[feature] add authorization to the already-existing authentication (#365)

* add ensureUserIsAuthorizedOrRedirect to /oauth/authorize

* adding authorization (email confirm, account approve, etc) to TokenCheck

* revert un-needed changes to signin.go

* oops what happened here

* error css

* add account.SuspendedAt check

* remove redundant checks from oauth util Authed function

* wip tests

* tests passing

* stop stripping useful information from ErrAlreadyExists

* that feeling of scraping the dryer LINT off the screen

* oops I didn't mean to get rid of this NewTestRouter function

* make tests work with recorder

* re-add ConfigureTemplatesWithGin to handle template path err

Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>

1 files changed, 13 insertions, 0 deletions

diff --git a/internal/api/client/auth/auth.go b/internal/api/client/auth/auth.go
index 67643244b..717d997a3 100644
--- a/internal/api/client/auth/auth.go
+++ b/internal/api/client/auth/auth.go
@@ -32,10 +32,23 @@ import (
 const (
 	// AuthSignInPath is the API path for users to sign in through
 	AuthSignInPath = "/auth/sign_in"
+
+	// CheckYourEmailPath users land here after registering a new account, instructs them to confirm thier email
+	CheckYourEmailPath = "/check_your_email"
+
+	// WaitForApprovalPath users land here after confirming thier email but before an admin approves thier account
+	// (if such is required)
+	WaitForApprovalPath = "/wait_for_approval"
+
+	// AccountDisabledPath users land here when thier account is suspended by an admin
+	AccountDisabledPath = "/account_disabled"
+
 	// OauthTokenPath is the API path to use for granting token requests to users with valid credentials
 	OauthTokenPath = "/oauth/token"
+
 	// OauthAuthorizePath is the API path for authorization requests (eg., authorize this app to act on my behalf as a user)
 	OauthAuthorizePath = "/oauth/authorize"
+
 	// CallbackPath is the API path for receiving callback tokens from external OIDC providers
 	CallbackPath = oidc.CallbackPath