Refactor server code (#407)

2025-07-11 10:21:50 +02:00 · 2025-01-20 01:57:39 +01:00
parent 4c5a7bda63
commit f935ee1a7e
69 changed files with 4357 additions and 3337 deletions
--- a/internal/web/handlers/settings/account.go
+++ b/internal/web/handlers/settings/account.go
@ -0,0 +1,88 @@
+package settings
+
+import (
+	"crypto/md5"
+	"fmt"
+	"github.com/thomiceli/opengist/internal/config"
+	"github.com/thomiceli/opengist/internal/db"
+	"github.com/thomiceli/opengist/internal/git"
+	"github.com/thomiceli/opengist/internal/i18n"
+	"github.com/thomiceli/opengist/internal/validator"
+	"github.com/thomiceli/opengist/internal/web/context"
+	"os"
+	"path/filepath"
+	"strings"
+	"time"
+)
+
+func EmailProcess(ctx *context.Context) error {
+	user := ctx.User
+	email := ctx.FormValue("email")
+	var hash string
+
+	if email == "" {
+		// generate random md5 string
+		hash = fmt.Sprintf("%x", md5.Sum([]byte(time.Now().String())))
+	} else {
+		hash = fmt.Sprintf("%x", md5.Sum([]byte(strings.ToLower(strings.TrimSpace(email)))))
+	}
+
+	user.Email = strings.ToLower(email)
+	user.MD5Hash = hash
+
+	if err := user.Update(); err != nil {
+		return ctx.ErrorRes(500, "Cannot update email", err)
+	}
+
+	ctx.AddFlash(ctx.Tr("flash.user.email-updated"), "success")
+	return ctx.RedirectTo("/settings")
+}
+
+func AccountDeleteProcess(ctx *context.Context) error {
+	user := ctx.User
+
+	if err := user.Delete(); err != nil {
+		return ctx.ErrorRes(500, "Cannot delete this user", err)
+	}
+
+	return ctx.RedirectTo("/all")
+}
+
+func UsernameProcess(ctx *context.Context) error {
+	user := ctx.User
+
+	dto := new(db.UserDTO)
+	if err := ctx.Bind(dto); err != nil {
+		return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
+	}
+	dto.Password = user.Password
+
+	if err := ctx.Validate(dto); err != nil {
+		ctx.AddFlash(validator.ValidationMessages(&err, ctx.GetData("locale").(*i18n.Locale)), "error")
+		return ctx.RedirectTo("/settings")
+	}
+
+	if exists, err := db.UserExists(dto.Username); err != nil || exists {
+		ctx.AddFlash(ctx.Tr("flash.auth.username-exists"), "error")
+		return ctx.RedirectTo("/settings")
+	}
+
+	sourceDir := filepath.Join(config.GetHomeDir(), git.ReposDirectory, strings.ToLower(user.Username))
+	destinationDir := filepath.Join(config.GetHomeDir(), git.ReposDirectory, strings.ToLower(dto.Username))
+
+	if _, err := os.Stat(sourceDir); !os.IsNotExist(err) {
+		err := os.Rename(sourceDir, destinationDir)
+		if err != nil {
+			return ctx.ErrorRes(500, "Cannot rename user directory", err)
+		}
+	}
+
+	user.Username = dto.Username
+
+	if err := user.Update(); err != nil {
+		return ctx.ErrorRes(500, "Cannot update username", err)
+	}
+
+	ctx.AddFlash(ctx.Tr("flash.user.username-updated"), "success")
+	return ctx.RedirectTo("/settings")
+}
--- a/internal/web/handlers/settings/auth.go
+++ b/internal/web/handlers/settings/auth.go
@ -0,0 +1,58 @@
+package settings
+
+import (
+	passwordpkg "github.com/thomiceli/opengist/internal/auth/password"
+	"github.com/thomiceli/opengist/internal/db"
+	"github.com/thomiceli/opengist/internal/i18n"
+	"github.com/thomiceli/opengist/internal/validator"
+	"github.com/thomiceli/opengist/internal/web/context"
+	"strconv"
+)
+
+func PasskeyDelete(ctx *context.Context) error {
+	user := ctx.User
+	keyId, err := strconv.Atoi(ctx.Param("id"))
+	if err != nil {
+		return ctx.RedirectTo("/settings")
+	}
+
+	passkey, err := db.GetCredentialByIDDB(uint(keyId))
+	if err != nil || passkey.UserID != user.ID {
+		return ctx.RedirectTo("/settings")
+	}
+
+	if err := passkey.Delete(); err != nil {
+		return ctx.ErrorRes(500, "Cannot delete passkey", err)
+	}
+
+	ctx.AddFlash(ctx.Tr("flash.auth.passkey-deleted"), "success")
+	return ctx.RedirectTo("/settings")
+}
+
+func PasswordProcess(ctx *context.Context) error {
+	user := ctx.User
+
+	dto := new(db.UserDTO)
+	if err := ctx.Bind(dto); err != nil {
+		return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
+	}
+	dto.Username = user.Username
+
+	if err := ctx.Validate(dto); err != nil {
+		ctx.AddFlash(validator.ValidationMessages(&err, ctx.GetData("locale").(*i18n.Locale)), "error")
+		return ctx.Html("settings.html")
+	}
+
+	password, err := passwordpkg.HashPassword(dto.Password)
+	if err != nil {
+		return ctx.ErrorRes(500, "Cannot hash password", err)
+	}
+	user.Password = password
+
+	if err = user.Update(); err != nil {
+		return ctx.ErrorRes(500, "Cannot update password", err)
+	}
+
+	ctx.AddFlash(ctx.Tr("flash.user.password-updated"), "success")
+	return ctx.RedirectTo("/settings")
+}
--- a/internal/web/handlers/settings/settings.go
+++ b/internal/web/handlers/settings/settings.go
@ -0,0 +1,34 @@
+package settings
+
+import (
+	"github.com/thomiceli/opengist/internal/db"
+	"github.com/thomiceli/opengist/internal/web/context"
+)
+
+func UserSettings(ctx *context.Context) error {
+	user := ctx.User
+
+	keys, err := db.GetSSHKeysByUserID(user.ID)
+	if err != nil {
+		return ctx.ErrorRes(500, "Cannot get SSH keys", err)
+	}
+
+	passkeys, err := db.GetAllCredentialsForUser(user.ID)
+	if err != nil {
+		return ctx.ErrorRes(500, "Cannot get WebAuthn credentials", err)
+	}
+
+	_, hasTotp, err := user.HasMFA()
+	if err != nil {
+		return ctx.ErrorRes(500, "Cannot get MFA status", err)
+	}
+
+	ctx.SetData("email", user.Email)
+	ctx.SetData("sshKeys", keys)
+	ctx.SetData("passkeys", passkeys)
+	ctx.SetData("hasTotp", hasTotp)
+	ctx.SetData("hasPassword", user.Password != "")
+	ctx.SetData("disableForm", ctx.GetData("DisableLoginForm"))
+	ctx.SetData("htmlTitle", ctx.TrH("settings"))
+	return ctx.Html("settings.html")
+}
--- a/internal/web/handlers/settings/sshkey.go
+++ b/internal/web/handlers/settings/sshkey.go
@ -0,0 +1,71 @@
+package settings
+
+import (
+	"github.com/thomiceli/opengist/internal/db"
+	"github.com/thomiceli/opengist/internal/i18n"
+	"github.com/thomiceli/opengist/internal/validator"
+	"github.com/thomiceli/opengist/internal/web/context"
+	"golang.org/x/crypto/ssh"
+	"strconv"
+	"strings"
+)
+
+func SshKeysProcess(ctx *context.Context) error {
+	user := ctx.User
+
+	dto := new(db.SSHKeyDTO)
+	if err := ctx.Bind(dto); err != nil {
+		return ctx.ErrorRes(400, ctx.Tr("error.cannot-bind-data"), err)
+	}
+
+	if err := ctx.Validate(dto); err != nil {
+		ctx.AddFlash(validator.ValidationMessages(&err, ctx.GetData("locale").(*i18n.Locale)), "error")
+		return ctx.RedirectTo("/settings")
+	}
+	key := dto.ToSSHKey()
+
+	key.UserID = user.ID
+
+	pubKey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(key.Content))
+	if err != nil {
+		ctx.AddFlash(ctx.Tr("flash.user.invalid-ssh-key"), "error")
+		return ctx.RedirectTo("/settings")
+	}
+	key.Content = strings.TrimSpace(string(ssh.MarshalAuthorizedKey(pubKey)))
+
+	if exists, err := db.SSHKeyDoesExists(key.Content); exists {
+		if err != nil {
+			return ctx.ErrorRes(500, "Cannot check if SSH key exists", err)
+		}
+		ctx.AddFlash(ctx.Tr("settings.ssh-key-exists"), "error")
+		return ctx.RedirectTo("/settings")
+	}
+
+	if err := key.Create(); err != nil {
+		return ctx.ErrorRes(500, "Cannot add SSH key", err)
+	}
+
+	ctx.AddFlash(ctx.Tr("flash.user.ssh-key-added"), "success")
+	return ctx.RedirectTo("/settings")
+}
+
+func SshKeysDelete(ctx *context.Context) error {
+	user := ctx.User
+	keyId, err := strconv.Atoi(ctx.Param("id"))
+	if err != nil {
+		return ctx.RedirectTo("/settings")
+	}
+
+	key, err := db.GetSSHKeyByID(uint(keyId))
+
+	if err != nil || key.UserID != user.ID {
+		return ctx.RedirectTo("/settings")
+	}
+
+	if err := key.Delete(); err != nil {
+		return ctx.ErrorRes(500, "Cannot delete SSH key", err)
+	}
+
+	ctx.AddFlash(ctx.Tr("flash.user.ssh-key-deleted"), "success")
+	return ctx.RedirectTo("/settings")
+}