Grouping route

handler/auth/forgotPassword/forgotPassword.go

@@ -0,0 +1,144 @@
+package forgotPasswordHandler
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"github.com/fossyy/filekeeper/app"
+	"github.com/fossyy/filekeeper/view/client/auth/forgotPassword"
+	"github.com/fossyy/filekeeper/view/client/email"
+	"github.com/google/uuid"
+	"github.com/redis/go-redis/v9"
+	"net/http"
+	"time"
+
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/types/models"
+	"github.com/fossyy/filekeeper/utils"
+	"gorm.io/gorm"
+)
+
+type ForgotPassword struct {
+	User *models.User
+	Code string
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	component := forgotPasswordView.Main("Filekeeper - Forgot Password Page", types.Message{
+		Code:    3,
+		Message: "",
+	})
+	err := component.Render(r.Context(), w)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	return
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		http.Error(w, "Error parsing form", http.StatusBadRequest)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	emailForm := r.Form.Get("email")
+
+	user, err := app.Server.Service.GetUser(r.Context(), emailForm)
+	if err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			component := forgotPasswordView.Main("Filekeeper - Forgot Password Page", types.Message{
+				Code:    0,
+				Message: "Unexpected error has occurred",
+			})
+			err := component.Render(r.Context(), w)
+			if err != nil {
+				w.WriteHeader(http.StatusInternalServerError)
+				app.Server.Logger.Error(err.Error())
+				return
+			}
+			return
+		}
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	userData := &models.User{
+		UserID:   uuid.UUID{},
+		Username: user.Username,
+		Email:    user.Email,
+		Password: "",
+	}
+
+	err = verifyForgot(userData)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	component := forgotPasswordView.EmailSend("Filekeeper - Forgot Password Page")
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	return
+}
+
+func verifyForgot(user *models.User) error {
+	var userData *ForgotPassword
+	var code string
+	var err error
+	code, err = app.Server.Cache.GetCache(context.Background(), "ForgotPasswordCode:"+user.Email)
+	if err != nil {
+		if errors.Is(err, redis.Nil) {
+			code = utils.GenerateRandomString(64)
+			userData = &ForgotPassword{
+				User: user,
+				Code: code,
+			}
+
+			newForgotUser, err := json.Marshal(userData)
+			if err != nil {
+				return err
+			}
+			err = app.Server.Cache.SetCache(context.Background(), "ForgotPasswordCode:"+user.Email, code, time.Minute*15)
+			if err != nil {
+				return err
+			}
+			err = app.Server.Cache.SetCache(context.Background(), "ForgotPassword:"+userData.Code, newForgotUser, time.Minute*15)
+			if err != nil {
+				return err
+			}
+		} else {
+			return err
+		}
+	} else {
+		storedCode, err := app.Server.Cache.GetCache(context.Background(), "ForgotPassword:"+code)
+		err = json.Unmarshal([]byte(storedCode), &userData)
+		if err != nil {
+			return err
+		}
+	}
+
+	var buffer bytes.Buffer
+	err = emailView.ForgotPassword(user.Username, fmt.Sprintf("https://%s/auth/forgot-password/verify/%s", utils.Getenv("DOMAIN"), code)).Render(context.Background(), &buffer)
+	if err != nil {
+		return err
+	}
+
+	err = app.Server.Mail.Send(user.Email, "Password Change Request", buffer.String())
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

handler/auth/forgotPassword/verify/verify.go

@@ -0,0 +1,134 @@
+package forgotPasswordVerifyHandler
+
+import (
+	"encoding/json"
+	"errors"
+	"github.com/fossyy/filekeeper/app"
+	"github.com/fossyy/filekeeper/handler/auth/forgotPassword"
+	"github.com/fossyy/filekeeper/session"
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/utils"
+	"github.com/fossyy/filekeeper/view/client/auth/forgotPassword"
+	signupView "github.com/fossyy/filekeeper/view/client/auth/signup"
+	"github.com/redis/go-redis/v9"
+	"net/http"
+)
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	code := r.PathValue("code")
+
+	_, err := app.Server.Cache.GetCache(r.Context(), "ForgotPassword:"+code)
+	if err != nil {
+		if errors.Is(err, redis.Nil) {
+			w.WriteHeader(http.StatusNotFound)
+			return
+		}
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	component := forgotPasswordView.NewPasswordForm("Filekeeper - Forgot Password Page", types.Message{
+		Code:    3,
+		Message: "",
+	})
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	return
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	code := r.PathValue("code")
+
+	data, err := app.Server.Cache.GetCache(r.Context(), "ForgotPassword:"+code)
+	if err != nil {
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+	var userData *forgotPasswordHandler.ForgotPassword
+
+	err = json.Unmarshal([]byte(data), &userData)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	err = r.ParseForm()
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	password := r.Form.Get("password")
+	isValid := utils.ValidatePassword(password)
+	if !isValid {
+		component := signupView.Main("Filekeeper - Sign up Page", types.Message{
+			Code:    0,
+			Message: "Password is invalid",
+		})
+		err := component.Render(r.Context(), w)
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			app.Server.Logger.Error(err.Error())
+			return
+		}
+		return
+	}
+	hashedPassword, err := utils.HashPassword(password)
+
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	err = app.Server.Database.UpdateUserPassword(userData.User.Email, hashedPassword)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	err = app.Server.Cache.DeleteCache(r.Context(), "ForgotPasswordCode:"+userData.User.Email)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	err = app.Server.Cache.DeleteCache(r.Context(), "ForgotPassword:"+code)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	err = session.RemoveAllSessions(userData.User.Email)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	err = app.Server.Service.RemoveUserCache(r.Context(), userData.User.Email)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	component := forgotPasswordView.ChangeSuccess("Filekeeper - Forgot Password Page")
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	return
+}

handler/auth/google/callback/callback.go

@@ -48,21 +48,22 @@ func GET(w http.ResponseWriter, r *http.Request) {
 	_, err := app.Server.Cache.GetCache(r.Context(), "CsrfTokens:"+r.URL.Query().Get("state"))
 	if err != nil {
 		if errors.Is(err, redis.Nil) {
-			http.Redirect(w, r, fmt.Sprintf("/signin?error=%s", "csrf_token_error"), http.StatusFound)
+			http.Redirect(w, r, fmt.Sprintf("/auth/signin?error=%s", "csrf_token_error"), http.StatusFound)
 			return
 		}
+		app.Server.Logger.Error(err.Error())
 		w.WriteHeader(http.StatusInternalServerError)
 		return
 	}
 
 	err = app.Server.Cache.DeleteCache(r.Context(), "CsrfTokens:"+r.URL.Query().Get("state"))
 	if err != nil {
-		http.Redirect(w, r, fmt.Sprintf("/signin?error=%s", "csrf_token_error"), http.StatusFound)
+		http.Redirect(w, r, fmt.Sprintf("/auth/signin?error=%s", "csrf_token_error"), http.StatusFound)
 		return
 	}
 
 	if err := r.URL.Query().Get("error"); err != "" {
-		http.Redirect(w, r, fmt.Sprintf("/signin?error=%s", err), http.StatusFound)
+		http.Redirect(w, r, fmt.Sprintf("/auth/signin?error=%s", err), http.StatusFound)
 		return
 	}
 

handler/auth/google/setup/setup.go

@@ -9,7 +9,7 @@ import (
 	"github.com/fossyy/filekeeper/types/models"
 	"github.com/fossyy/filekeeper/utils"
 	"github.com/fossyy/filekeeper/view/client/auth"
-	signupView "github.com/fossyy/filekeeper/view/client/signup"
+	signupView "github.com/fossyy/filekeeper/view/client/auth/signup"
 	"github.com/google/uuid"
 	"github.com/redis/go-redis/v9"
 	"net/http"
@@ -27,7 +27,7 @@ func GET(w http.ResponseWriter, r *http.Request) {
 	_, err := app.Server.Cache.GetCache(r.Context(), "GoogleSetup:"+code)
 	if err != nil {
 		if errors.Is(err, redis.Nil) {
-			http.Redirect(w, r, "/signup", http.StatusSeeOther)
+			http.Redirect(w, r, "/auth/signup", http.StatusSeeOther)
 			return
 		}
 		w.WriteHeader(http.StatusInternalServerError)

handler/auth/signin/signin.go

@@ -0,0 +1,166 @@
+package signinHandler
+
+import (
+	"errors"
+	"github.com/a-h/templ"
+	"github.com/fossyy/filekeeper/app"
+	"github.com/fossyy/filekeeper/session"
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/utils"
+	"github.com/fossyy/filekeeper/view/client/auth/signin"
+	"net/http"
+)
+
+var errorMessages = make(map[string]string)
+
+func init() {
+	errorMessages = map[string]string{
+		"redirect_uri_mismatch":      "The redirect URI provided does not match the one registered with our service. Please contact the administrator for assistance.",
+		"invalid_request":            "The request is missing required parameters or has invalid values. Please try again or contact support for assistance.",
+		"access_denied":              "Access was denied. You may have declined the request for permission. Please try again if you wish to grant access.",
+		"unauthorized_client":        "You are not authorized to make this request. Please contact support for further assistance.",
+		"unsupported_response_type":  "The requested response type is not supported. Please try again with a supported response type.",
+		"invalid_scope":              "The requested scope is invalid or unknown. Please try again or contact support for assistance.",
+		"server_error":               "Our server encountered an unexpected error. Please try again later or contact support for assistance.",
+		"temporarily_unavailable":    "Our server is currently undergoing maintenance. Please try again later.",
+		"invalid_grant":              "The authorization code or refresh token provided is invalid. Please try again or contact support for assistance.",
+		"invalid_client":             "The client identifier provided is invalid. Please check your credentials and try again.",
+		"invalid_token":              "The access token provided is invalid. Please try again or contact support for assistance.",
+		"insufficient_scope":         "You do not have sufficient privileges to perform this action. Please contact support for assistance.",
+		"interaction_required":       "Interaction with the authorization server is required. Please try again.",
+		"login_required":             "You need to log in again to proceed. Please try logging in again.",
+		"account_selection_required": "Please select an account to proceed with the request.",
+		"consent_required":           "Consent is required to proceed. Please provide consent to continue.",
+		"csrf_token_error":           "The CSRF token is missing or invalid. Please try again.",
+		"suspicious_session":         "We've detected unusual activity on your account. Please log in again to confirm it's you.",
+	}
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	var component templ.Component
+	if err := r.URL.Query().Get("error"); err != "" {
+		message, ok := errorMessages[err]
+		if !ok {
+			message = "Unknown error occurred. Please contact support at bagas@fossy.my.id for assistance."
+		}
+
+		component = signinView.Main("Filekeeper - Sign in Page", types.Message{
+			Code:    0,
+			Message: message,
+		})
+	} else {
+		component = signinView.Main("Filekeeper - Sign in Page", types.Message{
+			Code:    3,
+			Message: "",
+		})
+	}
+
+	err := component.Render(r.Context(), w)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	return
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		http.Error(w, "Error parsing form", http.StatusBadRequest)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	email := r.Form.Get("email")
+	password := r.Form.Get("password")
+	userData, err := app.Server.Service.GetUser(r.Context(), email)
+	if err != nil {
+		component := signinView.Main("Filekeeper - Sign in Page", types.Message{
+			Code:    0,
+			Message: "Incorrect Username or Password",
+		})
+		app.Server.Logger.Error(err.Error())
+		err = component.Render(r.Context(), w)
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			app.Server.Logger.Error(err.Error())
+			return
+		}
+		return
+	}
+
+	if email == userData.Email && utils.CheckPasswordHash(password, userData.Password) {
+		if userData.Totp != "" {
+			storeSession, err := session.Create(types.User{
+				UserID:        userData.UserID,
+				Email:         email,
+				Username:      userData.Username,
+				Totp:          userData.Totp,
+				Authenticated: false,
+			})
+			if err != nil {
+				w.WriteHeader(http.StatusInternalServerError)
+				app.Server.Logger.Error(err.Error())
+				return
+			}
+			storeSession.Save(w)
+			http.Redirect(w, r, "/auth/totp", http.StatusSeeOther)
+			return
+		}
+
+		storeSession, err := session.Create(types.User{
+			UserID:        userData.UserID,
+			Email:         email,
+			Username:      userData.Username,
+			Authenticated: true,
+		})
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			app.Server.Logger.Error(err.Error())
+			return
+		}
+		userAgent := r.Header.Get("User-Agent")
+		browserInfo, osInfo := utils.ParseUserAgent(userAgent)
+
+		sessionInfo := session.SessionInfo{
+			SessionID: storeSession.ID,
+			Browser:   browserInfo["browser"],
+			Version:   browserInfo["version"],
+			OS:        osInfo["os"],
+			OSVersion: osInfo["version"],
+			IP:        utils.ClientIP(r),
+			Location:  "Indonesia",
+		}
+
+		storeSession.Save(w)
+		err = session.AddSessionInfo(email, &sessionInfo)
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			app.Server.Logger.Error(err.Error())
+			return
+		}
+
+		cookie, err := r.Cookie("redirect")
+		if errors.Is(err, http.ErrNoCookie) {
+			http.Redirect(w, r, "/", http.StatusSeeOther)
+			return
+		}
+		http.SetCookie(w, &http.Cookie{
+			Name:   "redirect",
+			MaxAge: -1,
+		})
+		http.Redirect(w, r, cookie.Value, http.StatusSeeOther)
+		return
+	}
+	component := signinView.Main("Filekeeper - Sign in Page", types.Message{
+		Code:    0,
+		Message: "Incorrect Username or Password",
+	})
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	return
+}

handler/auth/signup/signup.go

@@ -0,0 +1,150 @@
+package signupHandler
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"github.com/fossyy/filekeeper/app"
+	"github.com/fossyy/filekeeper/utils"
+	signupView "github.com/fossyy/filekeeper/view/client/auth/signup"
+	"github.com/fossyy/filekeeper/view/client/email"
+	"github.com/redis/go-redis/v9"
+	"net/http"
+	"time"
+
+	"github.com/fossyy/filekeeper/types"
+	"github.com/fossyy/filekeeper/types/models"
+	"github.com/google/uuid"
+)
+
+type UnverifiedUser struct {
+	User *models.User
+	Code string
+}
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	component := signupView.Main("Filekeeper - Sign up Page", types.Message{
+		Code:    3,
+		Message: "",
+	})
+	err := component.Render(r.Context(), w)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	return
+}
+
+func POST(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	userEmail := r.Form.Get("email")
+	username := r.Form.Get("username")
+	password := r.Form.Get("password")
+	isValid := utils.ValidatePassword(password)
+	if !isValid {
+		component := signupView.Main("Filekeeper - Sign up Page", types.Message{
+			Code:    0,
+			Message: "Password is invalid",
+		})
+		err := component.Render(r.Context(), w)
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			app.Server.Logger.Error(err.Error())
+			return
+		}
+		return
+	}
+	hashedPassword, err := utils.HashPassword(password)
+
+	newUser := models.User{
+		UserID:   uuid.New(),
+		Username: username,
+		Email:    userEmail,
+		Password: hashedPassword,
+	}
+
+	if registered := app.Server.Database.IsUserRegistered(userEmail, username); registered {
+		component := signupView.Main("Filekeeper - Sign up Page", types.Message{
+			Code:    0,
+			Message: "Email or Username has been registered",
+		})
+		err = component.Render(r.Context(), w)
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			app.Server.Logger.Error(err.Error())
+			return
+		}
+		return
+	}
+
+	err = verifyEmail(&newUser)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	component := signupView.EmailSend("Filekeeper - Sign up Page")
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	return
+}
+
+func verifyEmail(user *models.User) error {
+	var buffer bytes.Buffer
+	var code string
+
+	storedCode, err := app.Server.Cache.GetCache(context.Background(), "VerificationCode:"+user.Email)
+	if err != nil {
+		if errors.Is(err, redis.Nil) {
+			code = utils.GenerateRandomString(64)
+		} else {
+			return err
+		}
+	} else {
+		code = storedCode
+	}
+
+	err = emailView.RegistrationEmail(user.Username, fmt.Sprintf("https://%s/auth/signup/verify/%s", utils.Getenv("DOMAIN"), code)).Render(context.Background(), &buffer)
+	if err != nil {
+		return err
+	}
+
+	unverifiedUser := UnverifiedUser{
+		User: user,
+		Code: code,
+	}
+	newUnverifiedUser, err := json.Marshal(unverifiedUser)
+	if err != nil {
+		return err
+	}
+
+	err = app.Server.Cache.SetCache(context.Background(), "UnverifiedUser:"+code, newUnverifiedUser, 10*time.Minute)
+	if err != nil {
+		return err
+	}
+
+	err = app.Server.Cache.SetCache(context.Background(), "VerificationCode:"+user.Email, code, 10*time.Minute)
+	if err != nil {
+		return err
+	}
+
+	err = app.Server.Mail.Send(user.Email, "Account Registration Verification", buffer.String())
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

handler/auth/signup/verify/verify.go

@@ -0,0 +1,74 @@
+package signupVerifyHandler
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"github.com/fossyy/filekeeper/app"
+	"github.com/fossyy/filekeeper/handler/auth/signup"
+	signupView "github.com/fossyy/filekeeper/view/client/auth/signup"
+	"github.com/redis/go-redis/v9"
+	"net/http"
+
+	"github.com/fossyy/filekeeper/types"
+)
+
+func GET(w http.ResponseWriter, r *http.Request) {
+	code := r.PathValue("code")
+	userDataStr, err := app.Server.Cache.GetCache(context.Background(), "UnverifiedUser:"+code)
+	if err != nil {
+		if errors.Is(err, redis.Nil) {
+			w.WriteHeader(http.StatusNotFound)
+			return
+		}
+		app.Server.Logger.Error(err.Error())
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	var unverifiedUser signupHandler.UnverifiedUser
+	err = json.Unmarshal([]byte(userDataStr), &unverifiedUser)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+
+	err = app.Server.Database.CreateUser(unverifiedUser.User)
+	if err != nil {
+		component := signupView.Main("Filekeeper - Sign up Page", types.Message{
+			Code:    0,
+			Message: "Email or Username has already been registered",
+		})
+		err := component.Render(r.Context(), w)
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			app.Server.Logger.Error(err.Error())
+			return
+		}
+		return
+	}
+
+	err = app.Server.Cache.DeleteCache(context.Background(), "UnverifiedUser:"+code)
+	if err != nil {
+		app.Server.Logger.Error(err.Error())
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	err = app.Server.Cache.DeleteCache(context.Background(), "VerificationCode:"+unverifiedUser.User.Email)
+	if err != nil {
+		app.Server.Logger.Error(err.Error())
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	component := signupView.VerifySuccess("Filekeeper - Verify Page")
+	err = component.Render(r.Context(), w)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+		return
+	}
+	return
+}