feat: login wall (#42)
* feat: add login-wall app * fix: rename vars * fix: rename vars * update docker file * add validations for app state * add host check for app * fix: docker file
This commit is contained in:
Lakhan Samani
@@ -12,8 +12,8 @@ func SetCookie(gc *gin.Context, token string) {
|
||||
secure := true
|
||||
httpOnly := true
|
||||
|
||||
host := GetDomainName(gc.Request.Host)
|
||||
log.Println("=> host", host)
|
||||
host := GetHostName(gc.Request.Host)
|
||||
log.Println("=> cookie host", host)
|
||||
gc.SetSameSite(http.SameSiteNoneMode)
|
||||
gc.SetCookie(constants.COOKIE_NAME, token, 3600, "/", host, secure, httpOnly)
|
||||
}
|
||||
@@ -35,7 +35,7 @@ func DeleteCookie(gc *gin.Context) {
|
||||
secure = false
|
||||
}
|
||||
|
||||
host := GetDomainName(gc.Request.Host)
|
||||
host := GetHostName(gc.Request.Host)
|
||||
gc.SetSameSite(http.SameSiteNoneMode)
|
||||
gc.SetCookie(constants.COOKIE_NAME, "", -1, "/", host, secure, httpOnly)
|
||||
}
|
||||
|
||||
@@ -26,14 +26,14 @@ func SendVerificationMail(toEmail, token string) error {
|
||||
<a href="%s">Click here to verify</a>
|
||||
</body>
|
||||
</html>
|
||||
`, constants.AUTHORIZER_DOMAIN+"/verify_email"+"?token="+token)
|
||||
`, constants.AUTHORIZER_URL+"/verify_email"+"?token="+token)
|
||||
bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
|
||||
|
||||
return sender.SendMail(Receiver, Subject, bodyMessage)
|
||||
}
|
||||
|
||||
// SendForgotPasswordMail to send verification email
|
||||
func SendForgotPasswordMail(toEmail, token string) error {
|
||||
func SendForgotPasswordMail(toEmail, token, host string) error {
|
||||
sender := email.NewSender()
|
||||
|
||||
// The receiver needs to be in slice as the receive supports multiple receiver
|
||||
@@ -51,7 +51,7 @@ func SendForgotPasswordMail(toEmail, token string) error {
|
||||
<a href="%s">Reset Password</a>
|
||||
</body>
|
||||
</html>
|
||||
`, constants.FRONTEND_URL+"/"+constants.FORGOT_PASSWORD_URI+"?token="+token)
|
||||
`, host+"/"+constants.FORGOT_PASSWORD_URI+"?token="+token)
|
||||
bodyMessage := sender.WriteHTMLEmail(Receiver, Subject, message)
|
||||
|
||||
return sender.SendMail(Receiver, Subject, bodyMessage)
|
||||
|
||||
@@ -2,11 +2,24 @@ package utils
|
||||
|
||||
import (
|
||||
"net/url"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// function to get hostname
|
||||
func GetHostName(auth_url string) string {
|
||||
u, err := url.Parse(auth_url)
|
||||
if err != nil {
|
||||
return `localhost`
|
||||
}
|
||||
|
||||
host := u.Hostname()
|
||||
|
||||
return host
|
||||
}
|
||||
|
||||
// function to get domain name
|
||||
func GetDomainName(auth_url string) string {
|
||||
u, err := url.Parse("//" + auth_url)
|
||||
u, err := url.Parse(auth_url)
|
||||
if err != nil {
|
||||
return `localhost`
|
||||
}
|
||||
@@ -14,24 +27,24 @@ func GetDomainName(auth_url string) string {
|
||||
host := u.Hostname()
|
||||
|
||||
// code to get root domain in case of sub-domains
|
||||
// hostParts := strings.Split(host, ".")
|
||||
// hostPartsLen := len(hostParts)
|
||||
hostParts := strings.Split(host, ".")
|
||||
hostPartsLen := len(hostParts)
|
||||
|
||||
// if hostPartsLen == 1 {
|
||||
// return host
|
||||
// }
|
||||
if hostPartsLen == 1 {
|
||||
return host
|
||||
}
|
||||
|
||||
// if hostPartsLen == 2 {
|
||||
// if hostParts[0] == "www" {
|
||||
// return hostParts[1]
|
||||
// } else {
|
||||
// return host
|
||||
// }
|
||||
// }
|
||||
if hostPartsLen == 2 {
|
||||
if hostParts[0] == "www" {
|
||||
return hostParts[1]
|
||||
} else {
|
||||
return host
|
||||
}
|
||||
}
|
||||
|
||||
// if hostPartsLen > 2 {
|
||||
// return strings.Join(hostParts[hostPartsLen-2:], ".")
|
||||
// }
|
||||
if hostPartsLen > 2 {
|
||||
return strings.Join(hostParts[hostPartsLen-2:], ".")
|
||||
}
|
||||
|
||||
return host
|
||||
}
|
||||
|
||||
@@ -1,8 +1,31 @@
|
||||
package utils
|
||||
|
||||
import "net/mail"
|
||||
import (
|
||||
"net/mail"
|
||||
"strings"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
)
|
||||
|
||||
func IsValidEmail(email string) bool {
|
||||
_, err := mail.ParseAddress(email)
|
||||
return err == nil
|
||||
}
|
||||
|
||||
func IsValidRedirectURL(url string) bool {
|
||||
if len(constants.ALLOWED_ORIGINS) == 1 && constants.ALLOWED_ORIGINS[0] == "*" {
|
||||
return true
|
||||
}
|
||||
|
||||
hasValidURL := false
|
||||
urlDomain := GetDomainName(url)
|
||||
|
||||
for _, val := range constants.ALLOWED_ORIGINS {
|
||||
if strings.Contains(val, urlDomain) {
|
||||
hasValidURL = true
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
return hasValidURL
|
||||
}
|
||||
|
||||
@@ -9,6 +9,7 @@ import (
|
||||
|
||||
type UserInfo struct {
|
||||
Email string `json:"email"`
|
||||
Host string `json:"host"`
|
||||
}
|
||||
|
||||
type CustomClaim struct {
|
||||
@@ -18,7 +19,7 @@ type CustomClaim struct {
|
||||
}
|
||||
|
||||
// TODO convert tokenType to enum
|
||||
func CreateVerificationToken(email string, tokenType string) (string, error) {
|
||||
func CreateVerificationToken(email string, tokenType string, host string) (string, error) {
|
||||
t := jwt.New(jwt.GetSigningMethod(constants.JWT_TYPE))
|
||||
|
||||
t.Claims = &CustomClaim{
|
||||
@@ -27,7 +28,7 @@ func CreateVerificationToken(email string, tokenType string) (string, error) {
|
||||
ExpiresAt: time.Now().Add(time.Minute * 30).Unix(),
|
||||
},
|
||||
tokenType,
|
||||
UserInfo{Email: email},
|
||||
UserInfo{Email: email, Host: host},
|
||||
}
|
||||
|
||||
return t.SignedString([]byte(constants.JWT_SECRET))
|
||||
|
||||
Reference in New Issue
Block a user