func handleEmailVerifyFunc(verifiedTpl *template.Template, issuer url.URL, keysFunc func() ([]key.PublicKey,
error), userManager *user.Manager) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
q := r.URL.Query()
token := q.Get("token")
keys, err := keysFunc()
if err != nil {
execTemplateWithStatus(w, verifiedTpl, emailVerifiedTemplateData{
Error: "There's been an error processing your request.",
Message: "Plesae try again later.",
}, http.StatusInternalServerError)
return
}
ev, err := user.ParseAndVerifyEmailVerificationToken(token, issuer, keys)
if err != nil {
execTemplateWithStatus(w, verifiedTpl, emailVerifiedTemplateData{
Error: "Bad Email Verification Token",
Message: "That was not a verifiable token.",
}, http.StatusBadRequest)
return
}
cbURL, err := userManager.VerifyEmail(ev)
if err != nil {
switch err {
case user.ErrorEmailAlreadyVerified:
execTemplateWithStatus(w, verifiedTpl, emailVerifiedTemplateData{
Error: "Invalid Verification Link",
Message: "Your email link has expired or has already been verified.",
}, http.StatusBadRequest)
case user.ErrorEVEmailDoesntMatch:
execTemplateWithStatus(w, verifiedTpl, emailVerifiedTemplateData{
Error: "Invalid Verification Link",
Message: "Your email link does not match the email address on file. Perhaps you have a more recent verification link?",
}, http.StatusBadRequest)
default:
execTemplateWithStatus(w, verifiedTpl, emailVerifiedTemplateData{
Error: "Error Processing Request",
Message: "Please try again later.",
}, http.StatusInternalServerError)
}
return
}
http.SetCookie(w, &http.Cookie{
HttpOnly: true,
Name: "ShowEmailVerifiedMessage",
MaxAge: int(60 * 5),
Expires: time.Now().Add(time.Minute * 5),
})
http.Redirect(w, r, cbURL.String(), http.StatusSeeOther)
}
}
func registerFromLocalConnector(userManager *user.Manager, sessionManager *session.SessionManager, ses *session.Session, email, password string) (string, error) {
userID, err := userManager.RegisterWithPassword(email, password, ses.ConnectorID)
if err != nil {
return "", err
}
ses, err = sessionManager.AttachRemoteIdentity(ses.ID, oidc.Identity{
ID: userID,
})
if err != nil {
return "", err
}
return userID, nil
}
func registerFromRemoteConnector(userManager *user.Manager, ses *session.Session, email string, emailVerified bool) (string, error) {
if ses.Identity.ID == "" {
return "", errors.New("No Identity found in session.")
}
rid := user.RemoteIdentity{
ConnectorID: ses.ConnectorID,
ID: ses.Identity.ID,
}
userID, err := userManager.RegisterWithRemoteIdentity(email, emailVerified, rid)
if err != nil {
return "", err
}
return userID, nil
}