Welcome page on first login or after password change

2024-12-22 13:00:05 +01:00 · 2024-12-22 13:00:05 +01:00 · eb02ba5ba5
commit eb02ba5ba5
parent 16ca31f27a
7 changed files with 230 additions and 6 deletions
--- a/controllers/welcome.go
+++ b/controllers/welcome.go
@ -0,0 +1,119 @@
+package controllers
+
+import (
+	"fmt"
+	"strings"
+
+	"git.readonly.ch/bouzoure/popvaud-people/helpers"
+	"git.readonly.ch/bouzoure/popvaud-people/models"
+	"github.com/go-playground/validator"
+	"github.com/gofiber/fiber/v2"
+)
+
+type WelcomeValidation struct {
+	Email          string `validate:"required,min=6,max=100,email"`
+	Name           string `validate:"required,min=2,max=100"`
+	Password       string `validate:"required,min=12,max=100"`
+	PasswordVerify string `validate:"required,eqfield=Password"`
+}
+
+func WelcomePage(c *fiber.Ctx) error {
+	db, err := helpers.GetDatabase()
+	if err != nil {
+		return err
+	}
+
+	userid, err := helpers.GetSessionUserId(c)
+	if err != nil {
+		return err
+	}
+
+	var user models.User
+	result := db.First(&user, "id = ?", userid)
+
+	if result.Error != nil {
+		return err
+	}
+
+	if user.SkipWelcome {
+		return fiber.NewError(fiber.StatusForbidden, "Forbidden")
+	}
+
+	var formErrors []string
+	emailUpdate := user.Email == "admin@invalid.tld"
+
+	if c.Method() == "POST" {
+		data := WelcomeValidation{
+			Email:          c.FormValue("email", user.Email),
+			Name:           c.FormValue("name"),
+			Password:       c.FormValue("password"),
+			PasswordVerify: c.FormValue("password-verify"),
+		}
+
+		validate := validator.New()
+		validErrs := validate.Struct(data)
+
+		user.Email = data.Email
+		user.Name = data.Name
+
+		if validErrs == nil {
+			passwordHash, err := helpers.HashPassword(data.Password)
+			if err != nil {
+				return err
+			}
+
+			user.Password = passwordHash
+			user.SkipWelcome = true
+
+			result = db.Save(&user)
+			if result.Error != nil {
+				return err
+			}
+
+			redirectId := c.Query("redirect")
+			redirectUrl := "/"
+
+			if len(redirectId) > 0 {
+				sess, err := helpers.GetSessionStore(c)
+				if err != nil {
+					return err
+				}
+
+				redirectKey := fmt.Sprintf("redirect-%s", redirectId)
+				redirectVal := sess.Get(redirectKey)
+
+				if redirectVal != nil {
+					redirectUrl = redirectVal.(string)
+				}
+			}
+
+			return c.Redirect(redirectUrl)
+		} else {
+			for _, validErr := range validErrs.(validator.ValidationErrors) {
+				if validErr.Field() == "Email" {
+					formErrors = append(formErrors, "L'adresse email doit être valide.")
+				}
+
+				if validErr.Field() == "Name" {
+					formErrors = append(formErrors, "Le nom doit contenir entre 2 et 100 caractères.")
+				}
+
+				if validErr.Field() == "Password" {
+					formErrors = append(formErrors, "Le mot de passe doit contenir entre 12 et 100 caractères.")
+				}
+
+				if validErr.Field() == "PasswordVerify" {
+					formErrors = append(formErrors, "Les mots de passe doivent correspondre.")
+				}
+			}
+		}
+	}
+
+	return c.Render("welcome", fiber.Map{
+		"PageTitle":   "Paramètres du compte",
+		"Email":       user.Email,
+		"Name":        user.Name,
+		"EmailUpdate": emailUpdate,
+		"FormErrors":  strings.Join(formErrors, "<br>"),
+	}, "layouts/main")
+}