Add user email verification when registering (#5)

models/error.go

@@ -174,6 +174,29 @@ func IsErrInvalidPasswordResetToken(err error) bool {
 	return ok
 }
 
+// ErrInvalidEmailConfirmToken is an error where the email confirm token is invalid
+type ErrInvalidEmailConfirmToken struct {
+	Token string
+}
+
+func (err ErrInvalidEmailConfirmToken) Error() string {
+	return fmt.Sprintf("Invalid email confirm token [Token: %s]", err.Token)
+}
+
+// ErrCodeInvalidEmailConfirmToken holds the unique world-error code of this error
+const ErrCodeInvalidEmailConfirmToken = 1010
+
+// HTTPError holds the http error description
+func (err ErrInvalidEmailConfirmToken) HTTPError() HTTPError {
+	return HTTPError{HTTPCode: http.StatusPreconditionFailed, Code: ErrCodeInvalidEmailConfirmToken, Message: "Invalid email confirm token."}
+}
+
+// IsErrInvalidEmailConfirmToken checks if an error is a ErrInvalidEmailConfirmToken.
+func IsErrInvalidEmailConfirmToken(err error) bool {
+	_, ok := err.(ErrInvalidEmailConfirmToken)
+	return ok
+}
+
 // ===================
 // Empty things errors
 // ===================

models/user.go

@@ -18,8 +18,10 @@ type User struct {
 	Username string `xorm:"varchar(250) not null unique" json:"username"`
 	Password string `xorm:"varchar(250) not null" json:"-"`
 	Email    string `xorm:"varchar(250)" json:"email"`
+	IsActive bool   `json:"-"`
 
 	PasswordResetToken string `xorm:"varchar(450)" json:"-"`
+	EmailConfirmToken  string `xorm:"varchar(450)" json:"-"`
 
 	Created int64 `xorm:"created" json:"-"`
 	Updated int64 `xorm:"updated" json:"-"`

models/user_add_update.go

@@ -1,6 +1,8 @@
 package models
 
 import (
+	"code.vikunja.io/api/models/mail"
+	"code.vikunja.io/api/models/utils"
 	"golang.org/x/crypto/bcrypt"
 )
 
@@ -48,6 +50,12 @@ func CreateUser(user User) (newUser User, err error) {
 		return User{}, err
 	}
 
+	// Generate a confirm token
+	newUser.EmailConfirmToken = utils.MakeRandomString(400)
+
+	// The new user should not be activated until it confirms his mail address
+	newUser.IsActive = false
+
 	// Insert it
 	_, err = x.Insert(newUser)
 	if err != nil {
@@ -67,6 +75,13 @@ func CreateUser(user User) (newUser User, err error) {
 		return User{}, err
 	}
 
+	// Send the user a mail with a link to confirm the mail
+	data := map[string]interface{}{
+		"User": newUserOut,
+	}
+
+	mail.SendMailWithTemplate(user.Email, newUserOut.Username+" + Vikunja = <3", "confirm-email", data)
+
 	return newUserOut, err
 }
 

models/user_email_confirm.go

@@ -0,0 +1,25 @@
+package models
+
+// EmailConfirm holds the token to confirm a mail address
+type EmailConfirm struct {
+	Token string `json:"token"`
+}
+
+// UserEmailConfirm handles the confirmation of an email address
+func UserEmailConfirm(c *EmailConfirm) (err error) {
+
+	user := User{}
+	has, err := x.Where("email_confirm_token = ?", c.Token).Get(&user)
+	if err != nil {
+		return
+	}
+
+	if !has {
+		return ErrInvalidEmailConfirmToken{Token: c.Token}
+	}
+
+	user.IsActive = true
+	user.EmailConfirmToken = ""
+	_, err = x.Where("id = ?", user.ID).Cols("is_active", "email_confirm_token").Update(&user)
+	return
+}