206 lines
5.3 KiB
Go
206 lines
5.3 KiB
Go
package main
|
|
|
|
import (
|
|
"errors"
|
|
"net/http"
|
|
"party.at/party/internal/data"
|
|
"party.at/party/internal/validator"
|
|
"database/sql"
|
|
"time"
|
|
)
|
|
|
|
func (app *application) createUserHandler(w http.ResponseWriter, r *http.Request) {
|
|
|
|
var input struct {
|
|
ProviderId int64 `json:"provider_id"`
|
|
Username string `json:"username"`
|
|
PhoneNumber string `json:"phone_number"`
|
|
Country string `json:"country"`
|
|
Email string `json:"email"`
|
|
Password string `json:"password"`
|
|
Name string `json:"name"`
|
|
AltName string `json:"alt_name"`
|
|
DateOfBirth time.Time `json:"date_of_birth"`
|
|
Address string `json:"address"`
|
|
}
|
|
|
|
err := app.readJSON(w, r, &input)
|
|
if err != nil {
|
|
app.badRequestResponse(w, r, err)
|
|
return
|
|
}
|
|
|
|
user := &data.User{
|
|
Email: input.Email,
|
|
PhoneNumber: input.PhoneNumber,
|
|
Country: input.Country,
|
|
Name: input.Name,
|
|
AltName: sql.NullString{String: input.AltName, Valid: true},
|
|
DateOfBirth: input.DateOfBirth,
|
|
Address: input.Address,
|
|
Activated: false,
|
|
}
|
|
|
|
userIdentity := &data.UserIdentity{
|
|
ProviderID: input.ProviderId,
|
|
ProviderUserID: input.Username,
|
|
}
|
|
|
|
err = userIdentity.Password.Set(input.Password)
|
|
if err != nil {
|
|
app.serverErrorResponse(w, r, err)
|
|
return
|
|
}
|
|
|
|
v := validator.New()
|
|
if data.ValidateUser(v, user); !v.Valid() {
|
|
app.failedValidationResponse(w, r, v.Errors)
|
|
return
|
|
}
|
|
|
|
if data.ValidateUserIdentity(v, userIdentity); !v.Valid() {
|
|
app.failedValidationResponse(w, r, v.Errors)
|
|
return
|
|
}
|
|
|
|
err = app.models.Users.ExecuteRegistrationTx(user, userIdentity)
|
|
if err != nil {
|
|
switch {
|
|
case errors.Is(err, data.ErrDuplicateEmail):
|
|
v.AddError("email", "a user with this email address already exists")
|
|
app.failedValidationResponse(w, r, v.Errors)
|
|
case errors.Is(err, data.ErrDuplicateUser):
|
|
v.AddError("username", "a user with this username already exists")
|
|
app.failedValidationResponse(w, r, v.Errors)
|
|
default:
|
|
app.serverErrorResponse(w, r, err)
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
err = app.models.Permissions.AddForUser(user.ID, "issues:read")
|
|
if err != nil {
|
|
app.serverErrorResponse(w, r, err)
|
|
return
|
|
}
|
|
|
|
token, err := app.models.Tokens.New(user.ID, userIdentity.ID, 3 * 24 * time.Hour, data.ScopeActivation)
|
|
if err != nil {
|
|
app.serverErrorResponse(w, r, err)
|
|
return
|
|
}
|
|
|
|
app.background(func() {
|
|
data := map[string]interface{}{
|
|
"token": token.Plaintext,
|
|
"userID": user.ID,
|
|
}
|
|
|
|
err = app.mailer.Send(user.Email, "user_welcome.tmpl", data)
|
|
if err != nil {
|
|
app.logger.PrintError(err, nil)
|
|
}
|
|
})
|
|
|
|
// Write a JSON response containing the user data along with a 201 Created status
|
|
// code.
|
|
err = app.writeJSON(w, http.StatusCreated, envelope{"user": user}, nil)
|
|
if err != nil {
|
|
app.serverErrorResponse(w, r, err)
|
|
}
|
|
}
|
|
|
|
func (app *application) deleteUserHandler(w http.ResponseWriter, r *http.Request) {
|
|
id, err := app.readIDParam(r)
|
|
if err != nil {
|
|
app.notFoundResponse(w, r)
|
|
return
|
|
}
|
|
|
|
// Delete the issue from the database, sending a 404 Not Found response to the
|
|
// client if there isn't a matching record.
|
|
err = app.models.Users.Delete(id)
|
|
if err != nil {
|
|
switch {
|
|
case errors.Is(err, data.ErrRecordNotFound):
|
|
app.notFoundResponse(w, r)
|
|
default:
|
|
app.serverErrorResponse(w, r, err)
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
// Return a 200 OK status code along with a success message.
|
|
err = app.writeJSON(w, http.StatusOK, envelope{"message": "user successfully deleted"}, nil)
|
|
if err != nil {
|
|
app.serverErrorResponse(w, r, err)
|
|
}
|
|
}
|
|
|
|
func (app *application) activateUserHandler(w http.ResponseWriter, r *http.Request) {
|
|
// Parse the plaintext activation token from the request body.
|
|
var input struct {
|
|
TokenPlaintext string `json:"token"`
|
|
}
|
|
|
|
err := app.readJSON(w, r, &input)
|
|
if err != nil {
|
|
app.badRequestResponse(w, r, err)
|
|
return
|
|
}
|
|
|
|
// Validate the plaintext token provided by the client.
|
|
v := validator.New()
|
|
if data.ValidateTokenPlaintext(v, input.TokenPlaintext); !v.Valid() {
|
|
app.failedValidationResponse(w, r, v.Errors)
|
|
return
|
|
}
|
|
|
|
// Retrieve the details of the user associated with the token using the
|
|
// GetForToken() method (which we will create in a minute). If no matching record
|
|
// is found, then we let the client know that the token they provided is not valid.
|
|
user, err := app.models.Users.GetForToken(data.ScopeActivation, input.TokenPlaintext)
|
|
if err != nil {
|
|
switch {
|
|
case errors.Is(err, data.ErrRecordNotFound):
|
|
v.AddError("token", "invalid or expired activation token")
|
|
app.failedValidationResponse(w, r, v.Errors)
|
|
default:
|
|
app.serverErrorResponse(w, r, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
// Update the user's activation status.
|
|
user.Activated = true
|
|
|
|
// Save the updated user record in our database, checking for any edit conflicts in
|
|
// the same way that we did for our movie records.
|
|
err = app.models.Users.Update(user)
|
|
if err != nil {
|
|
switch {
|
|
case errors.Is(err, data.ErrEditConflict):
|
|
app.editConflictResponse(w, r)
|
|
default:
|
|
app.serverErrorResponse(w, r, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
// If everything went successfully, then we delete all activation tokens for the
|
|
// user.
|
|
err = app.models.Tokens.DeleteAllForUser(data.ScopeActivation, user.ID)
|
|
if err != nil {
|
|
app.serverErrorResponse(w, r, err)
|
|
return
|
|
}
|
|
|
|
// Send the updated user details to the client in a JSON response.
|
|
err = app.writeJSON(w, http.StatusOK, envelope{"user": user}, nil)
|
|
if err != nil {
|
|
app.serverErrorResponse(w, r, err)
|
|
}
|
|
}
|