error. your account may be in limbo. please contact the administrator"
ok = false
return returnMessage, ok
}
defer resp.Body.Close()
respbody, _ := ioutil.ReadAll(resp.Body)
returnMessage.Message = "verification email sent"
ok = true
return returnMessage, ok
}

2
settings/website.env-sample
View file

@ -2,3 +2,5 @@ export API_PORT="8080"
export EMAIL_SECRET="CHANGEMEALSOPLS" export EMAIL_SECRET="CHANGEMEALSOPLS"
export JWT_SECRET="CHANGEMEALSO" export JWT_SECRET="CHANGEMEALSO"
export POSTAL_API="https://POSTAL_URL" export POSTAL_API="https://POSTAL_URL"
export POSTAL_SRC_EMAIL="postal-source@domain.com"
export WEB_ADDR="https://domain.tld"