hydra-passwordless/internal/route/login.go

package route

import (
	"bytes"
	"fmt"
	"net/http"
	netMail "net/mail"

	"github.com/davecgh/go-spew/spew"

	"forge.cadoles.com/wpetit/hydra-passwordless/internal/config"
	"forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra"
	"forge.cadoles.com/wpetit/hydra-passwordless/internal/mail"
	"github.com/gorilla/csrf"
	"github.com/pkg/errors"
	"gitlab.com/wpetit/goweb/middleware/container"
	"gitlab.com/wpetit/goweb/service/session"
	"gitlab.com/wpetit/goweb/service/template"
)

func serveLoginPage(w http.ResponseWriter, r *http.Request) {
	ctn := container.Must(r.Context())
	hydr := hydra.Must(ctn)

	challenge, err := hydr.LoginChallenge(r)
	if err != nil {
		if err == hydra.ErrChallengeNotFound {
			http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)

			return
		}

		panic(errors.Wrap(err, "could not retrieve login challenge"))
	}

	res, err := hydr.LoginRequest(challenge)
	if err != nil {
		panic(errors.Wrap(err, "could not retrieve hydra login response"))
	}

	if res.Skip {
		res, err := hydr.RejectRequest(challenge, &hydra.RejectRequest{
			Error:            "email_not_validated",
			ErrorDescription: "The email adress could not be verified.",
		})
		if err != nil {
			panic(errors.Wrap(err, "could not reject hydra authentication request"))
		}

		http.Redirect(w, r, res.RedirectTo, http.StatusTemporaryRedirect)
		return
	}

	tmpl := template.Must(ctn)

	data := extendTemplateData(w, r, template.Data{
		csrf.TemplateTag: csrf.TemplateField(r),
		"LoginChallenge": challenge,
		"Email":          "",
	})

	if err := tmpl.RenderPage(w, "login.html.tmpl", data); err != nil {
		panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
	}
}

func handleLoginForm(w http.ResponseWriter, r *http.Request) {
	ctn := container.Must(r.Context())
	tmpl := template.Must(ctn)
	hydr := hydra.Must(ctn)

	if err := r.ParseForm(); err != nil {
		http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)

		return
	}

	email := r.Form.Get("email")
	challenge := r.Form.Get("challenge")

	renderFlashError := func(message string) {
		sess, err := session.Must(ctn).Get(w, r)
		if err != nil {
			panic(errors.Wrap(err, "could not retrieve session"))
		}

		sess.AddFlash(session.FlashError, message)

		if err := sess.Save(w, r); err != nil {
			panic(errors.Wrap(err, "could not save session"))
		}

		data := extendTemplateData(w, r, template.Data{
			csrf.TemplateTag: csrf.TemplateField(r),
			"LoginChallenge": challenge,
			"Email":          email,
		})

		if err := tmpl.RenderPage(w, "login.html.tmpl", data); err != nil {
			panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
		}
	}

	if _, err := netMail.ParseAddress(email); err != nil {
		renderFlashError("Veuillez saisir une adresse courriel valide")

		return
	}

	if challenge == "" {
		http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)

		return
	}

	res, err := hydr.LoginRequest(challenge)
	if err != nil {
		panic(errors.Wrap(err, "could not retrieve hydra login response"))
	}

	spew.Dump(res)

	ml := mail.Must(ctn)
	conf := config.Must(ctn)

	var buf bytes.Buffer
	if err := tmpl.Render(&buf, "verification_email.html.tmpl", template.Data{}); err != nil {
		panic(errors.Wrap(err, "could not render email template"))
	}

	err = ml.Send(
		mail.WithSender(conf.SMTP.SenderAddress, conf.SMTP.SenderName),
		mail.WithRecipients(email),
		mail.WithSubject(fmt.Sprintf("[Authentification]")),
		mail.WithBody(mail.ContentTypeHTML, buf.String(), nil),
		mail.WithAlternativeBody(mail.ContentTypeText, "", nil),
	)
	if err != nil {
		panic(errors.Wrap(err, "could not send email"))
	}

	data := extendTemplateData(w, r, template.Data{})

	if err := tmpl.RenderPage(w, "email_sent.html.tmpl", data); err != nil {
		panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
	}
}