email verification

Author: lai0xn

.env.example

@@ -12,4 +12,7 @@ FACEBOOK_REDIRECT_URL=
 
 REDIS_ADDR=
 REDIS_PASSWORD=
-REDIS_USERNAME=
+REDIS_USERNAME=
+
+EMAIL=
+EMAIL_PASSWORD=

config/config.go

@@ -12,7 +12,8 @@ import (
 )
 
 var JWT_SECRET string
-
+var EMAIL string
+var EMAIL_PASSWORD string
 func Load() {
 	// OAuth configuration
 	godotenv.Load()
@@ -39,6 +40,8 @@ func Load() {
 
 	// JWT Secret
 	JWT_SECRET = os.Getenv("JWT_SECRET")
+  EMAIL = os.Getenv("EMAIL")
+  EMAIL_PASSWORD = os.Getenv("EMAIL_PASSWORD")
 
 	// Initialize the logger
 	logger.NewLogger()

internal/handlers/auth.go

@@ -6,17 +6,20 @@ import (
 	"github.com/go-playground/validator/v10"
 	"github.com/labstack/echo/v4"
 	"github.com/lai0xn/squid-tech/internal/services"
+	"github.com/lai0xn/squid-tech/pkg/mail"
 	"github.com/lai0xn/squid-tech/pkg/types"
 	"github.com/lai0xn/squid-tech/pkg/utils"
 )
 
 type authHandler struct {
 	srv *services.AuthService
+  verifier *mail.EmailVerifier
 }
 
 func NewAuthHandler() *authHandler {
 	return &authHandler{
 		srv: services.NewAuthService(),
+    verifier: mail.NewVerifier(),
 	}
 }
 
@@ -71,10 +74,37 @@ func (h *authHandler) Register(c echo.Context) error {
 		return c.JSON(http.StatusBadRequest, utils.NewValidationError(e))
 	}
 	//TODO: fix gender
-	if err := h.srv.CreateUser(payload.Name, payload.Email, payload.Password, false); err != nil {
+	user,err := h.srv.CreateUser(payload.Name, payload.Email, payload.Password, false)
+  if err != nil {
 		return echo.NewHTTPError(http.StatusBadRequest, err)
 	}
-	return c.JSON(http.StatusOK, types.Response{
-		"message": "user created successfully",
-	})
+  err = h.verifier.SendVerfication(user.ID,[]string{user.Email})
+  if err != nil {
+    return echo.NewHTTPError(http.StatusBadRequest,err)
+  }
+	return c.JSON(http.StatusOK,"user created and verification sent")
+}
+
+
+
+
+// Email verification example
+//
+//	@Summary	Verification endpoint
+//	@Tags		auth
+//	@Accept		json
+//	@Produce	json
+//	@Param		id		query		string	true	"userid"
+//	@Param		id		otp		string	true	"otp"
+//	@Router		/auth/verify [post]
+func (h *authHandler) VerifyUser(c echo.Context) error {
+  id := c.QueryParam("id")
+  otp := c.QueryParam("otp")
+  if err := h.verifier.Verify(id,otp);err!= nil {
+    return echo.NewHTTPError(http.StatusBadRequest,err)
+  }
+  if err := h.srv.ActivateUser(id);err!=nil{
+     return echo.NewHTTPError(http.StatusBadRequest,err)
+  }
+	return c.JSON(http.StatusOK,"verification successfull")
 }

internal/handlers/oauth.go

@@ -83,7 +83,7 @@ func (h *oauthHandler) handleCallback(c echo.Context, provider string) error {
 
 	// If user doesn't exist, create a new user
 	if existingUser == nil {
-		if err := h.srv.CreateUser(user.Name, user.Email, "", false); err != nil {
+		if _,err := h.srv.CreateUser(user.Name, user.Email, "", false); err != nil {
 			return echo.NewHTTPError(http.StatusInternalServerError, "failed to create user: "+err.Error())
 		}
 	}

internal/router/auth.go

@@ -9,6 +9,7 @@ func AuthRoutes(e *echo.Group) {
 	h := handlers.NewAuthHandler()
 	auth := e.Group("/auth")
 	auth.POST("/register", h.Register)
+  auth.GET("/verify", h.VerifyUser)
 	auth.POST("/login", h.Login)
 
 }

internal/router/events.go

@@ -19,5 +19,4 @@ func eventRoutes(e *echo.Group) {
 	events.POST("/event/:id/upload",h.AddImage)
   events.DELETE("/event/acheivment/:id/delete",h.DeleteAcheivment)
 
-
 }

internal/services/auth.go

@@ -16,18 +16,14 @@ func NewAuthService() *AuthService {
 	return &AuthService{}
 }
 
-func (s *AuthService) CreateUser(name string, email string, password string, gender bool) error {
-	ctx := context.Background()
-	client := db.NewClient()
-	if err := client.Prisma.Connect(); err != nil {
-		return err
-	}
+func (s *AuthService) CreateUser(name string, email string, password string, gender bool) (*db.UserModel,error){
+  ctx := context.Background() 
 
 	encrypted_password, err := utils.Encrypt(password)
 	if err != nil {
-		return err
+		return nil,err
 	}
-	_, err = client.User.CreateOne(
+   result, err := prisma.Client.User.CreateOne(
 		db.User.Email.Set(email),
 		db.User.Name.Set(name),
 		db.User.Bio.Set(""),
@@ -37,9 +33,9 @@ func (s *AuthService) CreateUser(name string, email string, password string, gen
 		db.User.BgImg.Set("uploads/bgs/default.jpg"),
 	).Exec(ctx)
 	if err != nil {
-		return err
+		return nil,err
 	}
-	return nil
+	return result,nil
 
 }
 
@@ -85,3 +81,17 @@ func (s *AuthService) GetUserByEmail(email string) (*db.UserModel, error) {
 
 	return user, nil // User found
 }
+
+func (s *AuthService)ActivateUser(userID string) error {
+  ctx := context.Background()
+
+  _,err := prisma.Client.User.FindUnique(
+    db.User.ID.Equals(userID),
+    ).Update(
+    db.User.Active.Set(true),
+    ).Exec(ctx)
+  if err != nil {
+    return err
+  }
+  return nil
+}

pkg/mail/mail.go

@@ -0,0 +1,62 @@
+package mail
+
+import (
+	"crypto/rand"
+	"errors"
+	"fmt"
+	"io"
+	"net/smtp"
+	"time"
+
+	"github.com/lai0xn/squid-tech/config"
+	"github.com/lai0xn/squid-tech/pkg/redis"
+	r "github.com/redis/go-redis/v9"
+)
+
+var table = [...]byte{'1', '2', '3', '4', '5', '6', '7', '8', '9', '0'}
+
+type EmailVerifier struct {
+  client *r.Client
+}
+
+func NewVerifier()*EmailVerifier{
+  return &EmailVerifier{
+    client: redis.GetClient(),
+  }
+}
+
+func (v *EmailVerifier)GenerateOTP() string {
+    b := make([]byte, 6)
+    n, err := io.ReadAtLeast(rand.Reader, b, 6)
+    if n != 6 {
+        panic(err)
+    }
+    for i := 0; i < len(b); i++ {
+        b[i] = table[int(b[i])%len(table)]
+    }
+    return string(b)
+}
+
+
+func (v *EmailVerifier)SendVerfication(userID string,to []string)error{  
+  smtpHost := "smtp.gmail.com"
+	smtpPort := "587"
+  otp := v.GenerateOTP()
+  message := []byte(fmt.Sprintf("Verification code is %s",otp))
+  v.client.Set(redis.Ctx,"userOTP:"+userID,otp,time.Hour * 1)
+	auth := smtp.PlainAuth("", config.EMAIL, config.EMAIL_PASSWORD, smtpHost)
+
+	err := smtp.SendMail(smtpHost+":"+smtpPort, auth, config.EMAIL, to, message)
+	if err != nil {
+		return err
+	}
+  return nil
+}
+
+func (v *EmailVerifier)Verify(userID string,otp string)error{  
+  userOTP := v.client.Get(redis.Ctx,"userOTP:"+userID).Val()
+  if userOTP != otp{
+    return errors.New("verification failed")
+  }
+  return nil
+}

pkg/redis/redis.go

@@ -8,7 +8,7 @@ import (
 	"github.com/redis/go-redis/v9"
 )
 
-var ctx = context.Background()
+var Ctx = context.TODO()
 var client *redis.Client
 
 func Connect() {
@@ -19,7 +19,7 @@ func Connect() {
 
 	})
 
-	_, err := client.Ping(ctx).Result()
+	_, err := client.Ping(Ctx).Result()
 	if err != nil {
 		log.Fatalf("Could not connect to Redis: %v", err)
 	}

prisma/dev.db

@@ -14,6 +14,7 @@ model User {
   eventComments EventComment[]
   postsComments PostComment[]
   posts Post[]
+  active Boolean @default(false)
   badges Badge[]
   following Organization[]  @relation("orgfollowers",fields: [followingIds], references: [id])
   followingIds String[] @db.ObjectId