nvirellia/nixcn-cms
1
0
Fork 0
forked from nixcn/nixcn-cms
Code Pull Requests Activity
Files
9c7cfb3da6ca4f789006f57cc17c4cc1c3324e02
nixcn-cms/service/auth/magic.go
Asai Neko 9c7cfb3da6 Fix caddy api proxy 
Signed-off-by: Asai Neko <sugar@sne.moe>
2025-12-25 13:14:30 +08:00

90 lines
2.0 KiB
Go
Raw Blame History

package auth
import (
"net/http"
"nixcn-cms/data"
"nixcn-cms/internal/crypto/jwt"
"nixcn-cms/pkgs/email"
"nixcn-cms/pkgs/magiclink"
"nixcn-cms/pkgs/turnstile"
log "github.com/sirupsen/logrus"
"github.com/gin-gonic/gin"
"github.com/spf13/viper"
)
type MagicLinkRequest struct {
Email string `json:"email" binding:"required,email"`
TurnstileToken string `json:"turnstile_token" binding:"required"`
}
func RequestMagicLink(c *gin.Context) {
// Parse request
var req MagicLinkRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(400, gin.H{"error": "invalid request"})
return
}
// Cloudflare turnstile
ok, err := turnstile.VerifyTurnstile(req.TurnstileToken, c.ClientIP())
if err != nil || !ok {
c.JSON(403, gin.H{"error": "turnstile failed"})
return
}
// Generate magic token
token, err := magiclink.NewMagicToken(req.Email)
if err != nil {
c.JSON(500, gin.H{"error": "internal error"})
return
}
link := viper.GetString("server.external_url") + "/login?ticket=" + token
// Send email using resend
resend, err := email.NewResendClient()
if err != nil {
log.Error(err)
c.JSON(500, gin.H{"status": "invilad email config"})
return
}
resend.Send(
req.Email,
"NixCN CMS Email Verify",
"<p>Click the link below to verify your email. This link will expire in 10 minutes.</p><a href="+link+">"+link+"</a>",
)
c.JSON(200, gin.H{"status": "magic link sent"})
}
func VerifyMagicLink(c *gin.Context) {
// Get token from url
token := c.Query("token")
if token == "" {
c.JSON(400, gin.H{"error": "missing token"})
return
}
// Verify email token
email, ok := magiclink.VerifyMagicToken(token)
if !ok {
c.JSON(401, gin.H{"error": "invalid or expired token"})
return
}
// Generate jwt
userInfo := new(data.User)
err := userInfo.GetByEmail(email)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{"status": "user not found"})
}
jwtToken, _ := jwt.GenerateToken(userInfo.UserId, "application")
c.JSON(200, gin.H{
"jwt_token": jwtToken,
"email": email,
})
}
View Git Blame Copy Permalink