Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 34 additions & 28 deletions internal/db/auth_attempts.sql.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

53 changes: 53 additions & 0 deletions internal/db/email_reset_requests.sql.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 7 additions & 0 deletions internal/db/models.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 16 additions & 0 deletions internal/db/users.sql.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

93 changes: 93 additions & 0 deletions internal/handlers/user.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,14 @@ type tokenPasswordResetter interface {
ResetPasswordFromResetRequest(ctx context.Context, token string, input user.ResetPasswordFromResetRequestBody) error
}

type emailResetRequester interface {
CreateEmailResetRequest(ctx context.Context, usr user.User, input user.CreateEmailResetRequestBody) error
}

type tokenEmailResetter interface {
ResetEmailFromResetRequest(ctx context.Context, token string) error
}

func CreateSignUpHandler(userService signUpper, sessionService sessionCreator) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
var reqBody user.AuthenticateBody
Expand Down Expand Up @@ -213,6 +221,58 @@ func CreateTokenPasswordResetHandler(userService tokenPasswordResetter) http.Han
})
}

func CreateEmailResetRequestHandler(userService emailResetRequester) http.Handler {
return middleware.Requires(
http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
var reqBody user.CreateEmailResetRequestBody

decoder := json.NewDecoder(r.Body)
decoder.DisallowUnknownFields()
err := decoder.Decode(&reqBody)
if err != nil {
web.WriteJSONResponse(w, http.StatusBadRequest, map[string]any{"error": "invalid JSON body"})
return
}

usr, err := middleware.UserFromContext(r.Context())
if err != nil {
log.Printf("when getting user for email reset request: %v", err)
web.WriteAndReportInternalError(w)
return
}

err = userService.CreateEmailResetRequest(r.Context(), usr, reqBody)
if err != nil {
if writeCreateEmailResetRequestError(w, err) {
return
}

web.WriteAndReportInternalError(w)
return
}

w.WriteHeader(http.StatusNoContent)
}), middleware.Authenticated)
}

func CreateTokenEmailResetHandler(userService tokenEmailResetter) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
token := r.URL.Query().Get("token")

err := userService.ResetEmailFromResetRequest(r.Context(), token)
if err != nil {
if writeTokenEmailResetError(w, err) {
return
}

web.WriteAndReportInternalError(w)
return
}

w.WriteHeader(http.StatusNoContent)
})
}

func writeSignUpError(w http.ResponseWriter, err error) bool {
if errors.Is(err, user.ErrEmailBlank) {
web.WriteJSONResponse(w, http.StatusBadRequest, map[string]any{"email": "email may not be blank"})
Expand Down Expand Up @@ -305,6 +365,39 @@ func writeTokenPasswordResetError(w http.ResponseWriter, err error) bool {
return false
}

func writeCreateEmailResetRequestError(w http.ResponseWriter, err error) bool {
if errors.Is(err, user.ErrInvalidEmail) {
web.WriteJSONResponse(w, http.StatusBadRequest, map[string]any{"email": "email is not valid"})
return true
}

if errors.Is(err, user.ErrEmailTaken) {
web.WriteJSONResponse(w, http.StatusBadRequest, map[string]any{"email": "email already in use"})
return true
}

if errors.Is(err, user.ErrInvalidCredentials) {
web.WriteJSONResponse(w, http.StatusUnauthorized, map[string]any{"error": "authentication failed"})
return true
}

return false
}

func writeTokenEmailResetError(w http.ResponseWriter, err error) bool {
if errors.Is(err, user.ErrInvalidResetToken) {
web.WriteJSONResponse(w, http.StatusBadRequest, map[string]any{"error": "invalid or expired reset token"})
return true
}

if errors.Is(err, user.ErrEmailTaken) {
web.WriteJSONResponse(w, http.StatusBadRequest, map[string]any{"email": "email already in use"})
return true
}

return false
}

func writeWeakPasswordError(w http.ResponseWriter, err error) bool {
if errors.Is(err, user.ErrPasswordEmpty) {
web.WriteJSONResponse(w, http.StatusBadRequest, map[string]any{"password": "password can't be empty"})
Expand Down
2 changes: 1 addition & 1 deletion internal/integration/helper_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ func getIntegrationTestPool(t testing.TB) *pgxpool.Pool {
func cleanupIntegrationTables(t testing.TB, pool *pgxpool.Pool) {
t.Helper()

_, err := pool.Exec(context.Background(), "TRUNCATE TABLE sessions, users, auth_attempts, password_reset_requests RESTART IDENTITY")
_, err := pool.Exec(context.Background(), "TRUNCATE TABLE sessions, users, auth_attempts, password_reset_requests, email_reset_requests RESTART IDENTITY")
if err != nil {
t.Fatalf("failed to clean integration tables: %v", err)
}
Expand Down
2 changes: 2 additions & 0 deletions internal/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ func NewMux(userService *user.Service, sessionService *session.Service) http.Han
mux.Handle("PUT /user/password", handlers.CreateAuthenticatedPasswordResetHandler(userService))
mux.Handle("POST /password-reset", handlers.CreatePasswordResetRequestHandler(userService))
mux.Handle("PUT /password-reset", handlers.CreateTokenPasswordResetHandler(userService))
mux.Handle("POST /email-reset", handlers.CreateEmailResetRequestHandler(userService))
mux.Handle("PUT /email-reset", handlers.CreateTokenEmailResetHandler(userService))

return middleware.CreateSessionMiddleware(userService, sessionService, mux)
}
Loading