zrok/controller/invite.go

package controller

import (
	"github.com/go-openapi/runtime/middleware"
	"github.com/openziti/zrok/controller/config"
	"github.com/openziti/zrok/controller/store"
	"github.com/openziti/zrok/rest_server_zrok/operations/account"
	"github.com/openziti/zrok/util"
	"github.com/sirupsen/logrus"
)

type inviteHandler struct {
	cfg *config.Config
}

func newInviteHandler(cfg *config.Config) *inviteHandler {
	return &inviteHandler{
		cfg: cfg,
	}
}

func (h *inviteHandler) Handle(params account.InviteParams) middleware.Responder {
	if h.cfg.Invites == nil || !h.cfg.Invites.InvitesOpen {
		logrus.Warnf("not accepting invites; attempt from '%v'", params.Body.Email)
		return account.NewInviteBadRequest()
	}
	if params.Body == nil || params.Body.Email == "" {
		logrus.Errorf("missing email")
		return account.NewInviteBadRequest()
	}
	if !util.IsValidEmail(params.Body.Email) {
		logrus.Errorf("'%v' is not a valid email address", params.Body.Email)
		return account.NewInviteBadRequest()
	}
	logrus.Infof("received account request for email '%v'", params.Body.Email)
	var token string

	tx, err := str.Begin()
	if err != nil {
		logrus.Error(err)
		return account.NewInviteInternalServerError()
	}
	defer func() { _ = tx.Rollback() }()

	if h.cfg.Invites != nil && h.cfg.Invites.TokenStrategy == "store" {
		inviteToken, err := str.FindInviteTokenByToken(params.Body.Token, tx)
		if err != nil {
			logrus.Errorf("cannot get invite token '%v' for '%v': %v", params.Body.Token, params.Body.Email, err)
			return account.NewInviteBadRequest().WithPayload("missing invite token")
		}
		if err := str.DeleteInviteToken(inviteToken.Id, tx); err != nil {
			logrus.Error(err)
			return account.NewInviteInternalServerError()
		}
		logrus.Infof("using invite token '%v' to process invite request for '%v'", inviteToken.Token, params.Body.Email)
	}

	token, err = createToken()
	if err != nil {
		logrus.Error(err)
		return account.NewInviteInternalServerError()
	}
	ar := &store.AccountRequest{
		Token:         token,
		Email:         params.Body.Email,
		SourceAddress: params.HTTPRequest.RemoteAddr,
	}

	// deleted accounts still exist as far as invites are concerned (ignore deleted flag)
	if _, err := str.FindAccountWithEmailAndDeleted(params.Body.Email, tx); err == nil {
		logrus.Errorf("found account for '%v', cannot process account request", params.Body.Email)
		return account.NewInviteBadRequest().WithPayload("duplicate email found")
	} else {
		logrus.Infof("no account found for '%v': %v", params.Body.Email, err)
	}

	if oldAr, err := str.FindAccountRequestWithEmail(params.Body.Email, tx); err == nil {
		logrus.Warnf("found previous account request for '%v', removing", params.Body.Email)
		if err := str.DeleteAccountRequest(oldAr.Id, tx); err != nil {
			logrus.Errorf("error deleteing previous account request for '%v': %v", params.Body.Email, err)
			return account.NewInviteInternalServerError()
		}
	} else {
		logrus.Warnf("error finding previous account request for '%v': %v", params.Body.Email, err)
	}

	if _, err := str.CreateAccountRequest(ar, tx); err != nil {
		logrus.Errorf("error creating account request for '%v': %v", params.Body.Email, err)
		return account.NewInviteInternalServerError()
	}
	if err := tx.Commit(); err != nil {
		logrus.Errorf("error committing account request for '%v': %v", params.Body.Email, err)
		return account.NewInviteInternalServerError()
	}

	if cfg.Email != nil && cfg.Registration != nil {
		if err := sendVerificationEmail(params.Body.Email, token); err != nil {
			logrus.Errorf("error sending verification email for '%v': %v", params.Body.Email, err)
			return account.NewInviteInternalServerError()
		}
	} else {
		logrus.Errorf("'email' and 'registration' configuration missing; skipping registration email")
	}

	logrus.Infof("account request for '%v' has registration token '%v'", params.Body.Email, ar.Token)

	return account.NewInviteCreated()
}
skeleton bits for zrok enable 2022-07-25 23:05:44 +02:00			`package controller`

			`import (`
			`"github.com/go-openapi/runtime/middleware"`
consolidated configuration; 'zrok metrics' and 'zrok ctrl' share config (#269) 2023-03-13 19:19:38 +01:00			`"github.com/openziti/zrok/controller/config"`
openziti-rest-kitchen -> openziti (#158) 2023-01-13 21:01:34 +01:00			`"github.com/openziti/zrok/controller/store"`
			`"github.com/openziti/zrok/rest_server_zrok/operations/account"`
			`"github.com/openziti/zrok/util"`
skeleton bits for zrok enable 2022-07-25 23:05:44 +02:00			`"github.com/sirupsen/logrus"`
			`)`

api namespace/naming polish 2022-11-30 17:43:00 +01:00			`type inviteHandler struct {`
consolidated configuration; 'zrok metrics' and 'zrok ctrl' share config (#269) 2023-03-13 19:19:38 +01:00			`cfg *config.Config`
multi-path account create logic (#50, #51) 2022-09-12 20:35:11 +02:00			`}`

consolidated configuration; 'zrok metrics' and 'zrok ctrl' share config (#269) 2023-03-13 19:19:38 +01:00			`func newInviteHandler(cfg config.Config) inviteHandler {`
initial rough pass for a stored token implementation 2023-01-09 18:00:37 +01:00			`return &inviteHandler{`
			`cfg: cfg,`
			`}`
multi-path account create logic (#50, #51) 2022-09-12 20:35:11 +02:00			`}`

controller logic respects store.Account.Deleted flag (#262) 2023-03-09 21:18:26 +01:00			`func (h *inviteHandler) Handle(params account.InviteParams) middleware.Responder {`
tweaks to invites configuration and processing (#229) 2023-05-23 20:21:37 +02:00			`if h.cfg.Invites == nil \|\| !h.cfg.Invites.InvitesOpen {`
lint 2023-05-23 20:30:24 +02:00			`logrus.Warnf("not accepting invites; attempt from '%v'", params.Body.Email)`
tweaks to invites configuration and processing (#229) 2023-05-23 20:21:37 +02:00			`return account.NewInviteBadRequest()`
			`}`
very rough, templatized html email verification (#50, #51) 2022-09-12 21:28:59 +02:00			`if params.Body == nil \|\| params.Body.Email == "" {`
			`logrus.Errorf("missing email")`
api namespace/naming polish 2022-11-30 17:43:00 +01:00			`return account.NewInviteBadRequest()`
very rough, templatized html email verification (#50, #51) 2022-09-12 21:28:59 +02:00			`}`
ensure supplied email addresses are valid at both the CLI and the API (#108) 2022-11-29 19:23:23 +01:00			`if !util.IsValidEmail(params.Body.Email) {`
			`logrus.Errorf("'%v' is not a valid email address", params.Body.Email)`
api namespace/naming polish 2022-11-30 17:43:00 +01:00			`return account.NewInviteBadRequest()`
ensure supplied email addresses are valid at both the CLI and the API (#108) 2022-11-29 19:23:23 +01:00			`}`
controller registration endpoint improvements (#50) 2022-09-20 22:01:46 +02:00			`logrus.Infof("received account request for email '%v'", params.Body.Email)`
initial rough pass for a stored token implementation 2023-01-09 18:00:37 +01:00			`var token string`
better, more resilient account request processing (#50) 2022-09-20 20:23:01 +02:00
initial rough pass for a stored token implementation 2023-01-09 18:00:37 +01:00			`tx, err := str.Begin()`
shortid (#79) 2022-10-18 21:21:53 +02:00			`if err != nil {`
			`logrus.Error(err)`
api namespace/naming polish 2022-11-30 17:43:00 +01:00			`return account.NewInviteInternalServerError()`
shortid (#79) 2022-10-18 21:21:53 +02:00			`}`
initial rough pass for a stored token implementation 2023-01-09 18:00:37 +01:00			`defer func() { _ = tx.Rollback() }()`

tweaks to invites configuration and processing (#229) 2023-05-23 20:21:37 +02:00			`if h.cfg.Invites != nil && h.cfg.Invites.TokenStrategy == "store" {`
soft deletes for invite_tokens (#262) 2023-03-10 17:10:48 +01:00			`inviteToken, err := str.FindInviteTokenByToken(params.Body.Token, tx)`
initial rough pass for a stored token implementation 2023-01-09 18:00:37 +01:00			`if err != nil {`
logging improvements 2023-01-12 21:01:34 +01:00			`logrus.Errorf("cannot get invite token '%v' for '%v': %v", params.Body.Token, params.Body.Email, err)`
controller logic respects store.Account.Deleted flag (#262) 2023-03-09 21:18:26 +01:00			`return account.NewInviteBadRequest().WithPayload("missing invite token")`
initial rough pass for a stored token implementation 2023-01-09 18:00:37 +01:00			`}`
logging improvements 2023-01-12 21:01:34 +01:00			`if err := str.DeleteInviteToken(inviteToken.Id, tx); err != nil {`
initial rough pass for a stored token implementation 2023-01-09 18:00:37 +01:00			`logrus.Error(err)`
			`return account.NewInviteInternalServerError()`
			`}`
logging improvements 2023-01-12 21:01:34 +01:00			`logrus.Infof("using invite token '%v' to process invite request for '%v'", inviteToken.Token, params.Body.Email)`
initial rough pass for a stored token implementation 2023-01-09 18:00:37 +01:00			`}`
pr comments 2023-01-09 20:23:02 +01:00
			`token, err = createToken()`
			`if err != nil {`
			`logrus.Error(err)`
			`return account.NewInviteInternalServerError()`
			`}`
working, tested verify endpoint (#50) 2022-09-19 22:26:54 +02:00			`ar := &store.AccountRequest{`
			`Token: token,`
			`Email: params.Body.Email,`
			`SourceAddress: params.HTTPRequest.RemoteAddr,`
			`}`
better, more resilient account request processing (#50) 2022-09-20 20:23:01 +02:00
controller logic respects store.Account.Deleted flag (#262) 2023-03-09 21:18:26 +01:00			`// deleted accounts still exist as far as invites are concerned (ignore deleted flag)`
better finder behavior (#262) 2023-03-10 16:57:59 +01:00			`if _, err := str.FindAccountWithEmailAndDeleted(params.Body.Email, tx); err == nil {`
better, more resilient account request processing (#50) 2022-09-20 20:23:01 +02:00			`logrus.Errorf("found account for '%v', cannot process account request", params.Body.Email)`
controller logic respects store.Account.Deleted flag (#262) 2023-03-09 21:18:26 +01:00			`return account.NewInviteBadRequest().WithPayload("duplicate email found")`
better, more resilient account request processing (#50) 2022-09-20 20:23:01 +02:00			`} else {`
			`logrus.Infof("no account found for '%v': %v", params.Body.Email, err)`
			`}`

better finder behavior (#262) 2023-03-10 16:57:59 +01:00			`if oldAr, err := str.FindAccountRequestWithEmail(params.Body.Email, tx); err == nil {`
better, more resilient account request processing (#50) 2022-09-20 20:23:01 +02:00			`logrus.Warnf("found previous account request for '%v', removing", params.Body.Email)`
			`if err := str.DeleteAccountRequest(oldAr.Id, tx); err != nil {`
			`logrus.Errorf("error deleteing previous account request for '%v': %v", params.Body.Email, err)`
api namespace/naming polish 2022-11-30 17:43:00 +01:00			`return account.NewInviteInternalServerError()`
better, more resilient account request processing (#50) 2022-09-20 20:23:01 +02:00			`}`
			`} else {`
			`logrus.Warnf("error finding previous account request for '%v': %v", params.Body.Email, err)`
			`}`

working, tested verify endpoint (#50) 2022-09-19 22:26:54 +02:00			`if _, err := str.CreateAccountRequest(ar, tx); err != nil {`
verify/register ui improvements (#50) 2022-09-20 22:27:18 +02:00			`logrus.Errorf("error creating account request for '%v': %v", params.Body.Email, err)`
api namespace/naming polish 2022-11-30 17:43:00 +01:00			`return account.NewInviteInternalServerError()`
working, tested verify endpoint (#50) 2022-09-19 22:26:54 +02:00			`}`
			`if err := tx.Commit(); err != nil {`
verify/register ui improvements (#50) 2022-09-20 22:27:18 +02:00			`logrus.Errorf("error committing account request for '%v': %v", params.Body.Email, err)`
api namespace/naming polish 2022-11-30 17:43:00 +01:00			`return account.NewInviteInternalServerError()`
working, tested verify endpoint (#50) 2022-09-19 22:26:54 +02:00			`}`
better, more resilient account request processing (#50) 2022-09-20 20:23:01 +02:00
more slickness tweaks for demonstration purposes 2022-12-07 18:24:00 +01:00			`if cfg.Email != nil && cfg.Registration != nil {`
			`if err := sendVerificationEmail(params.Body.Email, token); err != nil {`
			`logrus.Errorf("error sending verification email for '%v': %v", params.Body.Email, err)`
			`return account.NewInviteInternalServerError()`
			`}`
			`} else {`
			`logrus.Errorf("'email' and 'registration' configuration missing; skipping registration email")`
better, more resilient account request processing (#50) 2022-09-20 20:23:01 +02:00			`}`

logging improvements {for operational reasons} (#50) 2022-09-20 22:38:20 +02:00			`logrus.Infof("account request for '%v' has registration token '%v'", params.Body.Email, ar.Token)`

more naming refactoring 'name' -> 'token' (#119) 2022-11-30 18:46:19 +01:00			`return account.NewInviteCreated()`
multi-path account create logic (#50, #51) 2022-09-12 20:35:11 +02:00			`}`