commit 8f5bcee386acbf1116a818cd19e398b4d858197b · veryroundbird.house/core

appview/db/db.go

···

       202
       202
        
       			email text not null,

     

       203
       203
        
       			verified integer not null default 0,

     

       204
       204
        
       			verification_code text not null,

     

       205
       205
       +
       			last_sent text not null default (strftime('%Y-%m-%dT%H:%M:%SZ', 'now')),

     

       205
       206
        
       			is_primary integer not null default 0,

     

       206
       207
        
       			created text not null default (strftime('%Y-%m-%dT%H:%M:%SZ', 'now')),

     

       207
       208
        
       			unique(did, email)

+51 -6

appview/db/email.go

···

       12
       12
        
       	Verified         bool

     

       13
       13
        
       	Primary          bool

     

       14
       14
        
       	VerificationCode string

     

       15
       15
       +
       	LastSent         *time.Time

     

       15
       16
        
       	CreatedAt        time.Time

     

       16
       17
        
       }

     

       17
       18
        
       

     

       18
       19
        
       func GetPrimaryEmail(e Execer, did string) (Email, error) {

     

       19
       20
        
       	query := `

     

       20
       20
       -
       		select id, did, email, verified, is_primary, verification_code, created

     

       21
       21
       +
       		select id, did, email, verified, is_primary, verification_code, last_sent, created

     

       21
       22
        
       		from emails

     

       22
       23
        
       		where did = ? and is_primary = true

     

       23
       24
        
       	`

     

       24
       25
        
       	var email Email

     

       25
       26
        
       	var createdStr string

     

       26
       26
       -
       	err := e.QueryRow(query, did).Scan(&email.ID, &email.Did, &email.Address, &email.Verified, &email.Primary, &email.VerificationCode, &createdStr)

     

       27
       27
       +
       	var lastSent *string

     

       28
       28
       +
       	err := e.QueryRow(query, did).Scan(&email.ID, &email.Did, &email.Address, &email.Verified, &email.Primary, &email.VerificationCode, &lastSent, &createdStr)

     

       27
       29
        
       	if err != nil {

     

       28
       30
        
       		return Email{}, err

     

       29
       31
        
       	}

     

       30
       32
        
       	email.CreatedAt, err = time.Parse(time.RFC3339, createdStr)

     

       31
       33
        
       	if err != nil {

     

       32
       34
        
       		return Email{}, err

     

       35
       35
       +
       	}

     

       36
       36
       +
       	if lastSent != nil {

     

       37
       37
       +
       		parsedTime, err := time.Parse(time.RFC3339, *lastSent)

     

       38
       38
       +
       		if err != nil {

     

       39
       39
       +
       			return Email{}, err

     

       40
       40
       +
       		}

     

       41
       41
       +
       		email.LastSent = &parsedTime

     

       33
       42
        
       	}

     

       34
       43
        
       	return email, nil

     

       35
       44
        
       }

     

       36
       45
        
       

     

       37
       46
        
       func GetEmail(e Execer, did string, em string) (Email, error) {

     

       38
       47
        
       	query := `

     

       39
       39
       -
       		select id, did, email, verified, is_primary, verification_code, created

     

       48
       48
       +
       		select id, did, email, verified, is_primary, verification_code, last_sent, created

     

       40
       49
        
       		from emails

     

       41
       50
        
       		where did = ? and email = ?

     

       42
       51
        
       	`

     

       43
       52
        
       	var email Email

     

       44
       53
        
       	var createdStr string

     

       45
       45
       -
       	err := e.QueryRow(query, did, em).Scan(&email.ID, &email.Did, &email.Address, &email.Verified, &email.Primary, &email.VerificationCode, &createdStr)

     

       54
       54
       +
       	var lastSent *string

     

       55
       55
       +
       	err := e.QueryRow(query, did, em).Scan(&email.ID, &email.Did, &email.Address, &email.Verified, &email.Primary, &email.VerificationCode, &lastSent, &createdStr)

     

       46
       56
        
       	if err != nil {

     

       47
       57
        
       		return Email{}, err

     

       48
       58
        
       	}

     

       49
       59
        
       	email.CreatedAt, err = time.Parse(time.RFC3339, createdStr)

     

       50
       60
        
       	if err != nil {

     

       51
       61
        
       		return Email{}, err

     

       62
       62
       +
       	}

     

       63
       63
       +
       	if lastSent != nil {

     

       64
       64
       +
       		parsedTime, err := time.Parse(time.RFC3339, *lastSent)

     

       65
       65
       +
       		if err != nil {

     

       66
       66
       +
       			return Email{}, err

     

       67
       67
       +
       		}

     

       68
       68
       +
       		email.LastSent = &parsedTime

     

       52
       69
        
       	}

     

       53
       70
        
       	return email, nil

     

       54
       71
        
       }

     
···

       220
       237
        
       

     

       221
       238
        
       func GetAllEmails(e Execer, did string) ([]Email, error) {

     

       222
       239
        
       	query := `

     

       223
       223
       -
       		select did, email, verified, is_primary, verification_code, created

     

       240
       240
       +
       		select did, email, verified, is_primary, verification_code, last_sent, created

     

       224
       241
        
       		from emails

     

       225
       242
        
       		where did = ?

     

       226
       243
        
       	`

     
···

       234
       251
        
       	for rows.Next() {

     

       235
       252
        
       		var email Email

     

       236
       253
        
       		var createdStr string

     

       237
       237
       -
       		err := rows.Scan(&email.Did, &email.Address, &email.Verified, &email.Primary, &email.VerificationCode, &createdStr)

     

       254
       254
       +
       		var lastSent *string

     

       255
       255
       +
       		err := rows.Scan(&email.Did, &email.Address, &email.Verified, &email.Primary, &email.VerificationCode, &lastSent, &createdStr)

     

       238
       256
        
       		if err != nil {

     

       239
       257
        
       			return nil, err

     

       240
       258
        
       		}

     
···

       242
       260
        
       		if err != nil {

     

       243
       261
        
       			return nil, err

     

       244
       262
        
       		}

     

       263
       263
       +
       		if lastSent != nil {

     

       264
       264
       +
       			parsedTime, err := time.Parse(time.RFC3339, *lastSent)

     

       265
       265
       +
       			if err != nil {

     

       266
       266
       +
       				return nil, err

     

       267
       267
       +
       			}

     

       268
       268
       +
       			email.LastSent = &parsedTime

     

       269
       269
       +
       		}

     

       245
       270
        
       		emails = append(emails, email)

     

       246
       271
        
       	}

     

       247
       272
        
       	return emails, nil

     

       248
       273
        
       }

     

       274
       274
       +
       

     

       275
       275
       +
       func UpdateVerificationCode(e Execer, did string, email string, code string) error {

     

       276
       276
       +
       	query := `

     

       277
       277
       +
       		update emails

     

       278
       278
       +
       		set verification_code = ?

     

       279
       279
       +
       		where did = ? and email = ?

     

       280
       280
       +
       	`

     

       281
       281
       +
       	_, err := e.Exec(query, code, did, email)

     

       282
       282
       +
       	return err

     

       283
       283
       +
       }

     

       284
       284
       +
       

     

       285
       285
       +
       func UpdateLastSent(e Execer, did string, email string, lastSent time.Time) error {

     

       286
       286
       +
       	query := `

     

       287
       287
       +
       		update emails

     

       288
       288
       +
       		set last_sent = ?

     

       289
       289
       +
       		where did = ? and email = ?

     

       290
       290
       +
       	`

     

       291
       291
       +
       	_, err := e.Exec(query, lastSent.Format(time.RFC3339), did, email)

     

       292
       292
       +
       	return err

     

       293
       293
       +
       }

+11 -1

appview/pages/templates/settings.html

···

       103
       103
        
               </div>

     

       104
       104
        
             </div>

     

       105
       105
        
             <div class="flex gap-2 items-center">

     

       106
       106
       -
               {{ if not .Primary }}

     

       106
       106
       +
               {{ if not .Verified }}

     

       107
       107
       +
               <a 

     

       108
       108
       +
                 class="text-sm"

     

       109
       109
       +
                 hx-post="/settings/emails/verify/resend" 

     

       110
       110
       +
                 hx-swap="none"

     

       111
       111
       +
                 href="#"

     

       112
       112
       +
                 hx-vals='{"email": "{{ .Address }}"}'>

     

       113
       113
       +
                 resend verification

     

       114
       114
       +
               </a>

     

       115
       115
       +
               {{ end }}

     

       116
       116
       +
               {{ if and (not .Primary) .Verified }}

     

       107
       117
        
               <a 

     

       108
       118
        
                 class="text-sm"

     

       109
       119
        
                 hx-post="/settings/emails/primary"

appview/state/router.go

···

       170
       170
        
       		r.Put("/emails", s.SettingsEmails)

     

       171
       171
        
       		r.Delete("/emails", s.SettingsEmails)

     

       172
       172
        
       		r.Get("/emails/verify", s.SettingsEmailsVerify)

     

       173
       173
       +
       		r.Post("/emails/verify/resend", s.SettingsEmailsVerifyResend)

     

       173
       174
        
       		r.Post("/emails/primary", s.SettingsEmailsPrimary)

     

       174
       175
        
       	})

     

       175
       176

+107 -15

appview/state/settings.go

···

       38
       38
        
       	})

     

       39
       39
        
       }

     

       40
       40
        
       

     

       41
       41
       +
       // buildVerificationEmail creates an email.Email struct for verification emails

     

       42
       42
       +
       func (s *State) buildVerificationEmail(emailAddr, did, code string) email.Email {

     

       43
       43
       +
       	verifyURL := s.verifyUrl(did, emailAddr, code)

     

       44
       44
       +
       

     

       45
       45
       +
       	return email.Email{

     

       46
       46
       +
       		APIKey:  s.config.ResendApiKey,

     

       47
       47
       +
       		From:    "noreply@notifs.tangled.sh",

     

       48
       48
       +
       		To:      emailAddr,

     

       49
       49
       +
       		Subject: "Verify your Tangled email",

     

       50
       50
       +
       		Text: `Click the link below (or copy and paste it into your browser) to verify your email address.

     

       51
       51
       +
       ` + verifyURL,

     

       52
       52
       +
       		Html: `<p>Click the link (or copy and paste it into your browser) to verify your email address.</p>

     

       53
       53
       +
       <p><a href="` + verifyURL + `">` + verifyURL + `</a></p>`,

     

       54
       54
       +
       	}

     

       55
       55
       +
       }

     

       56
       56
       +
       

     

       57
       57
       +
       // sendVerificationEmail handles the common logic for sending verification emails

     

       58
       58
       +
       func (s *State) sendVerificationEmail(w http.ResponseWriter, did, emailAddr, code string, errorContext string) error {

     

       59
       59
       +
       	emailToSend := s.buildVerificationEmail(emailAddr, did, code)

     

       60
       60
       +
       

     

       61
       61
       +
       	err := email.SendEmail(emailToSend)

     

       62
       62
       +
       	if err != nil {

     

       63
       63
       +
       		log.Printf("sending email: %s", err)

     

       64
       64
       +
       		s.pages.Notice(w, "settings-emails-error", fmt.Sprintf("Unable to send verification email at this moment, try again later. %s", errorContext))

     

       65
       65
       +
       		return err

     

       66
       66
       +
       	}

     

       67
       67
       +
       

     

       68
       68
       +
       	return nil

     

       69
       69
       +
       }

     

       70
       70
       +
       

     

       41
       71
        
       func (s *State) SettingsEmails(w http.ResponseWriter, r *http.Request) {

     

       42
       72
        
       	switch r.Method {

     

       43
       73
        
       	case http.MethodGet:

     
···

       94
       124
        
       			return

     

       95
       125
        
       		}

     

       96
       126
        
       

     

       97
       97
       -
       		err = email.SendEmail(email.Email{

     

       98
       98
       -
       			APIKey: s.config.ResendApiKey,

     

       99
       99
       -
       

     

       100
       100
       -
       			From:    "noreply@notifs.tangled.sh",

     

       101
       101
       -
       			To:      emAddr,

     

       102
       102
       -
       			Subject: "Verify your Tangled email",

     

       103
       103
       -
       			Text: `Click the link below (or copy and paste it into your browser) to verify your email address.

     

       104
       104
       -
       ` + s.verifyUrl(did, emAddr, code),

     

       105
       105
       -
       			Html: `<p>Click the link (or copy and paste it into your browser) to verify your email address.</p>

     

       106
       106
       -
       <p><a href="` + s.verifyUrl(did, emAddr, code) + `">` + s.verifyUrl(did, emAddr, code) + `</a></p>`,

     

       107
       107
       -
       		})

     

       108
       108
       -
       

     

       109
       109
       -
       		if err != nil {

     

       110
       110
       -
       			log.Printf("sending email: %s", err)

     

       111
       111
       -
       			s.pages.Notice(w, "settings-emails-error", "Unable to send verification email at this moment, try again later.")

     

       127
       127
       +
       		if err := s.sendVerificationEmail(w, did, emAddr, code, ""); err != nil {

     

       112
       128
        
       			return

     

       113
       129
        
       		}

     

       114
       130
        
       

     
···

       192
       208
        
       	}

     

       193
       209
        
       

     

       194
       210
        
       	http.Redirect(w, r, "/settings", http.StatusSeeOther)

     

       211
       211
       +
       }

     

       212
       212
       +
       

     

       213
       213
       +
       func (s *State) SettingsEmailsVerifyResend(w http.ResponseWriter, r *http.Request) {

     

       214
       214
       +
       	if r.Method != http.MethodPost {

     

       215
       215
       +
       		s.pages.Notice(w, "settings-emails-error", "Invalid request method.")

     

       216
       216
       +
       		return

     

       217
       217
       +
       	}

     

       218
       218
       +
       

     

       219
       219
       +
       	did := s.auth.GetDid(r)

     

       220
       220
       +
       	emAddr := r.FormValue("email")

     

       221
       221
       +
       	emAddr = strings.TrimSpace(emAddr)

     

       222
       222
       +
       

     

       223
       223
       +
       	if !email.IsValidEmail(emAddr) {

     

       224
       224
       +
       		s.pages.Notice(w, "settings-emails-error", "Invalid email address.")

     

       225
       225
       +
       		return

     

       226
       226
       +
       	}

     

       227
       227
       +
       

     

       228
       228
       +
       	// Check if email exists and is unverified

     

       229
       229
       +
       	existingEmail, err := db.GetEmail(s.db, did, emAddr)

     

       230
       230
       +
       	if err != nil {

     

       231
       231
       +
       		if errors.Is(err, sql.ErrNoRows) {

     

       232
       232
       +
       			s.pages.Notice(w, "settings-emails-error", "Email not found. Please add it first.")

     

       233
       233
       +
       		} else {

     

       234
       234
       +
       			log.Printf("checking for existing email: %s", err)

     

       235
       235
       +
       			s.pages.Notice(w, "settings-emails-error", "Unable to resend verification email at this moment, try again later.")

     

       236
       236
       +
       		}

     

       237
       237
       +
       		return

     

       238
       238
       +
       	}

     

       239
       239
       +
       

     

       240
       240
       +
       	if existingEmail.Verified {

     

       241
       241
       +
       		s.pages.Notice(w, "settings-emails-error", "This email is already verified.")

     

       242
       242
       +
       		return

     

       243
       243
       +
       	}

     

       244
       244
       +
       

     

       245
       245
       +
       	// Check if last verification email was sent less than 10 minutes ago

     

       246
       246
       +
       	if existingEmail.LastSent != nil {

     

       247
       247
       +
       		timeSinceLastSent := time.Since(*existingEmail.LastSent)

     

       248
       248
       +
       		if timeSinceLastSent < 10*time.Minute {

     

       249
       249
       +
       			waitTime := 10*time.Minute - timeSinceLastSent

     

       250
       250
       +
       			s.pages.Notice(w, "settings-emails-error", fmt.Sprintf("Please wait %d minutes before requesting another verification email.", int(waitTime.Minutes()+1)))

     

       251
       251
       +
       			return

     

       252
       252
       +
       		}

     

       253
       253
       +
       	}

     

       254
       254
       +
       

     

       255
       255
       +
       	// Generate new verification code

     

       256
       256
       +
       	code := uuid.New().String()

     

       257
       257
       +
       

     

       258
       258
       +
       	// Begin transaction

     

       259
       259
       +
       	tx, err := s.db.Begin()

     

       260
       260
       +
       	if err != nil {

     

       261
       261
       +
       		log.Printf("failed to start transaction: %s", err)

     

       262
       262
       +
       		s.pages.Notice(w, "settings-emails-error", "Unable to resend verification email at this moment, try again later.")

     

       263
       263
       +
       		return

     

       264
       264
       +
       	}

     

       265
       265
       +
       	defer tx.Rollback()

     

       266
       266
       +
       

     

       267
       267
       +
       	// Update the verification code and last sent time

     

       268
       268
       +
       	if err := db.UpdateVerificationCode(tx, did, emAddr, code); err != nil {

     

       269
       269
       +
       		log.Printf("updating email verification: %s", err)

     

       270
       270
       +
       		s.pages.Notice(w, "settings-emails-error", "Unable to resend verification email at this moment, try again later.")

     

       271
       271
       +
       		return

     

       272
       272
       +
       	}

     

       273
       273
       +
       

     

       274
       274
       +
       	// Send verification email

     

       275
       275
       +
       	if err := s.sendVerificationEmail(w, did, emAddr, code, ""); err != nil {

     

       276
       276
       +
       		return

     

       277
       277
       +
       	}

     

       278
       278
       +
       

     

       279
       279
       +
       	// Commit transaction

     

       280
       280
       +
       	if err := tx.Commit(); err != nil {

     

       281
       281
       +
       		log.Printf("failed to commit transaction: %s", err)

     

       282
       282
       +
       		s.pages.Notice(w, "settings-emails-error", "Unable to resend verification email at this moment, try again later.")

     

       283
       283
       +
       		return

     

       284
       284
       +
       	}

     

       285
       285
       +
       

     

       286
       286
       +
       	s.pages.Notice(w, "settings-emails-success", "Verification email resent. Click the link in the email we sent you to verify your email address.")

     

       195
       287
        
       }

     

       196
       288
        
       

     

       197
       289
        
       func (s *State) SettingsEmailsPrimary(w http.ResponseWriter, r *http.Request) {