/*
* Copyright (C) 2023 Jonni Liljamo <jonni@liljamo.com>
*
* This file is licensed under AGPL-3.0-or-later, see NOTICE and LICENSE for
* more information.
*/
package handlers
import (
"log"
"net/http"
"git.src.quest/~skye/felu-ddns/internal/db"
"github.com/alexedwards/scs/v2"
"github.com/gin-gonic/gin"
)
type postUserPasswordData struct {
CurrentPassword string `form:"current_password"`
NewPassword string `form:"new_password"`
ConfirmNewPassword string `form:"confirm_new_password"`
}
func PostUserPassword() gin.HandlerFunc {
return func(c *gin.Context) {
data := &postUserPasswordData{}
if err := c.Bind(data); err != nil {
log.Printf("[felu] ERROR: Could not bind password data: %v", err)
c.String(http.StatusBadRequest, "Could not bind password data")
return
}
if len(data.NewPassword) < 10 {
c.String(http.StatusBadRequest, "Password should be at least 10 chars")
c.Abort()
return
}
if data.NewPassword != data.ConfirmNewPassword {
c.String(http.StatusBadRequest, "New and confirm do not match")
c.Abort()
return
}
userId, exists := c.Get("user_id")
if !exists {
c.String(http.StatusInternalServerError, "This should not be possible, but don't quote me on that")
c.Abort()
return
}
if !db.VerifyUserPassword(userId.(string), data.CurrentPassword) {
c.String(http.StatusBadRequest, "Current password is not correct")
c.Abort()
return
}
err := db.UpdateUserPassword(userId.(string), data.NewPassword)
if err != nil {
// FIXME: Handle better
c.String(http.StatusInternalServerError, "Something went wrong while deleting the user")
c.Abort()
return
}
c.Header("HX-Refresh", "true")
}
}
type postUserEmailData struct {
Email string `form:"email"`
}
func PostUserEmail() gin.HandlerFunc {
return func(c *gin.Context) {
data := &postUserEmailData{}
if err := c.Bind(data); err != nil {
log.Printf("[felu] ERROR: Could not bind email data: %v", err)
c.String(http.StatusBadRequest, "Could not bind email data")
return
}
if data.Email == "" {
c.String(http.StatusBadRequest, "Email can't be empty")
c.Abort()
return
}
userId, exists := c.Get("user_id")
if !exists {
c.String(http.StatusInternalServerError, "This should not be possible, but don't quote me on that")
c.Abort()
return
}
err := db.UpdateUserEmail(userId.(string), data.Email)
if err != nil {
// FIXME: Handle better
c.String(http.StatusInternalServerError, "Something went wrong while deleting the user")
c.Abort()
return
}
c.Header("HX-Refresh", "true")
}
}
func DeleteUser(sm *scs.SessionManager) gin.HandlerFunc {
return func(c *gin.Context) {
userId, exists := c.Get("user_id")
if !exists {
c.String(http.StatusInternalServerError, "This should not be possible, but don't quote me on that")
c.Abort()
return
}
err := db.DeleteUser(userId.(string))
if err != nil {
// FIXME: Handle better
c.String(http.StatusInternalServerError, "Something went wrong while deleting the user")
c.Abort()
return
}
sm.Destroy(c.Request.Context())
c.Header("HX-Refresh", "true")
}
}