8 files changed, 112 insertions, 25 deletions
diff --git a/controllers/account.go b/controllers/account.go
new file mode 100644
index 0000000..86b3ea4
--- /dev/null
+++ b/controllers/account.go
@@ -0,0 +1,48 @@
+package controllers
+
+import (
+	"imageboard/database"
+	"imageboard/models"
+	"imageboard/utils/auth"
+	"imageboard/utils/shortcuts"
+
+	"github.com/gofiber/fiber/v2"
+)
+
+func renderVerifyEmailError(ctx *fiber.Ctx, errorMsg string, statusCode int) error {
+	return shortcuts.RenderWithStatus(ctx, TEMPLATE_VERIFY_EMAIL, fiber.Map{
+		"Error": errorMsg,
+	}, statusCode)
+}
+
+func VerifyEmailController(ctx *fiber.Ctx) error {
+	ctx.Locals("Title", PT_VERIFY_EMAIL)
+	if auth.IsAuthenticated(ctx) {
+		return ctx.Redirect(auth.GetRedirectURL(ctx), fiber.StatusSeeOther)
+	}
+	token := ctx.Query("token")
+	if token == "" {
+		return renderVerifyEmailError(ctx, ERR_VERIFY_EMAIL_MISSING_TOKEN, fiber.StatusBadRequest)
+	}
+
+	emailToken, err := database.VerifyToken(token, models.EmailTokenTypeVerification)
+	if err != nil {
+		return renderVerifyEmailError(ctx, ERR_VERIFY_EMAIL_INVALID_OR_EXPIRED_TOKEN, fiber.StatusBadRequest)
+	}
+
+	user, err := database.GetUserByID(emailToken.UserID)
+	if err != nil {
+		return renderVerifyEmailError(ctx, ERR_VERIFY_EMAIL_USER_NOT_FOUND, fiber.StatusInternalServerError)
+	}
+
+	user.Activate()
+	if err := database.DB.Save(user).Error; err != nil {
+		return renderVerifyEmailError(ctx, ERR_VERIFY_EMAIL_ACTIVATION_FAILED, fiber.StatusInternalServerError)
+	}
+
+	return shortcuts.Render(ctx, TEMPLATE_VERIFY_EMAIL, fiber.Map{
+		"Success":  SUCCESS_VERIFY_EMAIL,
+		"Username": user.Username,
+	})
+
+}
diff --git a/controllers/constants.go b/controllers/constants.go
index 021eeb9..7417314 100644
--- a/controllers/constants.go
+++ b/controllers/constants.go
@@ -2,20 +2,22 @@ package controllers
 
 const (
 	// Page titles
-	PT_HOME        = "Home Page"
-	PT_LOGIN       = "Login"
-	PT_POSTS       = "Posts"
-	PT_PREFERENCES = "Preferences"
-	PT_REGISTER    = "Register"
-	PT_404         = "Page Not Found"
+	PT_HOME         = "Home Page"
+	PT_LOGIN        = "Login"
+	PT_POSTS        = "Posts"
+	PT_PREFERENCES  = "Preferences"
+	PT_REGISTER     = "Register"
+	PT_404          = "Page Not Found"
+	PT_VERIFY_EMAIL = "Verify Email"
 
 	// Template names
-	TEMPLATE_HOME        = "home"
-	TEMPLATE_LOGIN       = "login"
-	TEMPLATE_POSTS       = "posts"
-	TEMPLATE_PREFERENCES = "preferences"
-	TEMPLATE_REGISTER    = "register"
-	TEMPLATE_404         = "404"
+	TEMPLATE_HOME         = "home"
+	TEMPLATE_LOGIN        = "login"
+	TEMPLATE_POSTS        = "posts"
+	TEMPLATE_PREFERENCES  = "preferences"
+	TEMPLATE_REGISTER     = "register"
+	TEMPLATE_404          = "404"
+	TEMPLATE_VERIFY_EMAIL = "account/verify_email"
 
 	// URL constants for various routes
 	URL_HOME                = "/"
@@ -23,19 +25,24 @@ const (
 	URL_POSTS               = "/posts"
 	URL_PREFERENCES         = "/preferences"
 	URL_REGISTER            = "/register"
-	URL_FORGOT_PASSWORD     = "/accounts/forgot-password"
-	URL_RESEND_VERIFICATION = "/accounts/resend-verification"
+	URL_FORGOT_PASSWORD     = "/account/forgot-password"
+	URL_RESEND_VERIFICATION = "/account/resend-verification"
 
 	// Error messages
-	ERR_INVALID_FORM_DATA         = "The submitted form data is invalid. Check your input and try again."
-	ERR_USER_NOT_FOUND            = `User with that username not found. Maybe you want to <a href="` + URL_REGISTER + `">register</a>?`
-	ERR_LOGIN_INVALID_CREDENTIALS = `The credentials you provided are incorrect. Did you <a href="` + URL_FORGOT_PASSWORD + `">forget your password</a>?`
-	ERR_ACCOUNT_DISABLED          = `Your account is disabled or banned. You can reach out to support for assistance.`
-	ERR_ACCOUNT_UNABLE_TO_LOGIN   = `You cannot log in at this time. Verify your email or contact support. If you misplaced your verification email, you can <a href="` + URL_RESEND_VERIFICATION + `">request a new one</a>.`
-	ERR_PASSWORD_MISMATCH         = "Entered passwords do not match. Ensure both fields are identical."
-	ERR_SESSION_FAILED_TO_CREATE  = "Server failed to create a session. If this issue persists, contact support."
-	ERR_SESSION_FAILED_TO_SAVE    = "Server failed to save session data. If this issue persists, contact support."
+	ERR_INVALID_FORM_DATA                     = "The submitted form data is invalid. Check your input and try again."
+	ERR_USER_NOT_FOUND                        = `User with that username not found. Maybe you want to <a href="` + URL_REGISTER + `">register</a>?`
+	ERR_LOGIN_INVALID_CREDENTIALS             = `The credentials you provided are incorrect. Did you <a href="` + URL_FORGOT_PASSWORD + `">forget your password</a>?`
+	ERR_ACCOUNT_DISABLED                      = `Your account is disabled or banned. You can reach out to support for assistance.`
+	ERR_ACCOUNT_UNABLE_TO_LOGIN               = `You cannot log in at this time. Verify your email or contact support. If you misplaced your verification email, you can <a href="` + URL_RESEND_VERIFICATION + `">request a new one</a>.`
+	ERR_PASSWORD_MISMATCH                     = "Entered passwords do not match. Ensure both fields are identical."
+	ERR_SESSION_FAILED_TO_CREATE              = "Server failed to create a session. If this issue persists, contact support."
+	ERR_SESSION_FAILED_TO_SAVE                = "Server failed to save session data. If this issue persists, contact support."
+	ERR_VERIFY_EMAIL_MISSING_TOKEN            = `Verification token is missing. Check the link you clicked or request a <a href="` + URL_RESEND_VERIFICATION + `">new verification email</a>.`
+	ERR_VERIFY_EMAIL_INVALID_OR_EXPIRED_TOKEN = `The verification token is either invalid or has expired. Try requesting a <a href="` + URL_RESEND_VERIFICATION + `">new verification email</a>.`
+	ERR_VERIFY_EMAIL_USER_NOT_FOUND           = `User not found for the provided verification token. If you think this is an error, contact support.`
+	ERR_VERIFY_EMAIL_ACTIVATION_FAILED        = `Failed to activate your account. If this issue persists, contact support.`
 
 	// Success messages
 	SUCCESS_USER_REGISTERED = "Your account has been created successfully. A verification email has been sent to your email address. You will only be able to log in after verifying your email. If you did not receive the email, you can <a href=\"" + URL_RESEND_VERIFICATION + "\">request a new one</a>."
+	SUCCESS_VERIFY_EMAIL    = `Your email has been successfully verified. You can now <a href="` + URL_LOGIN + `">log in</a> to your account.`
 )
diff --git a/database/tokens.go b/database/tokens.go
index ddbc1f6..8ff69d4 100644
--- a/database/tokens.go
+++ b/database/tokens.go
@@ -46,9 +46,9 @@ func GenerateEmailToken(userID int, tokenType models.EmailTokenType) (*models.Em
 	return token, nil
 }
 
-func VerifyToken(userID int, token string, tokenType models.EmailTokenType) (*models.EmailToken, error) {
+func VerifyToken(token string, tokenType models.EmailTokenType) (*models.EmailToken, error) {
 	var emailToken models.EmailToken
-	if err := DB.Where("user_id = ? AND token = ? AND type = ?", userID, token, tokenType).First(&emailToken).Error; err != nil {
+	if err := DB.Where("token = ? AND type = ?", token, tokenType).First(&emailToken).Error; err != nil {
 		return nil, err
 	}
 
diff --git a/models/user.go b/models/user.go
index 3b92077..546f600 100644
--- a/models/user.go
+++ b/models/user.go
@@ -127,6 +127,13 @@ func (u *User) CheckPassword(password string) bool {
 	return err == nil
 }
 
+func (u *User) Activate() {
+	u.IsDeleted = false
+	u.AccountDisabled = false
+	u.AccountBanned = false
+	u.EmailVerified = true
+}
+
 func (u *User) IsActive() bool {
 	return !u.IsDeleted && !u.AccountDisabled && !u.AccountBanned
 }
diff --git a/router/routes.go b/router/routes.go
index c522599..91665df 100644
--- a/router/routes.go
+++ b/router/routes.go
@@ -24,6 +24,9 @@ func Initialize(router *fiber.App) {
 	register.Get("/", controllers.RegisterPageController)
 	register.Post("/", controllers.RegisterPostController)
 
+	account := router.Group("/account")
+	account.Get("/verify", controllers.VerifyEmailController)
+
 	preferences := router.Group("/preferences")
 	preferences.Get("/", controllers.PreferencesPageController)
 
diff --git a/templates/account/verify_email.django b/templates/account/verify_email.django
new file mode 100644
index 0000000..42298ef
--- /dev/null
+++ b/templates/account/verify_email.django
@@ -0,0 +1,21 @@
+{% extends 'layouts/main.django' %}
+
+{% block content %}
+  <div class="centered-main">
+    {% if Error %}
+      <div class="error">
+        <h2>Email Verification Error</h2>
+        <br />
+        <p>{{ Error|safe }}</p>
+      </div>
+    {% endif %}
+
+    {% if Success %}
+      <div class="success">
+        <h2>Email Verified Successfully</h2>
+        <br />
+        <p>{{ Success|safe }}</p>
+      </div>
+    {% endif %}
+  </div>
+{% endblock %}
diff --git a/templates/login.django b/templates/login.django
index 3c2e39b..01c6d28 100644
--- a/templates/login.django
+++ b/templates/login.django
@@ -30,7 +30,7 @@
         <div class="fbtngrp">
           <input type="submit" value="Login" />
           <input type="button" value="Clear" onclick="this.form.reset();" />
-          <input type="button" value="Forgot Password?" onclick="window.location.href='/accounts/forgot-password';" />
+          <input type="button" value="Forgot Password?" onclick="window.location.href='/account/forgot-password';" />
         </div>
       </form>
       <p class="text-center">
diff --git a/templates/partials/navbar.django b/templates/partials/navbar.django
index 70e7950..7180e9c 100644
--- a/templates/partials/navbar.django
+++ b/templates/partials/navbar.django
@@ -12,6 +12,7 @@
   <div class="nav-right">
     {% if User %}
       <a href="/account" class="user-status">{{ User.Username }}</a>
+      <a href="/posts/new">Upload</a>
       <a href="/logout">Logout</a>
     {% else %}
       <span class="user-status">Guest</span>