zrok/controller/invite.go

109 lines
3.8 KiB
Go
Raw Normal View History

2022-07-25 23:05:44 +02:00
package controller
import (
"github.com/go-openapi/runtime/middleware"
"github.com/openziti/zrok/controller/config"
"github.com/openziti/zrok/controller/store"
"github.com/openziti/zrok/rest_server_zrok/operations/account"
"github.com/openziti/zrok/util"
2022-07-25 23:05:44 +02:00
"github.com/sirupsen/logrus"
)
2022-11-30 17:43:00 +01:00
type inviteHandler struct {
cfg *config.Config
}
func newInviteHandler(cfg *config.Config) *inviteHandler {
return &inviteHandler{
cfg: cfg,
}
}
func (h *inviteHandler) Handle(params account.InviteParams) middleware.Responder {
if h.cfg.Invites == nil || !h.cfg.Invites.InvitesOpen {
2023-05-23 20:30:24 +02:00
logrus.Warnf("not accepting invites; attempt from '%v'", params.Body.Email)
return account.NewInviteBadRequest()
}
if params.Body == nil || params.Body.Email == "" {
logrus.Errorf("missing email")
2022-11-30 17:43:00 +01:00
return account.NewInviteBadRequest()
}
if !util.IsValidEmail(params.Body.Email) {
logrus.Errorf("'%v' is not a valid email address", params.Body.Email)
2022-11-30 17:43:00 +01:00
return account.NewInviteBadRequest()
}
logrus.Infof("received account request for email '%v'", params.Body.Email)
var token string
tx, err := str.Begin()
2022-10-18 21:21:53 +02:00
if err != nil {
logrus.Error(err)
2022-11-30 17:43:00 +01:00
return account.NewInviteInternalServerError()
2022-10-18 21:21:53 +02:00
}
defer func() { _ = tx.Rollback() }()
if h.cfg.Invites != nil && h.cfg.Invites.TokenStrategy == "store" {
2023-03-10 17:10:48 +01:00
inviteToken, err := str.FindInviteTokenByToken(params.Body.Token, tx)
if err != nil {
2023-01-12 21:01:34 +01:00
logrus.Errorf("cannot get invite token '%v' for '%v': %v", params.Body.Token, params.Body.Email, err)
return account.NewInviteBadRequest().WithPayload("missing invite token")
}
2023-01-12 21:01:34 +01:00
if err := str.DeleteInviteToken(inviteToken.Id, tx); err != nil {
logrus.Error(err)
return account.NewInviteInternalServerError()
}
2023-01-12 21:01:34 +01:00
logrus.Infof("using invite token '%v' to process invite request for '%v'", inviteToken.Token, params.Body.Email)
}
2023-01-09 20:23:02 +01:00
2024-01-30 18:59:56 +01:00
token, err = CreateToken()
2023-01-09 20:23:02 +01:00
if err != nil {
logrus.Error(err)
return account.NewInviteInternalServerError()
}
2022-09-19 22:26:54 +02:00
ar := &store.AccountRequest{
Token: token,
Email: params.Body.Email,
SourceAddress: params.HTTPRequest.RemoteAddr,
}
// deleted accounts still exist as far as invites are concerned (ignore deleted flag)
2023-03-10 16:57:59 +01:00
if _, err := str.FindAccountWithEmailAndDeleted(params.Body.Email, tx); err == nil {
logrus.Errorf("found account for '%v', cannot process account request", params.Body.Email)
return account.NewInviteBadRequest().WithPayload("duplicate email found")
} else {
logrus.Infof("no account found for '%v': %v", params.Body.Email, err)
}
2023-03-10 16:57:59 +01:00
if oldAr, err := str.FindAccountRequestWithEmail(params.Body.Email, tx); err == nil {
logrus.Warnf("found previous account request for '%v', removing", params.Body.Email)
if err := str.DeleteAccountRequest(oldAr.Id, tx); err != nil {
logrus.Errorf("error deleting previous account request for '%v': %v", params.Body.Email, err)
2022-11-30 17:43:00 +01:00
return account.NewInviteInternalServerError()
}
} else {
logrus.Warnf("error finding previous account request for '%v': %v", params.Body.Email, err)
}
2022-09-19 22:26:54 +02:00
if _, err := str.CreateAccountRequest(ar, tx); err != nil {
2022-09-20 22:27:18 +02:00
logrus.Errorf("error creating account request for '%v': %v", params.Body.Email, err)
2022-11-30 17:43:00 +01:00
return account.NewInviteInternalServerError()
2022-09-19 22:26:54 +02:00
}
if err := tx.Commit(); err != nil {
2022-09-20 22:27:18 +02:00
logrus.Errorf("error committing account request for '%v': %v", params.Body.Email, err)
2022-11-30 17:43:00 +01:00
return account.NewInviteInternalServerError()
2022-09-19 22:26:54 +02:00
}
if cfg.Email != nil && cfg.Registration != nil {
if err := sendVerificationEmail(params.Body.Email, token); err != nil {
logrus.Errorf("error sending verification email for '%v': %v", params.Body.Email, err)
return account.NewInviteInternalServerError()
}
} else {
logrus.Errorf("'email' and 'registration' configuration missing; skipping registration email")
}
logrus.Infof("account request for '%v' has registration token '%v'", params.Body.Email, ar.Token)
return account.NewInviteCreated()
}