Commit 7a7510cd authored by Lee Brown's avatar Lee Brown

Fixed web-app from breaking changes

parent 53b9424e
......@@ -68,7 +68,10 @@ func (h *Signup) Step1(ctx context.Context, w http.ResponseWriter, r *http.Reque
}
// Authenticated the new user.
token, err := user_auth.Authenticate(ctx, h.MasterDB, h.Authenticator, req.User.Email, req.User.Password, time.Hour, ctxValues.Now)
token, err := user_auth.Authenticate(ctx, h.MasterDB, h.Authenticator, user_auth.AuthenticateRequest{
Email: req.User.Email,
Password: req.User.Password,
}, time.Hour, ctxValues.Now)
if err != nil {
return false, err
}
......
......@@ -76,7 +76,10 @@ func (h *User) Login(ctx context.Context, w http.ResponseWriter, r *http.Request
}
// Authenticated the user.
token, err := user_auth.Authenticate(ctx, h.MasterDB, h.Authenticator, req.Email, req.Password, sessionTTL, ctxValues.Now)
token, err := user_auth.Authenticate(ctx, h.MasterDB, h.Authenticator, user_auth.AuthenticateRequest{
Email: req.Email,
Password: req.Password,
}, sessionTTL, ctxValues.Now)
if err != nil {
switch errors.Cause(err) {
case user.ErrForbidden:
......@@ -258,7 +261,10 @@ func (h *User) ResetConfirm(ctx context.Context, w http.ResponseWriter, r *http.
}
// Authenticated the user. Probably should use the default session TTL from UserLogin.
token, err := user_auth.Authenticate(ctx, h.MasterDB, h.Authenticator, u.Email, req.Password, time.Hour, ctxValues.Now)
token, err := user_auth.Authenticate(ctx, h.MasterDB, h.Authenticator, user_auth.AuthenticateRequest{
Email: u.Email,
Password: req.Password,
}, time.Hour, ctxValues.Now)
if err != nil {
if verr, ok := weberror.NewValidationError(ctx, err); ok {
data["validationErrors"] = verr.(*weberror.Error)
......
......@@ -670,7 +670,7 @@ func (h *Users) InviteAccept(ctx context.Context, w http.ResponseWriter, r *http
// Append the query param value to the request.
req.InviteHash = inviteHash
userID, err := invite.AcceptInvite(ctx, h.MasterDB, *req, h.SecretKey, ctxValues.Now)
hash, err := invite.AcceptInvite(ctx, h.MasterDB, *req, h.SecretKey, ctxValues.Now)
if err != nil {
switch errors.Cause(err) {
case invite.ErrInviteExpired:
......@@ -705,13 +705,17 @@ func (h *Users) InviteAccept(ctx context.Context, w http.ResponseWriter, r *http
}
// Load the user without any claims applied.
usr, err := user.ReadByID(ctx, auth.Claims{}, h.MasterDB, userID)
usr, err := user.ReadByID(ctx, auth.Claims{}, h.MasterDB, hash.UserID)
if err != nil {
return false, err
}
// Authenticated the user. Probably should use the default session TTL from UserLogin.
token, err := user_auth.Authenticate(ctx, h.MasterDB, h.Authenticator, usr.Email, req.Password, time.Hour, ctxValues.Now)
token, err := user_auth.Authenticate(ctx, h.MasterDB, h.Authenticator, user_auth.AuthenticateRequest{
Email: usr.Email,
Password: req.Password,
AccountID: hash.AccountID,
}, time.Hour, ctxValues.Now)
if err != nil {
if verr, ok := weberror.NewValidationError(ctx, err); ok {
data["validationErrors"] = verr.(*weberror.Error)
......
......@@ -181,7 +181,7 @@ func SendUserInvites(ctx context.Context, claims auth.Claims, dbConn *sqlx.DB, r
}
// AcceptInvite updates the user using the provided invite hash.
func AcceptInvite(ctx context.Context, dbConn *sqlx.DB, req AcceptInviteRequest, secretKey string, now time.Time) (string, error) {
func AcceptInvite(ctx context.Context, dbConn *sqlx.DB, req AcceptInviteRequest, secretKey string, now time.Time) (*InviteHash, error) {
span, ctx := tracer.StartSpanFromContext(ctx, "internal.user_account.invite.AcceptInvite")
defer span.Finish()
......@@ -190,24 +190,24 @@ func AcceptInvite(ctx context.Context, dbConn *sqlx.DB, req AcceptInviteRequest,
// Validate the request.
err := v.StructCtx(ctx, req)
if err != nil {
return "", err
return nil, err
}
hash, err := ParseInviteHash(ctx, secretKey, req.InviteHash, now)
if err != nil {
return "", err
return nil, err
}
u, err := user.Read(ctx, auth.Claims{}, dbConn,
user.UserReadRequest{ID: hash.UserID, IncludeArchived: true})
if err != nil {
return "", err
return nil, err
}
if u.ArchivedAt != nil && !u.ArchivedAt.Time.IsZero() {
err = user.Restore(ctx, auth.Claims{}, dbConn, user.UserRestoreRequest{ID: hash.UserID}, now)
if err != nil {
return "", err
return nil, err
}
}
......@@ -216,21 +216,21 @@ func AcceptInvite(ctx context.Context, dbConn *sqlx.DB, req AcceptInviteRequest,
AccountID: hash.AccountID,
})
if err != nil {
return "", nil
return nil, nil
}
// Ensure the entry has the status of invited.
if usrAcc.Status != user_account.UserAccountStatus_Invited {
// If the entry is already active
if usrAcc.Status == user_account.UserAccountStatus_Active {
return u.ID, errors.WithStack(ErrUserAccountActive)
return hash, errors.WithStack(ErrUserAccountActive)
}
return "", errors.WithStack(ErrNoPendingInvite)
return nil, errors.WithStack(ErrNoPendingInvite)
}
if len(u.PasswordHash) > 0 {
// Do not update the password for a user that already has a password set.
return "", errors.WithStack(ErrInviteUserPasswordSet)
return nil, errors.WithStack(ErrInviteUserPasswordSet)
}
// These two calls, user.Update and user.UpdatePassword should probably be in a transaction!
......@@ -242,7 +242,7 @@ func AcceptInvite(ctx context.Context, dbConn *sqlx.DB, req AcceptInviteRequest,
Timezone: req.Timezone,
}, now)
if err != nil {
return "", err
return nil, err
}
err = user.UpdatePassword(ctx, auth.Claims{}, dbConn, user.UserUpdatePasswordRequest{
......@@ -251,7 +251,7 @@ func AcceptInvite(ctx context.Context, dbConn *sqlx.DB, req AcceptInviteRequest,
PasswordConfirm: req.PasswordConfirm,
}, now)
if err != nil {
return "", err
return nil, err
}
activeStatus := user_account.UserAccountStatus_Active
......@@ -261,8 +261,8 @@ func AcceptInvite(ctx context.Context, dbConn *sqlx.DB, req AcceptInviteRequest,
Status: &activeStatus,
}, now)
if err != nil {
return "", err
return nil, err
}
return hash.UserID, nil
return hash, nil
}
......@@ -192,12 +192,9 @@ func TestSendUserInvites(t *testing.T) {
// Assuming we have received the email and clicked the link, we now can ensure accept works.
for idx, inviteHash := range inviteHashes {
type expectRes struct {
UserID string `json:"user_id" validate:"required,uuid"`
}
var res expectRes
newPass := uuid.NewRandom().String()
res.UserID, err = AcceptInvite(ctx, test.MasterDB, AcceptInviteRequest{
hash, err := AcceptInvite(ctx, test.MasterDB, AcceptInviteRequest{
InviteHash: inviteHash,
Email: inviteEmails[idx],
FirstName: "Foo",
......@@ -211,7 +208,14 @@ func TestSendUserInvites(t *testing.T) {
}
// Validate the result.
err := webcontext.Validator().StructCtx(ctx, res)
var res = struct {
UserID string `validate:"required,uuid"`
AccountID string `validate:"required,uuid"`
}{
UserID: hash.UserID,
AccountID: hash.AccountID,
}
err = webcontext.Validator().StructCtx(ctx, res)
if err != nil {
t.Log("\t\tGot :", err)
t.Fatalf("\t%s\tInviteAccept failed.", tests.Failed)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment