Add postal support for email verification #3

Merged
Asara merged 1 commit from postal_integration into master 2020-01-25 23:10:31 +00:00
3 changed files with 93 additions and 50 deletions

View file

@ -54,7 +54,7 @@ func main() {
func Routes() *chi.Mux {
router := chi.NewRouter()
cors := cors.New(cors.Options{
AllowedOrigins: []string{os.Getenv("UI_PROTO") + os.Getenv("UI_ADDR") + os.Getenv("UI_PORT"), os.Getenv("UI_PROTO") + "www." + os.Getenv("UI_ADDR") + os.Getenv("UI_PORT")},
AllowedOrigins: []string{os.Getenv("UI_PROTO") + os.Getenv("UI_ADDR") + os.Getenv("UI_PORT"), os.Getenv("UI_PROTO") + "www." + os.Getenv("UI_ADDR") + os.Getenv("UI_PORT")},
AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"},
AllowedHeaders: []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
AllowCredentials: true,

View file

@ -48,6 +48,7 @@ func Init() {
type ReturnMessage struct {
Message string `json:"msg"`
Error bool `json:"error"`
}
type SignUpCredentials struct {
@ -98,6 +99,7 @@ func Routes() *chi.Mux {
func verify(w http.ResponseWriter, r *http.Request) {
returnMessage := ReturnMessage{}
returnMessage.Error = false
_, claims, _ := jwtauth.FromContext(r.Context())
sqlStatement := `
UPDATE users
@ -107,6 +109,7 @@ func verify(w http.ResponseWriter, r *http.Request) {
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
returnMessage.Message = "unexpected error verifying account. please contact the administrator"
returnMessage.Error = true
render.JSON(w, r, returnMessage)
return
}
@ -118,29 +121,34 @@ func verify(w http.ResponseWriter, r *http.Request) {
func register(w http.ResponseWriter, r *http.Request) {
returnMessage := ReturnMessage{}
returnMessage.Error = false
creds := &SignUpCredentials{}
err := json.NewDecoder(r.Body).Decode(creds)
if err != nil {
fmt.Println(err)
w.WriteHeader(http.StatusBadRequest)
returnMessage.Message = "bad data provided"
returnMessage.Error = true
render.JSON(w, r, returnMessage)
return
}
if creds.Username == "" {
returnMessage.Message = "username is required"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnMessage)
return
}
if creds.Password == "" {
returnMessage.Message = "password is required"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnMessage)
return
}
if creds.Email == "" {
returnMessage.Message = "email is required"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnMessage)
return
@ -148,6 +156,7 @@ func register(w http.ResponseWriter, r *http.Request) {
err = checkmail.ValidateFormat(creds.Email)
if err != nil {
returnMessage.Message = "email not valid"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnMessage)
return
@ -159,6 +168,7 @@ func register(w http.ResponseWriter, r *http.Request) {
if _, err = DB.Exec(s, creds.Username, creds.Email, string(hashedPassword), false, false); err != nil {
fmt.Println(err)
returnMessage.Message = "unexpected error. please contact the administrator"
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnMessage)
return
@ -195,11 +205,13 @@ func register(w http.ResponseWriter, r *http.Request) {
func signin(w http.ResponseWriter, r *http.Request) {
returnMessage := ReturnMessage{}
returnMessage.Error = false
creds := &UserCredentials{}
err := json.NewDecoder(r.Body).Decode(creds)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
returnMessage.Message = "bad data provided"
returnMessage.Error = true
render.JSON(w, r, returnMessage)
return
}
@ -207,6 +219,7 @@ func signin(w http.ResponseWriter, r *http.Request) {
if !ok {
w.WriteHeader(http.StatusBadRequest)
returnMessage.Message = verify_pw
returnMessage.Error = true
render.JSON(w, r, returnMessage)
return
}
@ -230,6 +243,7 @@ func signin(w http.ResponseWriter, r *http.Request) {
func refresh(w http.ResponseWriter, r *http.Request) {
returnMessage := ReturnMessage{}
returnMessage.Error = false
_, claims, _ := jwtauth.FromContext(r.Context())
w.WriteHeader(http.StatusOK)
expirationTime := time.Now().Add(24 * time.Hour)
@ -240,6 +254,7 @@ func refresh(w http.ResponseWriter, r *http.Request) {
fmt.Println(err)
w.WriteHeader(http.StatusInternalServerError)
returnMessage.Message = "unexpected error refreshing your token, please try again later"
returnMessage.Error = true
render.JSON(w, r, returnMessage)
return
}

View file

@ -43,8 +43,9 @@ type NewBlogPost struct {
Author string `json:"author",db:"author"`
}
type ReturnError struct {
Message string `json:"error"`
type ReturnMessage struct {
Message string `json:"msg"`
Error bool `json:"error"`
}
type ReturnSuccess struct {
@ -74,36 +75,41 @@ func Routes() *chi.Mux {
}
func createBlogPost(w http.ResponseWriter, r *http.Request) {
returnError := ReturnError{}
returnMessage := ReturnMessage{}
returnMessage.Error = false
newBlogPost := &NewBlogPost{}
// basic checks
_, claims, _ := jwtauth.FromContext(r.Context())
is_admin := claims["admin"].(bool)
if !is_admin {
returnError.Message = "sorry only admins are allowed to create blog posts"
returnMessage.Message = "sorry only admins are allowed to create blog posts"
returnMessage.Error = true
w.WriteHeader(http.StatusUnauthorized)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
return
}
username := claims["username"].(string)
err := json.NewDecoder(r.Body).Decode(newBlogPost)
if err != nil {
returnError.Message = "unknown error, try again later"
returnMessage.Message = "unknown error, try again later"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
return
}
if newBlogPost.Title == "" {
returnError.Message = "title is required"
returnMessage.Message = "title is required"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
return
}
if newBlogPost.Content == "" {
returnError.Message = "content is required"
returnMessage.Message = "content is required"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
return
}
as := slug.Make(newBlogPost.Title)
@ -113,16 +119,18 @@ func createBlogPost(w http.ResponseWriter, r *http.Request) {
scr := 0
err = slugCheck.Scan(&scr)
if err == nil {
returnError.Message = "slug already exists"
returnMessage.Message = "slug already exists"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
return
}
if err != nil {
if err != sql.ErrNoRows {
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
@ -135,15 +143,17 @@ func createBlogPost(w http.ResponseWriter, r *http.Request) {
err = DB.QueryRow(s, newBlogPost.Title, as, username, newBlogPost.Content, time.Now().UTC(), false, time.Now().UTC()).Scan(&article_id)
if err != nil {
if err == sql.ErrNoRows {
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
@ -164,7 +174,8 @@ func createBlogPost(w http.ResponseWriter, r *http.Request) {
}
func updateBlogPostById(w http.ResponseWriter, r *http.Request) {
returnError := ReturnError{}
returnMessage := ReturnMessage{}
returnMessage.Error = false
// Get the actual post
id := chi.URLParam(r, "id")
result := DB.QueryRow("SELECT id, title, slug, author, content, time_published FROM posts WHERE id=$1", id)
@ -172,15 +183,17 @@ func updateBlogPostById(w http.ResponseWriter, r *http.Request) {
err := result.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished)
if err != nil {
if err == sql.ErrNoRows {
returnError.Message = "blog post requested for update not found"
returnMessage.Message = "blog post requested for update not found"
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
@ -189,9 +202,10 @@ func updateBlogPostById(w http.ResponseWriter, r *http.Request) {
_, claims, _ := jwtauth.FromContext(r.Context())
username := claims["username"].(string)
if username != post.Author {
returnError.Message = "unauthorized..."
returnMessage.Message = "unauthorized..."
returnMessage.Error = true
w.WriteHeader(http.StatusUnauthorized)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
return
}
// update the post struct
@ -206,9 +220,10 @@ func updateBlogPostById(w http.ResponseWriter, r *http.Request) {
// write the row update
_, err = DB.Exec(s, post.Title, post.Content, true, time.Now().UTC(), post.ID)
if err != nil {
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
@ -220,7 +235,8 @@ func updateBlogPostById(w http.ResponseWriter, r *http.Request) {
// This will search by the last id seen, descending.
func getBlogPosts(w http.ResponseWriter, r *http.Request) {
returnError := ReturnError{}
returnMessage := ReturnMessage{}
returnMessage.Error = false
referenceID := &ReferenceID{}
err := json.NewDecoder(r.Body).Decode(referenceID)
// hardcode 9001 for cool kid points
@ -241,9 +257,10 @@ func getBlogPosts(w http.ResponseWriter, r *http.Request) {
`
rows, err := DB.Query(search, search_id)
if err != nil {
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
@ -256,9 +273,10 @@ func getBlogPosts(w http.ResponseWriter, r *http.Request) {
posts = append(posts, post)
}
if err := rows.Err(); err != nil {
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
@ -268,15 +286,17 @@ func getBlogPosts(w http.ResponseWriter, r *http.Request) {
}
func getBlogPostBySlug(w http.ResponseWriter, r *http.Request) {
returnError := ReturnError{}
returnMessage := ReturnMessage{}
returnMessage.Error = false
slug := chi.URLParam(r, "slug")
result := DB.QueryRow("SELECT id, title, slug, author, content, time_published, modified, last_modified FROM posts WHERE slug=$1", slug)
post := BlogPost{}
err := result.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished, &post.Modified, &post.TimeModified)
if err != nil {
returnError.Message = "post not found"
returnMessage.Message = "post not found"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
return
}
w.WriteHeader(http.StatusOK)
@ -285,15 +305,17 @@ func getBlogPostBySlug(w http.ResponseWriter, r *http.Request) {
}
func getBlogPostById(w http.ResponseWriter, r *http.Request) {
returnError := ReturnError{}
returnMessage := ReturnMessage{}
returnMessage.Error = false
id := chi.URLParam(r, "id")
result := DB.QueryRow("SELECT id, title, slug, author, content, time_published, modified, last_modified FROM posts WHERE id=$1", id)
post := BlogPost{}
err := result.Scan(&post.ID, &post.Title, &post.Slug, &post.Author, &post.Content, &post.TimePublished, &post.Modified, &post.TimeModified)
if err != nil {
returnError.Message = "post not found"
returnMessage.Message = "post not found"
returnMessage.Error = true
w.WriteHeader(http.StatusBadRequest)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
return
}
w.WriteHeader(http.StatusOK)
@ -302,7 +324,8 @@ func getBlogPostById(w http.ResponseWriter, r *http.Request) {
}
func getBlogPostsByTag(w http.ResponseWriter, r *http.Request) {
returnError := ReturnError{}
returnMessage := ReturnMessage{}
returnMessage.Error = false
referenceID := &ReferenceID{}
err := json.NewDecoder(r.Body).Decode(referenceID)
// hardcode 9001 for cool kid points
@ -326,9 +349,10 @@ func getBlogPostsByTag(w http.ResponseWriter, r *http.Request) {
`
rows, err := DB.Query(search, search_id, tag)
if err != nil {
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
@ -341,9 +365,10 @@ func getBlogPostsByTag(w http.ResponseWriter, r *http.Request) {
posts = append(posts, post)
}
if err := rows.Err(); err != nil {
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
@ -353,7 +378,8 @@ func getBlogPostsByTag(w http.ResponseWriter, r *http.Request) {
}
func getBlogPostsByAuthor(w http.ResponseWriter, r *http.Request) {
returnError := ReturnError{}
returnMessage := ReturnMessage{}
returnMessage.Error = false
referenceID := &ReferenceID{}
err := json.NewDecoder(r.Body).Decode(referenceID)
// hardcode 9001 for cool kid points
@ -376,9 +402,10 @@ func getBlogPostsByAuthor(w http.ResponseWriter, r *http.Request) {
`
rows, err := DB.Query(search, search_id, author)
if err != nil {
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}
@ -391,9 +418,10 @@ func getBlogPostsByAuthor(w http.ResponseWriter, r *http.Request) {
posts = append(posts, post)
}
if err := rows.Err(); err != nil {
returnError.Message = "something is super broken..."
returnMessage.Message = "something is super broken..."
returnMessage.Error = true
w.WriteHeader(http.StatusInternalServerError)
render.JSON(w, r, returnError)
render.JSON(w, r, returnMessage)
fmt.Println(err)
return
}