Sessions in etcd KV store instead of cookies
This commit is contained in:
@@ -3,8 +3,9 @@ package auth
|
||||
import (
|
||||
"git.coopgo.io/coopgo-apps/parcoursmob/renderer"
|
||||
"git.coopgo.io/coopgo-apps/parcoursmob/services"
|
||||
"git.coopgo.io/coopgo-apps/parcoursmob/utils/cache"
|
||||
"git.coopgo.io/coopgo-apps/parcoursmob/utils/identification"
|
||||
cache "git.coopgo.io/coopgo-apps/parcoursmob/utils/storage"
|
||||
"git.coopgo.io/coopgo-platform/emailing"
|
||||
"github.com/spf13/viper"
|
||||
)
|
||||
|
||||
@@ -13,10 +14,11 @@ type AuthHandler struct {
|
||||
config *viper.Viper
|
||||
services *services.ServicesHandler
|
||||
Renderer *renderer.Renderer
|
||||
cache *cache.CacheHandler
|
||||
cache cache.CacheHandler
|
||||
emailing *emailing.Mailer
|
||||
}
|
||||
|
||||
func NewAuthHandler(cfg *viper.Viper, idp *identification.IdentificationProvider, svc *services.ServicesHandler, cache *cache.CacheHandler) (*AuthHandler, error) {
|
||||
func NewAuthHandler(cfg *viper.Viper, idp *identification.IdentificationProvider, svc *services.ServicesHandler, cache cache.CacheHandler, emailing *emailing.Mailer) (*AuthHandler, error) {
|
||||
templates_root := cfg.GetString("templates.root")
|
||||
renderer := renderer.NewRenderer(cfg, templates_root)
|
||||
return &AuthHandler{
|
||||
@@ -25,5 +27,6 @@ func NewAuthHandler(cfg *viper.Viper, idp *identification.IdentificationProvider
|
||||
services: svc,
|
||||
Renderer: renderer,
|
||||
cache: cache,
|
||||
emailing: emailing,
|
||||
}, nil
|
||||
}
|
||||
|
||||
97
handlers/auth/lost_password.go
Normal file
97
handlers/auth/lost_password.go
Normal file
@@ -0,0 +1,97 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"git.coopgo.io/coopgo-platform/mobility-accounts/grpcapi"
|
||||
)
|
||||
|
||||
func (h *AuthHandler) LostPasswordInit(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method == "POST" {
|
||||
r.ParseForm()
|
||||
email := r.FormValue("email")
|
||||
if email != "" {
|
||||
account, err := h.services.GRPC.MobilityAccounts.GetAccountUsername(context.TODO(), &grpcapi.GetAccountUsernameRequest{
|
||||
Username: email,
|
||||
Namespace: "parcoursmob",
|
||||
})
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
http.Redirect(w, r, "/app/", http.StatusFound)
|
||||
return
|
||||
}
|
||||
|
||||
b := make([]byte, 16)
|
||||
if _, err := io.ReadFull(rand.Reader, b); err != nil {
|
||||
fmt.Println(err)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
key := base64.RawURLEncoding.EncodeToString(b)
|
||||
|
||||
passwordretrieval := map[string]any{
|
||||
"username": email,
|
||||
"account_id": account.Account.Id,
|
||||
"key": key,
|
||||
}
|
||||
|
||||
h.cache.PutWithTTL("retrieve-password/"+key, passwordretrieval, 72*time.Hour)
|
||||
|
||||
if err := h.emailing.Send("auth.retrieve_password", email, passwordretrieval); err != nil {
|
||||
fmt.Println(err)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
http.Redirect(w, r, "/app/", http.StatusFound)
|
||||
}
|
||||
}
|
||||
h.Renderer.LostPasswordInit(w, r)
|
||||
|
||||
}
|
||||
|
||||
func (h *AuthHandler) LostPasswordRecover(w http.ResponseWriter, r *http.Request) {
|
||||
r.ParseForm()
|
||||
|
||||
key := r.FormValue("key")
|
||||
recover, err := h.cache.Get("retrieve-password/" + key)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
h.Renderer.LostPasswordRecoverKO(w, r, key)
|
||||
return
|
||||
}
|
||||
|
||||
if r.Method == "POST" {
|
||||
newpassword := r.FormValue("password")
|
||||
if newpassword == "" {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
w.Write([]byte("Password is empty"))
|
||||
return
|
||||
}
|
||||
|
||||
_, err := h.services.GRPC.MobilityAccounts.ChangePassword(context.TODO(), &grpcapi.ChangePasswordRequest{
|
||||
Id: recover.(map[string]any)["account_id"].(string),
|
||||
Password: newpassword,
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
}
|
||||
|
||||
err = h.cache.Delete("retrieve-password/" + key)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
}
|
||||
|
||||
http.Redirect(w, r, "/app/", http.StatusFound)
|
||||
|
||||
}
|
||||
h.Renderer.LostPasswordRecover(w, r, recover)
|
||||
}
|
||||
@@ -16,7 +16,7 @@ func (h *AuthHandler) Onboarding(w http.ResponseWriter, r *http.Request) {
|
||||
onboarding, err := h.cache.Get("onboarding/" + key)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
h.Renderer.AuthOnboardingKO(w, r, key)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -72,6 +72,12 @@ func (h *AuthHandler) Onboarding(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
err = h.cache.Delete("onboarding/" + key)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
}
|
||||
|
||||
http.Redirect(w, r, "/app/", http.StatusFound)
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user