add email confirm handler

2025-12-31 06:36:14 -06:00 · 2021-10-18 14:44:12 +02:00 · 2021-10-18 14:44:12 +02:00 · 652b41d1ce
commit 652b41d1ce
parent d1c271fc8e
6 changed files with 90 additions and 1 deletions
--- a/internal/processing/user/emailconfirm.go
+++ b/internal/processing/user/emailconfirm.go
@ -20,12 +20,14 @@ package user

 import (
 	"context"
+	"errors"
 	"fmt"
 	"time"

 	"github.com/google/uuid"
 	"github.com/superseriousbusiness/gotosocial/internal/db"
 	"github.com/superseriousbusiness/gotosocial/internal/email"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
 	"github.com/superseriousbusiness/gotosocial/internal/util"
 )
@ -76,3 +78,46 @@ func (p *processor) SendConfirmEmail(ctx context.Context, user *gtsmodel.User, u

 	return nil
 }
+
+func (p *processor) ConfirmEmail(ctx context.Context, token string) (*gtsmodel.User, gtserror.WithCode) {
+	if token == "" {
+		return nil, gtserror.NewErrorNotFound(errors.New("no token provided"))
+	}
+
+	user := &gtsmodel.User{}
+	if err := p.db.GetWhere(ctx, []db.Where{{Key: "confirmation_token", Value: token}}, user); err != nil {
+		if err == db.ErrNoEntries {
+			return nil, gtserror.NewErrorNotFound(err)
+		}
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	if user.Account == nil {
+		a, err := p.db.GetAccountByID(ctx, user.AccountID)
+		if err != nil {
+			return nil, gtserror.NewErrorNotFound(err)
+		}
+		user.Account = a
+	}
+
+	if !user.Account.SuspendedAt.IsZero() {
+		return nil, gtserror.NewErrorForbidden(fmt.Errorf("ConfirmEmail: account %s is suspended", user.AccountID))
+	}
+
+	if user.UnconfirmedEmail == "" || user.UnconfirmedEmail == user.Email {
+		// no pending email confirmations so just return OK
+		return user, nil
+	}
+
+	// mark the user's email address as confirmed + remove the unconfirmed address and the token
+	user.Email = user.UnconfirmedEmail
+	user.UnconfirmedEmail = ""
+	user.ConfirmedAt = time.Now()
+	user.ConfirmationToken = ""
+
+	if err := p.db.UpdateByPrimaryKey(ctx, user); err != nil {
+		return nil, gtserror.NewErrorInternalError(err)
+	}
+
+	return user, nil
+}
--- a/internal/processing/user/user.go
+++ b/internal/processing/user/user.go
@ -33,7 +33,10 @@ type Processor interface {
 	// ChangePassword changes the specified user's password from old => new,
 	// or returns an error if the new password is too weak, or the old password is incorrect.
 	ChangePassword(ctx context.Context, user *gtsmodel.User, oldPassword string, newPassword string) gtserror.WithCode
+	// SendConfirmEmail sends a 'confirm-your-email-address' type email to a user.
 	SendConfirmEmail(ctx context.Context, user *gtsmodel.User, username string) error
+	// ConfirmEmail confirms an email address using the given token.
+	ConfirmEmail(ctx context.Context, token string) (*gtsmodel.User, gtserror.WithCode)
 }

 type processor struct {