2020-05-20 11:13:14 +02:00
|
|
|
package route
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
|
2020-09-08 11:38:38 +02:00
|
|
|
"forge.cadoles.com/wpetit/hydra-passwordless/internal/config"
|
2020-05-20 11:13:14 +02:00
|
|
|
"forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra"
|
|
|
|
|
"forge.cadoles.com/wpetit/hydra-passwordless/internal/query"
|
2020-10-13 10:35:41 +02:00
|
|
|
"github.com/getsentry/sentry-go"
|
2020-05-20 11:13:14 +02:00
|
|
|
"github.com/pkg/errors"
|
|
|
|
|
"gitlab.com/wpetit/goweb/cqrs"
|
|
|
|
|
"gitlab.com/wpetit/goweb/logger"
|
|
|
|
|
"gitlab.com/wpetit/goweb/middleware/container"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func handleVerification(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
ctn := container.Must(r.Context())
|
|
|
|
|
bus := cqrs.Must(ctn)
|
2020-09-08 11:38:38 +02:00
|
|
|
conf := config.Must(ctn)
|
2020-05-20 11:13:14 +02:00
|
|
|
|
|
|
|
|
token := r.URL.Query().Get("token")
|
|
|
|
|
if token == "" {
|
|
|
|
|
http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
|
|
|
|
|
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
qry := &query.VerifyUserRequest{
|
|
|
|
|
Token: token,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctx := r.Context()
|
|
|
|
|
|
|
|
|
|
result, err := bus.Query(ctx, qry)
|
|
|
|
|
if err != nil {
|
2020-10-13 10:35:41 +02:00
|
|
|
sentry.CaptureException(err)
|
2020-05-20 11:13:14 +02:00
|
|
|
logger.Error(ctx, "could not verify token", logger.E(err))
|
|
|
|
|
|
2020-05-26 11:11:53 +02:00
|
|
|
err := renderErrorPage(
|
|
|
|
|
w, r,
|
|
|
|
|
http.StatusBadRequest,
|
|
|
|
|
"Lien invalide",
|
|
|
|
|
"Le lien de connexion utilisé est invalide ou a expiré.",
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return
|
2020-05-20 11:13:14 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
verifyUserData, ok := result.Data().(*query.VerifyUserData)
|
|
|
|
|
if !ok {
|
2020-10-13 10:35:41 +02:00
|
|
|
err := errors.New("unexpected result data")
|
|
|
|
|
sentry.CaptureException(err)
|
|
|
|
|
panic(err)
|
2020-05-20 11:13:14 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hydr := hydra.Must(ctn)
|
|
|
|
|
|
2020-09-08 11:38:38 +02:00
|
|
|
rememberFor := conf.Session.DefaultDuration
|
|
|
|
|
if verifyUserData.RememberMe {
|
|
|
|
|
rememberFor = conf.Session.RememberMeDuration
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-20 11:13:14 +02:00
|
|
|
accept := &hydra.AcceptLoginRequest{
|
2020-05-26 11:11:53 +02:00
|
|
|
Subject: verifyUserData.Email,
|
|
|
|
|
Remember: verifyUserData.RememberMe,
|
2020-09-08 11:38:38 +02:00
|
|
|
RememberFor: rememberFor,
|
2020-05-26 11:11:53 +02:00
|
|
|
Context: map[string]interface{}{
|
|
|
|
|
"email": verifyUserData.Email,
|
|
|
|
|
},
|
2020-05-20 11:13:14 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
res, err := hydr.AcceptLoginRequest(verifyUserData.Challenge, accept)
|
|
|
|
|
if err != nil {
|
2020-10-13 10:35:41 +02:00
|
|
|
sentry.CaptureException(err)
|
2020-07-09 16:40:14 +02:00
|
|
|
logger.Error(ctx, "could not retrieve hydra accept response", logger.E(err))
|
|
|
|
|
|
|
|
|
|
err := renderErrorPage(
|
|
|
|
|
w, r,
|
|
|
|
|
http.StatusBadRequest,
|
|
|
|
|
"Lien invalide",
|
|
|
|
|
"Le lien de connexion utilisé est invalide ou a expiré.",
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return
|
2020-05-20 11:13:14 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
http.Redirect(w, r, res.RedirectTo, http.StatusSeeOther)
|
|
|
|
|
}
|
