func (s *Server) handlePrefsVerifyPost(w http.ResponseWriter, r *http.Request) { reply := func(err error, status int) { data := struct { Error string `json:"error,omitempty"` }{} if err != nil { data.Error = err.Error() } w.WriteHeader(status) w.Header().Set("Content-Type", "application/json") json.NewEncoder(w).Encode(data) } var req struct { Confirmation string `json:"confirmation"` Email string `json:"email"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { reply(err, http.StatusBadRequest) return } email := req.Email token, err := hex.DecodeString(req.Confirmation) if err != nil { reply(err, http.StatusBadRequest) return } if email == "" || len(token) == 0 { reply(fmt.Errorf("missing parameters"), http.StatusBadRequest) return } ctx := s.rootCtx.Fork() account, err := s.b.AccountManager().Resolve(ctx, "email", email) if err != nil { status := http.StatusInternalServerError if err == proto.ErrAccountNotFound { status = http.StatusNotFound } reply(err, status) return } if err := proto.CheckEmailVerificationToken(s.kms, account, email, token); err != nil { status := http.StatusInternalServerError if err == proto.ErrInvalidVerificationToken { status = http.StatusForbidden } reply(err, status) return } if err := s.b.AccountManager().VerifyPersonalIdentity(ctx, "email", email); err != nil { reply(err, http.StatusInternalServerError) return } reply(nil, http.StatusOK) }
func (s *Server) handlePrefsVerify(w http.ResponseWriter, r *http.Request) { if err := r.ParseForm(); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } email := r.Form.Get("email") token, err := hex.DecodeString(r.Form.Get("token")) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } if email == "" || len(token) == 0 { http.Error(w, "missing parameters", http.StatusBadRequest) return } ctx := s.rootCtx.Fork() account, err := s.b.AccountManager().Resolve(ctx, "email", email) if err != nil { status := http.StatusInternalServerError if err == proto.ErrAccountNotFound { status = http.StatusNotFound } http.Error(w, err.Error(), status) return } if err := proto.CheckEmailVerificationToken(s.kms, account, email, token); err != nil { status := http.StatusInternalServerError if err == proto.ErrInvalidVerificationToken { status = http.StatusForbidden } http.Error(w, err.Error(), status) return } if err := s.b.AccountManager().VerifyPersonalIdentity(ctx, "email", email); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } // TODO: serve success template w.Header().Set("Content-Type", "text/plain") w.Write([]byte("ok")) }