2024-01-06 17:56:32 +00:00
|
|
|
package services
|
|
|
|
|
|
|
|
import (
|
2024-01-28 08:17:38 +00:00
|
|
|
"fmt"
|
2024-06-26 07:52:58 +00:00
|
|
|
"github.com/rs/zerolog/log"
|
2024-05-17 09:13:11 +00:00
|
|
|
"github.com/spf13/viper"
|
|
|
|
"gorm.io/datatypes"
|
2024-03-20 12:56:43 +00:00
|
|
|
"time"
|
|
|
|
|
2024-06-17 14:21:34 +00:00
|
|
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
|
|
|
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
|
2024-01-29 08:11:59 +00:00
|
|
|
"github.com/google/uuid"
|
2024-01-28 16:32:39 +00:00
|
|
|
"github.com/samber/lo"
|
|
|
|
"gorm.io/gorm"
|
2024-01-06 17:56:32 +00:00
|
|
|
)
|
|
|
|
|
2024-01-07 07:52:23 +00:00
|
|
|
func GetAccount(id uint) (models.Account, error) {
|
|
|
|
var account models.Account
|
|
|
|
if err := database.C.Where(models.Account{
|
|
|
|
BaseModel: models.BaseModel{ID: id},
|
|
|
|
}).First(&account).Error; err != nil {
|
|
|
|
return account, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return account, nil
|
|
|
|
}
|
|
|
|
|
2024-06-26 12:05:28 +00:00
|
|
|
func GetAccountWithName(alias string) (models.Account, error) {
|
|
|
|
var account models.Account
|
|
|
|
if err := database.C.Where(models.Account{
|
|
|
|
Name: alias,
|
|
|
|
}).First(&account).Error; err != nil {
|
|
|
|
return account, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return account, nil
|
|
|
|
}
|
|
|
|
|
2024-04-20 11:04:33 +00:00
|
|
|
func LookupAccount(probe string) (models.Account, error) {
|
2024-01-06 17:56:32 +00:00
|
|
|
var account models.Account
|
2024-04-20 11:04:33 +00:00
|
|
|
if err := database.C.Where(models.Account{Name: probe}).First(&account).Error; err == nil {
|
2024-01-06 17:56:32 +00:00
|
|
|
return account, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
var contact models.AccountContact
|
2024-04-20 11:04:33 +00:00
|
|
|
if err := database.C.Where(models.AccountContact{Content: probe}).First(&contact).Error; err == nil {
|
2024-01-06 17:56:32 +00:00
|
|
|
if err := database.C.
|
|
|
|
Where(models.Account{
|
|
|
|
BaseModel: models.BaseModel{ID: contact.AccountID},
|
2024-01-27 16:05:19 +00:00
|
|
|
}).First(&account).Error; err == nil {
|
2024-01-06 17:56:32 +00:00
|
|
|
return account, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return account, fmt.Errorf("account was not found")
|
|
|
|
}
|
2024-01-28 08:17:38 +00:00
|
|
|
|
|
|
|
func CreateAccount(name, nick, email, password string) (models.Account, error) {
|
|
|
|
user := models.Account{
|
2024-02-18 07:51:27 +00:00
|
|
|
Name: name,
|
|
|
|
Nick: nick,
|
2024-01-28 08:17:38 +00:00
|
|
|
Profile: models.AccountProfile{
|
|
|
|
Experience: 100,
|
|
|
|
},
|
|
|
|
Factors: []models.AuthFactor{
|
|
|
|
{
|
|
|
|
Type: models.PasswordAuthFactor,
|
2024-04-20 11:04:33 +00:00
|
|
|
Secret: HashPassword(password),
|
2024-01-28 08:17:38 +00:00
|
|
|
},
|
2024-01-29 08:11:59 +00:00
|
|
|
{
|
|
|
|
Type: models.EmailPasswordFactor,
|
|
|
|
Secret: uuid.NewString()[:8],
|
|
|
|
},
|
2024-01-28 08:17:38 +00:00
|
|
|
},
|
|
|
|
Contacts: []models.AccountContact{
|
|
|
|
{
|
|
|
|
Type: models.EmailAccountContact,
|
|
|
|
Content: email,
|
2024-01-29 08:11:59 +00:00
|
|
|
IsPrimary: true,
|
2024-01-28 08:17:38 +00:00
|
|
|
VerifiedAt: nil,
|
|
|
|
},
|
|
|
|
},
|
2024-05-17 09:13:11 +00:00
|
|
|
PermNodes: datatypes.JSONMap(viper.GetStringMap("permissions.default")),
|
2024-01-28 08:17:38 +00:00
|
|
|
ConfirmedAt: nil,
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := database.C.Create(&user).Error; err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
2024-01-28 16:32:39 +00:00
|
|
|
|
|
|
|
if tk, err := NewMagicToken(models.ConfirmMagicToken, &user, nil); err != nil {
|
|
|
|
return user, err
|
|
|
|
} else if err := NotifyMagicToken(tk); err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return user, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func ConfirmAccount(code string) error {
|
2024-01-29 08:11:59 +00:00
|
|
|
token, err := ValidateMagicToken(code, models.ConfirmMagicToken)
|
|
|
|
if err != nil {
|
2024-01-28 16:32:39 +00:00
|
|
|
return err
|
2024-06-30 09:01:39 +00:00
|
|
|
} else if token.AccountID == nil {
|
|
|
|
return fmt.Errorf("magic token didn't assign a valid account")
|
2024-01-28 16:32:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
var user models.Account
|
|
|
|
if err := database.C.Where(&models.Account{
|
2024-06-26 07:52:58 +00:00
|
|
|
BaseModel: models.BaseModel{ID: *token.AccountID},
|
2024-01-28 16:32:39 +00:00
|
|
|
}).First(&user).Error; err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return database.C.Transaction(func(tx *gorm.DB) error {
|
|
|
|
user.ConfirmedAt = lo.ToPtr(time.Now())
|
2024-05-17 09:13:11 +00:00
|
|
|
|
|
|
|
for k, v := range viper.GetStringMap("permissions.verified") {
|
|
|
|
if val, ok := user.PermNodes[k]; !ok {
|
|
|
|
user.PermNodes[k] = v
|
2024-07-03 14:36:42 +00:00
|
|
|
} else {
|
|
|
|
user.PermNodes[k] = val
|
2024-05-17 09:13:11 +00:00
|
|
|
}
|
|
|
|
}
|
2024-01-28 16:32:39 +00:00
|
|
|
|
|
|
|
if err := database.C.Delete(&token).Error; err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if err := database.C.Save(&user).Error; err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2024-05-17 11:37:58 +00:00
|
|
|
InvalidAuthCacheWithUser(user.ID)
|
|
|
|
|
2024-01-28 16:32:39 +00:00
|
|
|
return nil
|
|
|
|
})
|
2024-01-28 08:17:38 +00:00
|
|
|
}
|
2024-06-26 07:52:58 +00:00
|
|
|
|
2024-06-30 09:01:39 +00:00
|
|
|
func CheckAbleToResetPassword(user models.Account) error {
|
|
|
|
var count int64
|
|
|
|
if err := database.C.
|
|
|
|
Where("account_id = ?", user.ID).
|
|
|
|
Where("expired_at < ?", time.Now()).
|
2024-06-30 09:20:05 +00:00
|
|
|
Where("type = ?", models.ResetPasswordMagicToken).
|
2024-06-30 09:01:39 +00:00
|
|
|
Model(&models.MagicToken{}).
|
|
|
|
Count(&count).Error; err != nil {
|
|
|
|
return fmt.Errorf("unable to check reset password ability: %v", err)
|
2024-06-30 09:20:05 +00:00
|
|
|
} else if count > 0 {
|
2024-06-30 09:01:39 +00:00
|
|
|
return fmt.Errorf("you requested reset password recently")
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func RequestResetPassword(user models.Account) error {
|
|
|
|
if tk, err := NewMagicToken(
|
|
|
|
models.ResetPasswordMagicToken,
|
|
|
|
&user,
|
|
|
|
lo.ToPtr(time.Now().Add(24*time.Hour)),
|
|
|
|
); err != nil {
|
|
|
|
return err
|
|
|
|
} else if err := NotifyMagicToken(tk); err != nil {
|
|
|
|
log.Error().
|
|
|
|
Err(err).
|
|
|
|
Str("code", tk.Code).
|
|
|
|
Uint("user", user.ID).
|
|
|
|
Msg("Failed to notify password reset magic token...")
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func ConfirmResetPassword(code, newPassword string) error {
|
|
|
|
token, err := ValidateMagicToken(code, models.ResetPasswordMagicToken)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
} else if token.AccountID == nil {
|
|
|
|
return fmt.Errorf("magic token didn't assign a valid account")
|
|
|
|
}
|
|
|
|
|
|
|
|
factor, err := GetPasswordTypeFactor(*token.AccountID)
|
|
|
|
if err != nil {
|
|
|
|
factor = models.AuthFactor{
|
|
|
|
Type: models.PasswordAuthFactor,
|
|
|
|
Secret: HashPassword(newPassword),
|
|
|
|
AccountID: *token.AccountID,
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
factor.Secret = HashPassword(newPassword)
|
|
|
|
}
|
|
|
|
|
|
|
|
return database.C.Save(&factor).Error
|
|
|
|
}
|
|
|
|
|
2024-06-26 07:52:58 +00:00
|
|
|
func DeleteAccount(id uint) error {
|
|
|
|
tx := database.C.Begin()
|
|
|
|
|
|
|
|
for _, model := range []any{
|
|
|
|
&models.Badge{},
|
|
|
|
&models.RealmMember{},
|
|
|
|
&models.AccountContact{},
|
|
|
|
&models.AuthFactor{},
|
|
|
|
&models.AuthTicket{},
|
|
|
|
&models.MagicToken{},
|
|
|
|
&models.ThirdClient{},
|
|
|
|
&models.Notification{},
|
|
|
|
&models.NotificationSubscriber{},
|
|
|
|
&models.AccountFriendship{},
|
|
|
|
} {
|
|
|
|
if err := tx.Delete(model, "account_id = ?", id).Error; err != nil {
|
|
|
|
tx.Rollback()
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := tx.Delete(&models.Account{}, "id = ?", id).Error; err != nil {
|
|
|
|
tx.Rollback()
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return tx.Commit().Error
|
|
|
|
}
|
|
|
|
|
|
|
|
func RecycleUnConfirmAccount() {
|
|
|
|
var hitList []models.Account
|
|
|
|
if err := database.C.Where("confirmed_at IS NULL").Find(&hitList).Error; err != nil {
|
|
|
|
log.Error().Err(err).Msg("An error occurred while recycling accounts...")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(hitList) > 0 {
|
|
|
|
log.Info().Int("count", len(hitList)).Msg("Going to recycle those un-confirmed accounts...")
|
|
|
|
for _, entry := range hitList {
|
|
|
|
if err := DeleteAccount(entry.ID); err != nil {
|
|
|
|
log.Error().Err(err).Msg("An error occurred while recycling accounts...")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2024-06-26 12:28:12 +00:00
|
|
|
|
|
|
|
func SetAccountLastSeen(uid uint) error {
|
|
|
|
var profile models.AccountProfile
|
|
|
|
if err := database.C.Where("account_id = ?", uid).First(&profile).Error; err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
profile.LastSeenAt = lo.ToPtr(time.Now())
|
|
|
|
|
|
|
|
return database.C.Save(&profile).Error
|
|
|
|
}
|