func UserInvite(w http.ResponseWriter, r *http.Request) error { // generate the password reset token email := r.FormValue("email") token := authcookie.New(email, time.Now().Add(12*time.Hour), secret) // get settings hostname := database.SettingsMust().URL().String() emailEnabled := database.SettingsMust().SmtpServer != "" if !emailEnabled { // Email is not enabled, so must let the user know the signup link link := fmt.Sprintf("%v/register?token=%v", hostname, token) return RenderText(w, link, http.StatusOK) } // send data to template data := struct { Host string Email string Token string }{hostname, email, token} // send the email message async go mail.SendActivation(email, data) return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK) }
func SignUpPost(w http.ResponseWriter, r *http.Request) error { // if self-registration is disabled we should display an // error message to the user. if !database.SettingsMust().OpenInvitations { http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden) return nil } // generate the password reset token email := r.FormValue("email") token := authcookie.New(email, time.Now().Add(12*time.Hour), secret) // get the hostname from the database for use in the email hostname := database.SettingsMust().URL().String() // data used to generate the email template data := struct { Host string Email string Token string }{hostname, email, token} // send the email message async go mail.SendActivation(email, data) return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK) }
func setcookie(q *Context) { if q.auth { exp := time.Now().AddDate(0, 0, 14) au := authcookie.New(q.sec+"|"+q.user, exp, []byte(getRemote(q)+Cfg.Secret)) http.SetCookie(q.w, &http.Cookie{Name: "paqu-auth", Value: au, Path: cookiepath, Expires: exp}) } }
// SetCookie signs and writes the cookie value. func SetCookie(w http.ResponseWriter, r *http.Request, name, value string) { sec := IsHttps(r) str := authcookie.New(value, time.Now().Add(time.Hour*24), secret) cookie := http.Cookie{ Name: name, Value: str, Path: "/", Domain: r.URL.Host, HttpOnly: true, Secure: sec, } http.SetCookie(w, &cookie) }
// SetUserCookieOpts creates a secure cookie for the given User and with the // specified cookie options. func SetUserCookieOpts(w http.ResponseWriter, cookie *http.Cookie, user User) { // default cookie expiration exp := time.Now().Add(Config.CookieExp) // generate cookie valid for 24 hours for user // the strings are quoted to ensure they aren't tampered with // TODO explore storing string as a URL Parameter String userStr := fmt.Sprintf("%q|%q|%q|%q|%q|%q|%q", user.Id(), user.Provider(), user.Name(), user.Email(), user.Link(), user.Picture(), user.Org()) // set the cookie's value cookie.Value = authcookie.New(userStr, exp, Config.CookieSecret) // set the cookie http.SetCookie(w, cookie) }
// SetUserCookie creates a secure cookie for the given username, indicating the // user is authenticated. func SetUserCookie(w http.ResponseWriter, r *http.Request, user string) { // cookie expires in 2 weeks exp := time.Now().Add(Config.CookieExp) // generate cookie valid for 24 hours for user value := authcookie.New(user, exp, Config.CookieSecret) cookie := http.Cookie{ Name: Config.CookieName, Value: value, Path: "/", Domain: r.URL.Host, } // if not a session cookie if Config.CookieMaxAge > 0 { cookie.Expires = exp cookie.MaxAge = Config.CookieMaxAge } http.SetCookie(w, &cookie) }
// Invite a new Team Member. func TeamMemberInvite(w http.ResponseWriter, r *http.Request, u *User) error { teamParam := r.FormValue(":team") mailParam := r.FormValue("email") team, err := database.GetTeamSlug(teamParam) if err != nil { return RenderError(w, err, http.StatusNotFound) } if member, _ := database.IsMemberAdmin(u.ID, team.ID); !member { return fmt.Errorf("Forbidden") } // generate a token that is valid for 3 days to join the team token := authcookie.New(strconv.Itoa(int(team.ID)), time.Now().Add(72*time.Hour), secret) // hostname from settings hostname := database.SettingsMust().URL().String() emailEnabled := database.SettingsMust().SmtpServer != "" if !emailEnabled { // Email is not enabled, so must let the user know the signup link link := fmt.Sprintf("%v/accept?token=%v", hostname, token) return RenderText(w, link, http.StatusOK) } // send the invitation data := struct { User *User Team *Team Token string Host string }{u, team, token, hostname} // send email async go mail.SendInvitation(team.Name, mailParam, &data) return RenderText(w, http.StatusText(http.StatusOK), http.StatusOK) }