Manage user account

2025-01-05 14:44:05 +01:00 · 2025-01-05 14:44:05 +01:00 · 5adc01baff
commit 5adc01baff
parent 749e179c32
4 changed files with 297 additions and 0 deletions
--- a/controllers/account.go
+++ b/controllers/account.go
@ -0,0 +1,139 @@
+package controllers
+
+import (
+	"git.readonly.ch/bouzoure/popvaud-people/helpers"
+	"git.readonly.ch/bouzoure/popvaud-people/models"
+	"github.com/go-playground/validator"
+	"github.com/gofiber/fiber/v2"
+)
+
+type AccountManageValidation struct {
+	Email          string `validate:"required,min=6,max=100,email"`
+	Name           string `validate:"required,min=2,max=100"`
+	Password       string `validate:"required,min=10,max=100"`
+	PasswordVerify string `validate:"required,eqfield=Password"`
+}
+
+func AccountManage(c *fiber.Ctx) error {
+	id, err := helpers.GetSessionUserId(c)
+	if err != nil {
+		return err
+	}
+
+	db, err := helpers.GetDatabase()
+	if err != nil {
+		return err
+	}
+
+	var user models.User
+	result := db.Find(&user, "id = ?", id)
+
+	if result.Error != nil {
+		return result.Error
+	}
+
+	var errors []string
+	if c.Method() == "POST" {
+		data := WelcomeValidation{
+			Email:          c.FormValue("email", user.Email),
+			Name:           c.FormValue("name"),
+			Password:       c.FormValue("password"),
+			PasswordVerify: c.FormValue("password-verify"),
+		}
+
+		validate := validator.New()
+		validErrs := validate.Struct(data)
+
+		if validErrs != nil {
+			for _, validErr := range validErrs.(validator.ValidationErrors) {
+				switch validErr.Field() {
+				case "Email":
+					errors = append(errors, "L'adresse email doit être valide")
+				case "Name":
+					errors = append(errors, "Le nom doit contenir entre 2 et 100 caractères")
+				case "Password":
+					if len(data.Password) > 0 {
+						errors = append(errors, "Le mot de passe doit contenir entre 10 et 100 caractères")
+					}
+				case "PasswordVerify":
+					if len(data.Password) > 0 {
+						errors = append(errors, "Les mots de passe doivent correspondre")
+					}
+				}
+			}
+		}
+
+		user.SkipWelcome = true
+		user.Name = data.Name
+		user.Email = data.Email
+
+		var usersEmail []models.User
+		result := db.Find(&usersEmail, "email = ? AND id <> ?", user.Email, user.ID)
+		if result.Error != nil {
+			return result.Error
+		}
+
+		if result.RowsAffected > 0 {
+			errors = append(errors, "L'adresse email est déjà utilisée par un autre utilisateur")
+		}
+
+		if len(data.Password) > 0 {
+			passwordHash, err := helpers.HashPassword(data.Password)
+			if err != nil {
+				return err
+			}
+
+			user.Password = passwordHash
+		}
+
+		if len(errors) == 0 {
+			result = db.Save(&user)
+			if result.Error != nil {
+				return result.Error
+			} else {
+				c.Redirect("/account/manage")
+			}
+		}
+	}
+
+	return c.Render("account_manage", fiber.Map{
+		"PageTitle": "Gérer mon compte utilisateur",
+		"User":      user,
+		"Errors":    errors,
+	})
+}
+
+func AccountTotp(c *fiber.Ctx) error {
+	id, err := helpers.GetSessionUserId(c)
+	if err != nil {
+		return err
+	}
+
+	db, err := helpers.GetDatabase()
+	if err != nil {
+		return err
+	}
+
+	var user models.User
+	result := db.Find(&user, "id = ?", id)
+
+	if result.Error != nil {
+		return result.Error
+	}
+
+	if c.Method() == "POST" && c.FormValue("reset_totp") == "on" {
+		user.TotpSecret.Valid = false
+
+		result = db.Save(&user)
+		if result.Error != nil {
+			return result.Error
+		} else {
+			c.Redirect("/account/totp")
+		}
+	}
+
+	return c.Render("account_totp", fiber.Map{
+		"PageTitle": "Gérer multifacteur (TOTP)",
+		"User":      user,
+	})
+}