complete final part of reset flow

metakgp · Jan 4, 2018 · e01dcea · e01dcea
1 parent 64fc62a
commit e01dcea
Show file tree

Hide file tree

Showing 7 changed files with 118 additions and 3 deletions.
diff --git a/constants.go b/constants.go
@@ -11,6 +11,7 @@ const PATH_BEGIN_RESET_PAGE = "templates/begin_reset.tmpl.html"
 const PATH_BEGIN_AUTH_UNSUCCESSFUL_PAGE = "templates/begin_auth_unsuccessful.tmpl.html"
 const PATH_STEP1_COMPLETE_PAGE = "templates/step1_complete.tmpl.html"
 const PATH_STEP2_COMPLETE_PAGE = "templates/step2_complete.tmpl.html"
+const PATH_RESET_COMPLETE_PAGE = "templates/reset_complete.tmpl.html"
 
 const EMAIL_SUBJECT_STEP2 = "Leprechaun Authentication, Step 2 - Email Verification"
 const EMAIL_SUBJECT_RESET = "Leprechaun Reset - Verification"
diff --git a/handlers.go b/handlers.go
@@ -93,6 +93,8 @@ func getSecurityQuestions(roll string) []string {
 }
 
 func VerifyStep1(w http.ResponseWriter, r *http.Request) {
+    w.Header().Set("Content-Type", "text/html; charset=utf-8")
+
     vars := mux.Vars(r)
     linkSuf := vars["token"]
 
@@ -134,6 +136,8 @@ func VerifyStep1(w http.ResponseWriter, r *http.Request) {
 }
 
 func VerifyStep2(w http.ResponseWriter, r *http.Request) {
+    w.Header().Set("Content-Type", "text/html; charset=utf-8")
+
     vars := mux.Vars(r)
     emailTok := vars["token"]
     c := GlobalDBSession.DB(os.Getenv("DB_NAME")).C("people")
@@ -152,6 +156,7 @@ func VerifyStep2(w http.ResponseWriter, r *http.Request) {
 
 func ResetIndex(w http.ResponseWriter, r *http.Request) {
     w.Header().Set("Content-Type", "text/html; charset=utf-8")
+
     b, err := ioutil.ReadFile(PATH_RESET_INDEX_PAGE)
     if err != nil {
         fmt.Fprintln(w, "Could not read HTML file from disk. Error: ", err)
@@ -163,6 +168,8 @@ func ResetIndex(w http.ResponseWriter, r *http.Request) {
 }
 
 func BeginReset(w http.ResponseWriter, r *http.Request) {
+    w.Header().Set("Content-Type", "text/html; charset=utf-8")
+
     vars := mux.Vars(r)
     key := vars["key"]
     r.ParseForm()
@@ -191,10 +198,42 @@ func BeginReset(w http.ResponseWriter, r *http.Request) {
     SendVerificationEmail(result.Email, EMAIL_SUBJECT_RESET, "verify-reset/" + emailTok)
 
     fmt.Fprintf(w, "%s", buildResetPage(redactEmail(result.Email)))
-
 }
 
 func VerifyReset(w http.ResponseWriter, r *http.Request) {
+    w.Header().Set("Content-Type", "text/html; charset=utf-8")
+
     vars := mux.Vars(r)
-    fmt.Fprintf(w, "%s", vars["token"])
+    token := vars["token"]
+
+    resets := GlobalDBSession.DB(os.Getenv("DB_NAME")).C("resetrequests")
+
+    var result ResetRequest
+    err := resets.Find(bson.M{"token": token}).One(&result)
+    if err != nil {
+        fmt.Fprintf(w, "That token doesn't exist in our DB! Check your email once again and ensure you copied the right link")
+        return
+    }
+
+    // Reset is successful!
+    // Delete all resets related to this roll number, email ID.
+    // Delete all people related to this roll number and email ID (both
+    // completely authenticated and otherwise)
+
+    filter := bson.M{"$or": []bson.M{ bson.M{ "email": result.Email }, bson.M{"roll": result.Roll }, }}
+
+    people := GlobalDBSession.DB(os.Getenv("DB_NAME")).C("people")
+
+    peopleInfo, err1 := people.RemoveAll(filter)
+    resetInfo, err2 := resets.RemoveAll(filter)
+
+    if err1 != nil || err2 != nil {
+        fmt.Fprintf(w, "OOPS! There was an error while writing to the DB. People Error: %v; Resets Error: %v", err1, err2)
+        return;
+    }
+
+    log.Printf("DELETE People deleted: %v", peopleInfo)
+    log.Printf("DELETE Reset requests deleted: %v", resetInfo)
+
+    fmt.Fprintf(w, "%s", buildResetCompletePage(result.Roll, result.Email))
 }
diff --git a/helpers.go b/helpers.go
@@ -104,6 +104,20 @@ func buildResetPage(email string) string {
     return templated_res.String()
 }
 
+func buildResetCompletePage(roll string, email string) string {
+    res := struct{
+        Roll string
+        Email string
+    }{
+        roll, email,
+    }
+
+    new_temp, _ := template.ParseFiles(PATH_RESET_COMPLETE_PAGE)
+    var templated_res bytes.Buffer
+    new_temp.Execute(&templated_res, res)
+    return templated_res.String()
+}
+
 func getSha256Sum(base string) string {
     h := sha256.New()
     h.Write([]byte(base))

diff --git a/person.go b/person.go
@@ -57,6 +57,7 @@ func GetPerson(roll string, email string) Person {
     }
 }
 
+// ENHANCE: Make the link clickable using HTML content with appropriate markup
 func SendVerificationEmail(email string, subject string, suffix string) {
 	from := mail.NewEmail(os.Getenv("FROM_NAME"), os.Getenv("FROM_EMAIL"))
 

diff --git a/public/cezanne.jpg b/public/cezanne.jpg
diff --git a/routes.go b/routes.go
@@ -51,7 +51,7 @@ var routes = Routes{
     Route{
         "ResetVerification",
         "GET",
-        "/verify-reset/{verif_token}",
+        "/verify-reset/{token}",
         VerifyReset,
     },
 }
diff --git a/templates/reset_complete.tmpl.html b/templates/reset_complete.tmpl.html
@@ -0,0 +1,60 @@
+<!doctype html>
+<html lang="en">
+    <head>
+        <title>Leprechaun - KGP ERP Authentication Service</title>
+        <!-- Required meta tags -->
+        <meta charset="utf-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+
+        <!-- Bootstrap CSS -->
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css" integrity="sha384-PsH8R72JQ3SOdhVi3uxftmaW6Vc51MKb0q5P2rRUpPvrszuE4W1povHYgTpBfshb" crossorigin="anonymous">
+    </head>
+    <body style="margin:40px;">
+
+        <div class="container">
+            <header class="header clearfix">
+                <nav>
+                    <ul class="nav nav-pills float-right">
+                        <li class="nav-item">
+                            <a class="nav-link active" href="/">Home</a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link"
+                                href="https://github.com/metakgp"
+                                target="_blank">Github</a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link" href="https://metakgp.github.io" target="_blank">About</a>
+                        </li>
+                    </ul>
+                </nav>
+                <h3>Leprechaun</h3>
+            </header>
+
+            <main role="main">
+
+            <div class="jumbotron">
+                <h1 class="display-3">
+                    Reset Completed!
+                </h1>
+                <h3>
+                    All records associated with either {{.Roll}} or {{.Email}}
+                    have been removed!
+                </h3>
+                <h3>
+                    You have a clean slate now! Visit the 
+                    <a href="/">Home Page</a> to start over!
+                </h3>
+            </div>
+
+            <img class="text-center" src="/static/cezanne.jpg" width="640">
+
+            </main>
+
+            <footer class="footer">
+                <hr>
+                <p>Leprechaun - Metakgp 2017</p>
+            </footer>
+
+    </body>
+</html>
-Original file line number
+Diff line change
@@ Expand Up / @@ -57,6 +57,7 @@ func GetPerson(roll string, email string) Person { @@
         }
     }
+    // ENHANCE: Make the link clickable using HTML content with appropriate markup
     func SendVerificationEmail(email string, subject string, suffix string) {
     	from := mail.NewEmail(os.Getenv("FROM_NAME"), os.Getenv("FROM_EMAIL"))
@@ Expand Down @@