mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-11 17:33:40 +00:00
095ec21678
* chore(proto): update versions * change protoc plugin * some cleanups * define api for setting emails in new api * implement user.SetEmail * move SetEmail buisiness logic into command * resuse newCryptoCode * command: add ChangeEmail unit tests Not complete, was not able to mock the generator. * Revert "resuse newCryptoCode" This reverts commit c89e90ae35ae924a3f706a0a7394f933910c2e65. * undo change to crypto code generators * command: use a generator so we can test properly * command: reorganise ChangeEmail improve test coverage * implement VerifyEmail including unit tests * add URL template tests * proto: change context to object * remove old auth option * remove old auth option * fix linting errors run gci on modified files * add permission checks and fix some errors * comments * comments --------- Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
92 lines
2.3 KiB
Go
92 lines
2.3 KiB
Go
package domain
|
|
|
|
import (
|
|
"io"
|
|
"regexp"
|
|
"strings"
|
|
"text/template"
|
|
"time"
|
|
|
|
"github.com/zitadel/zitadel/internal/crypto"
|
|
"github.com/zitadel/zitadel/internal/errors"
|
|
caos_errs "github.com/zitadel/zitadel/internal/errors"
|
|
es_models "github.com/zitadel/zitadel/internal/eventstore/v1/models"
|
|
)
|
|
|
|
var (
|
|
emailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
|
|
)
|
|
|
|
type EmailAddress string
|
|
|
|
func (e EmailAddress) Validate() error {
|
|
if e == "" {
|
|
return errors.ThrowInvalidArgument(nil, "EMAIL-spblu", "Errors.User.Email.Empty")
|
|
}
|
|
if !emailRegex.MatchString(string(e)) {
|
|
return errors.ThrowInvalidArgument(nil, "EMAIL-599BI", "Errors.User.Email.Invalid")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (e EmailAddress) Normalize() EmailAddress {
|
|
return EmailAddress(strings.TrimSpace(string(e)))
|
|
}
|
|
|
|
type Email struct {
|
|
es_models.ObjectRoot
|
|
|
|
EmailAddress EmailAddress
|
|
IsEmailVerified bool
|
|
// PlainCode is set by the command and can be used to return it to the caller (API)
|
|
PlainCode *string
|
|
}
|
|
|
|
type EmailCode struct {
|
|
es_models.ObjectRoot
|
|
|
|
Code *crypto.CryptoValue
|
|
Expiry time.Duration
|
|
}
|
|
|
|
func (e *Email) Validate() error {
|
|
if e == nil {
|
|
return errors.ThrowInvalidArgument(nil, "EMAIL-spblu", "Errors.User.Email.Empty")
|
|
}
|
|
return e.EmailAddress.Validate()
|
|
}
|
|
|
|
func NewEmailCode(emailGenerator crypto.Generator) (*EmailCode, string, error) {
|
|
emailCodeCrypto, code, err := crypto.NewCode(emailGenerator)
|
|
if err != nil {
|
|
return nil, "", err
|
|
}
|
|
return &EmailCode{
|
|
Code: emailCodeCrypto,
|
|
Expiry: emailGenerator.Expiry(),
|
|
}, code, nil
|
|
}
|
|
|
|
type ConfirmURLData struct {
|
|
UserID string
|
|
Code string
|
|
OrgID string
|
|
}
|
|
|
|
// RenderConfirmURLTemplate parses and renders tmplStr.
|
|
// userID, code and orgID are passed into the [ConfirmURLData].
|
|
// "%s%s?userID=%s&code=%s&orgID=%s"
|
|
func RenderConfirmURLTemplate(w io.Writer, tmplStr, userID, code, orgID string) error {
|
|
tmpl, err := template.New("").Parse(tmplStr)
|
|
if err != nil {
|
|
return caos_errs.ThrowInvalidArgument(err, "USERv2-ooD8p", "Errors.User.Email.InvalidURLTemplate")
|
|
}
|
|
|
|
data := &ConfirmURLData{userID, code, orgID}
|
|
if err = tmpl.Execute(w, data); err != nil {
|
|
return caos_errs.ThrowInvalidArgument(err, "USERv2-ohSi5", "Errors.User.Email.InvalidURLTemplate")
|
|
}
|
|
|
|
return nil
|
|
}
|