smtp + email confirmation (#285)

* add smtp configuration * add email confirm + reset templates * add email sender to testrig * flesh out the email sender interface * go fmt * golint * update from field with more clarity * tidy up the email formatting * fix tests * add email sender to processor * tidy client api processing a bit * further tidying in fromClientAPI * pin new account to user * send msg to processor on new account creation * generate confirm email uri * remove emailer from account processor again * add processCreateAccountFromClientAPI * move emailer accountprocessor => userprocessor * add email sender to user processor * SendConfirmEmail function * add noop email sender * use noop email sender in tests * only assemble message if callback is not nil * use noop email sender if no smtp host is defined * minify email html before sending * fix wrong email address * email confirm test * fmt * serve web hndler * add email confirm handler * init test log properly on testrig * log emails that *would* have been sent * go fmt ./... * unexport confirm email handler * updatedAt * test confirm email function * don't allow tokens older than 7 days * change error message a bit * add basic smtp docs * add a few more snippets * typo * add email sender to outbox tests * don't use dutch wikipedia link * don't minify email html
author: tobi <31960611+tsmethurst@users.noreply.github.com> 2021-10-31 15:46:23 +0100
committer: GitHub <noreply@github.com> 2021-10-31 15:46:23 +0100
commit: 2aaec827321ec711b98e13335899cf750f270105 (patch)
tree: bafa15a0c2a469adf97b2c437fdc31428516424e /internal/processing/user/emailconfirm_test.go
parent: regenerate swagger docs (#293) (diff)
download: gotosocial-2aaec827321ec711b98e13335899cf750f270105.tar.xz
1 files changed, 114 insertions, 0 deletions
diff --git a/internal/processing/user/emailconfirm_test.go b/internal/processing/user/emailconfirm_test.go
new file mode 100644
index 000000000..40d5956aa
--- /dev/null
+++ b/internal/processing/user/emailconfirm_test.go
@@ -0,0 +1,114 @@
+/*
+   GoToSocial
+   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package user_test
+
+import (
+	"context"
+	"fmt"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/suite"
+)
+
+type EmailConfirmTestSuite struct {
+	UserStandardTestSuite
+}
+
+func (suite *EmailConfirmTestSuite) TestSendConfirmEmail() {
+	user := suite.testUsers["local_account_1"]
+
+	// set a bunch of stuff on the user as though zork hasn't been confirmed (perish the thought)
+	user.UnconfirmedEmail = "some.email@example.org"
+	user.Email = ""
+	user.ConfirmedAt = time.Time{}
+	user.ConfirmationSentAt = time.Time{}
+	user.ConfirmationToken = ""
+
+	err := suite.user.SendConfirmEmail(context.Background(), user, "the_mighty_zork")
+	suite.NoError(err)
+
+	// zork should have an email now
+	suite.Len(suite.sentEmails, 1)
+	email, ok := suite.sentEmails["some.email@example.org"]
+	suite.True(ok)
+
+	// a token should be set on zork
+	token := user.ConfirmationToken
+	suite.NotEmpty(token)
+
+	// email should contain the token
+	emailShould := fmt.Sprintf("Subject: GoToSocial Email Confirmation\r\nFrom: GoToSocial <test@example.org>\r\nTo: some.email@example.org\r\nMIME-version: 1.0;\nContent-Type: text/html;\r\n<!DOCTYPE html>\n<html>\n    </head>\n    <body>\n        <div>\n            <h1>\n                Hello the_mighty_zork!\n            </h1>\n        </div>\n        <div>\n            <p>\n                You are receiving this mail because you've requested an account on <a href=\"http://localhost:8080\">localhost:8080</a>.\n            </p>\n            <p>\n                We just need to confirm that this is your email address. To confirm your email, <a href=\"http://localhost:8080/confirm_email?token=%s\">click here</a> or paste the following in your browser's address bar:\n            </p>\n            <p>\n                <code>\n                    http://localhost:8080/confirm_email?token=%s\n                </code>\n            </p>\n        </div>\n        <div>\n            <p>\n                If you believe you've been sent this email in error, feel free to ignore it, or contact the administrator of <a href=\"http://localhost:8080\">localhost:8080</a>.\n            </p>\n        </div>\n    </body>\n</html>\r\n", token, token)
+	suite.Equal(emailShould, email)
+
+	// confirmationSentAt should be recent
+	suite.WithinDuration(time.Now(), user.ConfirmationSentAt, 1*time.Minute)
+}
+
+func (suite *EmailConfirmTestSuite) TestConfirmEmail() {
+	ctx := context.Background()
+
+	user := suite.testUsers["local_account_1"]
+
+	// set a bunch of stuff on the user as though zork hasn't been confirmed yet, but has had an email sent 5 minutes ago
+	user.UnconfirmedEmail = "some.email@example.org"
+	user.Email = ""
+	user.ConfirmedAt = time.Time{}
+	user.ConfirmationSentAt = time.Now().Add(-5 * time.Minute)
+	user.ConfirmationToken = "1d1aa44b-afa4-49c8-ac4b-eceb61715cc6"
+
+	err := suite.db.UpdateByPrimaryKey(ctx, user)
+	suite.NoError(err)
+
+	// confirm with the token set above
+	updatedUser, errWithCode := suite.user.ConfirmEmail(ctx, "1d1aa44b-afa4-49c8-ac4b-eceb61715cc6")
+	suite.NoError(errWithCode)
+
+	// email should now be confirmed and token cleared
+	suite.Equal("some.email@example.org", updatedUser.Email)
+	suite.Empty(updatedUser.UnconfirmedEmail)
+	suite.Empty(updatedUser.ConfirmationToken)
+	suite.WithinDuration(updatedUser.ConfirmedAt, time.Now(), 1*time.Minute)
+	suite.WithinDuration(updatedUser.UpdatedAt, time.Now(), 1*time.Minute)
+}
+
+func (suite *EmailConfirmTestSuite) TestConfirmEmailOldToken() {
+	ctx := context.Background()
+
+	user := suite.testUsers["local_account_1"]
+
+	// set a bunch of stuff on the user as though zork hasn't been confirmed yet, but has had an email sent 8 days ago
+	user.UnconfirmedEmail = "some.email@example.org"
+	user.Email = ""
+	user.ConfirmedAt = time.Time{}
+	user.ConfirmationSentAt = time.Now().Add(-192 * time.Hour)
+	user.ConfirmationToken = "1d1aa44b-afa4-49c8-ac4b-eceb61715cc6"
+
+	err := suite.db.UpdateByPrimaryKey(ctx, user)
+	suite.NoError(err)
+
+	// confirm with the token set above
+	updatedUser, errWithCode := suite.user.ConfirmEmail(ctx, "1d1aa44b-afa4-49c8-ac4b-eceb61715cc6")
+	suite.Nil(updatedUser)
+	suite.EqualError(errWithCode, "ConfirmEmail: confirmation token expired")
+}
+
+func TestEmailConfirmTestSuite(t *testing.T) {
+	suite.Run(t, &EmailConfirmTestSuite{})
+}
author	tobi <31960611+tsmethurst@users.noreply.github.com>	2021-10-31 15:46:23 +0100
committer	GitHub <noreply@github.com>	2021-10-31 15:46:23 +0100
commit	2aaec827321ec711b98e13335899cf750f270105 (patch)
tree	bafa15a0c2a469adf97b2c437fdc31428516424e /internal/processing/user/emailconfirm_test.go
parent	regenerate swagger docs (#293) (diff)
download	gotosocial-2aaec827321ec711b98e13335899cf750f270105.tar.xz