nixcn-cms/service/auth/magic.go

package auth

import (
	"net/url"
	"nixcn-cms/pkgs/authcode"
	"nixcn-cms/pkgs/email"
	"nixcn-cms/pkgs/turnstile"
	"nixcn-cms/utils"

	"github.com/gin-gonic/gin"
	"github.com/spf13/viper"
)

type MagicRequest struct {
	ClientId       string `json:"client_id"`
	RedirectUri    string `json:"redirect_uri"`
	State          string `json:"state"`
	Email          string `json:"email"`
	TurnstileToken string `json:"turnstile_token"`
}

func Magic(c *gin.Context) {
	// Parse request
	var req MagicRequest
	if err := c.ShouldBindJSON(&req); err != nil {
		utils.HttpResponse(c, 400, "", "invalid request")
		return
	}

	// Cloudflare turnstile
	ok, err := turnstile.VerifyTurnstile(req.TurnstileToken, c.ClientIP())
	if err != nil || !ok {
		utils.HttpResponse(c, 403, "", "turnstile failed")
		return
	}

	code, err := authcode.NewAuthCode(req.ClientId, req.Email)
	if err != nil {
		utils.HttpResponse(c, 500, "", "code gen failed")
		return
	}

	externalUrl := viper.GetString("server.external_url")
	url, err := url.Parse(externalUrl)
	if err != nil {
		utils.HttpResponse(c, 500, "", "invalid external url")
		return
	}

	url.Path = "/api/v1/auth/redirect"
	query := url.Query()
	query.Set("code", code)
	query.Set("redirect_uri", req.RedirectUri)
	query.Set("state", req.State)
	query.Set("client_id", req.ClientId)
	url.RawQuery = query.Encode()

	debugMode := viper.GetBool("server.debug_mode")
	if debugMode {
		uriData := struct {
			Uri string `json:"uri"`
		}{url.String()}

		utils.HttpResponse(c, 200, "", "magiclink sent", uriData)
		return
	} else {
		// Send email using resend
		emailClient, err := email.NewSMTPClient()
		if err != nil {
			utils.HttpResponse(c, 500, "", "invalid email config")
			return
		}
		emailClient.Send(
			req.Email,
			"NixCN CMS Email Verify",
			"<p>Click the link below to verify your email. This link will expire in 10 minutes.</p><a href="+url.String()+">"+url.String()+"</a>",
		)
	}

	utils.HttpResponse(c, 200, "", "magic link sent")
}