From cfdcbc452064854140bb572dea154d3f5c2f857b Mon Sep 17 00:00:00 2001 From: Bobby Date: Sun, 13 Jul 2025 14:55:23 +0530 Subject: account verification and login flow --- controllers/account.go | 48 +++++++++++++++++++++++++++++++++++++++++++++ controllers/constants.go | 51 +++++++++++++++++++++++++++--------------------- 2 files changed, 77 insertions(+), 22 deletions(-) create mode 100644 controllers/account.go (limited to 'controllers') diff --git a/controllers/account.go b/controllers/account.go new file mode 100644 index 0000000..86b3ea4 --- /dev/null +++ b/controllers/account.go @@ -0,0 +1,48 @@ +package controllers + +import ( + "imageboard/database" + "imageboard/models" + "imageboard/utils/auth" + "imageboard/utils/shortcuts" + + "github.com/gofiber/fiber/v2" +) + +func renderVerifyEmailError(ctx *fiber.Ctx, errorMsg string, statusCode int) error { + return shortcuts.RenderWithStatus(ctx, TEMPLATE_VERIFY_EMAIL, fiber.Map{ + "Error": errorMsg, + }, statusCode) +} + +func VerifyEmailController(ctx *fiber.Ctx) error { + ctx.Locals("Title", PT_VERIFY_EMAIL) + if auth.IsAuthenticated(ctx) { + return ctx.Redirect(auth.GetRedirectURL(ctx), fiber.StatusSeeOther) + } + token := ctx.Query("token") + if token == "" { + return renderVerifyEmailError(ctx, ERR_VERIFY_EMAIL_MISSING_TOKEN, fiber.StatusBadRequest) + } + + emailToken, err := database.VerifyToken(token, models.EmailTokenTypeVerification) + if err != nil { + return renderVerifyEmailError(ctx, ERR_VERIFY_EMAIL_INVALID_OR_EXPIRED_TOKEN, fiber.StatusBadRequest) + } + + user, err := database.GetUserByID(emailToken.UserID) + if err != nil { + return renderVerifyEmailError(ctx, ERR_VERIFY_EMAIL_USER_NOT_FOUND, fiber.StatusInternalServerError) + } + + user.Activate() + if err := database.DB.Save(user).Error; err != nil { + return renderVerifyEmailError(ctx, ERR_VERIFY_EMAIL_ACTIVATION_FAILED, fiber.StatusInternalServerError) + } + + return shortcuts.Render(ctx, TEMPLATE_VERIFY_EMAIL, fiber.Map{ + "Success": SUCCESS_VERIFY_EMAIL, + "Username": user.Username, + }) + +} diff --git a/controllers/constants.go b/controllers/constants.go index 021eeb9..7417314 100644 --- a/controllers/constants.go +++ b/controllers/constants.go @@ -2,20 +2,22 @@ package controllers const ( // Page titles - PT_HOME = "Home Page" - PT_LOGIN = "Login" - PT_POSTS = "Posts" - PT_PREFERENCES = "Preferences" - PT_REGISTER = "Register" - PT_404 = "Page Not Found" + PT_HOME = "Home Page" + PT_LOGIN = "Login" + PT_POSTS = "Posts" + PT_PREFERENCES = "Preferences" + PT_REGISTER = "Register" + PT_404 = "Page Not Found" + PT_VERIFY_EMAIL = "Verify Email" // Template names - TEMPLATE_HOME = "home" - TEMPLATE_LOGIN = "login" - TEMPLATE_POSTS = "posts" - TEMPLATE_PREFERENCES = "preferences" - TEMPLATE_REGISTER = "register" - TEMPLATE_404 = "404" + TEMPLATE_HOME = "home" + TEMPLATE_LOGIN = "login" + TEMPLATE_POSTS = "posts" + TEMPLATE_PREFERENCES = "preferences" + TEMPLATE_REGISTER = "register" + TEMPLATE_404 = "404" + TEMPLATE_VERIFY_EMAIL = "account/verify_email" // URL constants for various routes URL_HOME = "/" @@ -23,19 +25,24 @@ const ( URL_POSTS = "/posts" URL_PREFERENCES = "/preferences" URL_REGISTER = "/register" - URL_FORGOT_PASSWORD = "/accounts/forgot-password" - URL_RESEND_VERIFICATION = "/accounts/resend-verification" + URL_FORGOT_PASSWORD = "/account/forgot-password" + URL_RESEND_VERIFICATION = "/account/resend-verification" // Error messages - ERR_INVALID_FORM_DATA = "The submitted form data is invalid. Check your input and try again." - ERR_USER_NOT_FOUND = `User with that username not found. Maybe you want to register?` - ERR_LOGIN_INVALID_CREDENTIALS = `The credentials you provided are incorrect. Did you forget your password?` - ERR_ACCOUNT_DISABLED = `Your account is disabled or banned. You can reach out to support for assistance.` - ERR_ACCOUNT_UNABLE_TO_LOGIN = `You cannot log in at this time. Verify your email or contact support. If you misplaced your verification email, you can request a new one.` - ERR_PASSWORD_MISMATCH = "Entered passwords do not match. Ensure both fields are identical." - ERR_SESSION_FAILED_TO_CREATE = "Server failed to create a session. If this issue persists, contact support." - ERR_SESSION_FAILED_TO_SAVE = "Server failed to save session data. If this issue persists, contact support." + ERR_INVALID_FORM_DATA = "The submitted form data is invalid. Check your input and try again." + ERR_USER_NOT_FOUND = `User with that username not found. Maybe you want to register?` + ERR_LOGIN_INVALID_CREDENTIALS = `The credentials you provided are incorrect. Did you forget your password?` + ERR_ACCOUNT_DISABLED = `Your account is disabled or banned. You can reach out to support for assistance.` + ERR_ACCOUNT_UNABLE_TO_LOGIN = `You cannot log in at this time. Verify your email or contact support. If you misplaced your verification email, you can request a new one.` + ERR_PASSWORD_MISMATCH = "Entered passwords do not match. Ensure both fields are identical." + ERR_SESSION_FAILED_TO_CREATE = "Server failed to create a session. If this issue persists, contact support." + ERR_SESSION_FAILED_TO_SAVE = "Server failed to save session data. If this issue persists, contact support." + ERR_VERIFY_EMAIL_MISSING_TOKEN = `Verification token is missing. Check the link you clicked or request a new verification email.` + ERR_VERIFY_EMAIL_INVALID_OR_EXPIRED_TOKEN = `The verification token is either invalid or has expired. Try requesting a new verification email.` + ERR_VERIFY_EMAIL_USER_NOT_FOUND = `User not found for the provided verification token. If you think this is an error, contact support.` + ERR_VERIFY_EMAIL_ACTIVATION_FAILED = `Failed to activate your account. If this issue persists, contact support.` // Success messages SUCCESS_USER_REGISTERED = "Your account has been created successfully. A verification email has been sent to your email address. You will only be able to log in after verifying your email. If you did not receive the email, you can request a new one." + SUCCESS_VERIFY_EMAIL = `Your email has been successfully verified. You can now log in to your account.` ) -- cgit v1.2.3