move validation to account.go

2024-05-31 22:58:32 +00:00 · 2021-03-27 18:02:53 +01:00 · 2021-03-27 18:02:53 +01:00 · 75b8b272ee
parent 03e0acb55b
commit 75b8b272ee
3 changed files with 50 additions and 108 deletions
--- a/internal/module/account/account.go
+++ b/internal/module/account/account.go
@ -19,6 +19,7 @@
 package account

 import (
+	"errors"
 	"fmt"
 	"net"
 	"net/http"
@ -31,6 +32,7 @@ import (
 	"github.com/superseriousbusiness/gotosocial/internal/module"
 	"github.com/superseriousbusiness/gotosocial/internal/oauth"
 	"github.com/superseriousbusiness/gotosocial/internal/router"
+	"github.com/superseriousbusiness/gotosocial/internal/util"
 	"github.com/superseriousbusiness/gotosocial/pkg/mastotypes"
 	"github.com/superseriousbusiness/oauth2/v4"
 )
@ -70,7 +72,7 @@ func (m *accountModule) Route(r router.Router) error {
 // It should be served as a POST at /api/v1/accounts
 func (m *accountModule) accountCreatePOSTHandler(c *gin.Context) {
 	l := m.log.WithField("func", "accountCreatePOSTHandler")
-	authed, err := oauth.MustAuthed(c, true, true, false, false)
+	authed, err := oauth.MustAuth(c, true, true, false, false)
 	if err != nil {
 		l.Debugf("couldn't auth: %s", err)
 		c.JSON(http.StatusForbidden, gin.H{"error": err.Error()})
@ -79,9 +81,9 @@ func (m *accountModule) accountCreatePOSTHandler(c *gin.Context) {

 	l.Trace("parsing request form")
 	form := &mastotypes.AccountCreateRequest{}
-	if err := c.ShouldBind(form); err != nil {
+	if err := c.ShouldBind(form); err != nil || form == nil {
 		l.Debugf("could not parse form from request: %s", err)
-		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		c.JSON(http.StatusBadRequest, gin.H{"error": "missing one or more required form values"})
 		return
 	}

@ -116,25 +118,10 @@ func (m *accountModule) accountCreatePOSTHandler(c *gin.Context) {
 // It should be served as a GET at /api/v1/accounts/verify_credentials
 func (m *accountModule) accountVerifyGETHandler(c *gin.Context) {
 	l := m.log.WithField("func", "AccountVerifyGETHandler")
+	authed, err := oauth.MustAuth(c, true, false, false, true)

-	l.Trace("getting account details from session")
-	i, ok := c.Get(oauth.SessionAuthorizedAccount)
-	if !ok {
-		l.Trace("no account in session, returning error to client")
-		c.JSON(http.StatusUnauthorized, gin.H{"error": "The access token is invalid"})
-		return
-	}
-
-	l.Trace("attempting to convert account interface into account struct...")
-	acct, ok := i.(*model.Account)
-	if !ok {
-		l.Tracef("could not convert %+v into account struct, returning error to client", i)
-		c.JSON(http.StatusUnauthorized, gin.H{"error": "The access token is invalid"})
-		return
-	}
-
-	l.Tracef("retrieved account %+v, converting to mastosensitive...", acct)
-	acctSensitive, err := m.db.AccountToMastoSensitive(acct)
+	l.Tracef("retrieved account %+v, converting to mastosensitive...", authed.Account)
+	acctSensitive, err := m.db.AccountToMastoSensitive(authed.Account)
 	if err != nil {
 		l.Tracef("could not convert account into mastosensitive account: %s", err)
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
@ -180,3 +167,45 @@ func (m *accountModule) accountCreate(form *mastotypes.AccountCreateRequest, sig
 		CreatedAt:   ti.GetCodeCreateAt().Unix(),
 	}, nil
 }
+
+// validateCreateAccount checks through all the necessary prerequisites for creating a new account,
+// according to the provided account create request. If the account isn't eligible, an error will be returned.
+func validateCreateAccount(form *mastotypes.AccountCreateRequest, c *config.AccountsConfig, database db.DB) error {
+	if !c.OpenRegistration {
+		return errors.New("registration is not open for this server")
+	}
+
+	if err := util.ValidateSignUpUsername(form.Username); err != nil {
+		return err
+	}
+
+	if err := util.ValidateEmail(form.Email); err != nil {
+		return err
+	}
+
+	if err := util.ValidateSignUpPassword(form.Password); err != nil {
+		return err
+	}
+
+	if !form.Agreement {
+		return errors.New("agreement to terms and conditions not given")
+	}
+
+	if err := util.ValidateLanguage(form.Locale); err != nil {
+		return err
+	}
+
+	if err := util.ValidateSignUpReason(form.Reason, c.ReasonRequired); err != nil {
+		return err
+	}
+
+	if err := database.IsEmailAvailable(form.Email); err != nil {
+		return err
+	}
+
+	if err := database.IsUsernameAvailable(form.Username); err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/internal/module/account/validation.go
+++ b/internal/module/account/validation.go
@ -1,68 +0,0 @@
-/*
-   GoToSocial
-   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
-
-   This program is free software: you can redistribute it and/or modify
-   it under the terms of the GNU Affero General Public License as published by
-   the Free Software Foundation, either version 3 of the License, or
-   (at your option) any later version.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU Affero General Public License for more details.
-
-   You should have received a copy of the GNU Affero General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-package account
-
-import (
-	"errors"
-
-	"github.com/superseriousbusiness/gotosocial/internal/config"
-	"github.com/superseriousbusiness/gotosocial/internal/db"
-	"github.com/superseriousbusiness/gotosocial/internal/util"
-	"github.com/superseriousbusiness/gotosocial/pkg/mastotypes"
-)
-
-func validateCreateAccount(form *mastotypes.AccountCreateRequest, c *config.AccountsConfig, database db.DB) error {
-	if !c.OpenRegistration {
-		return errors.New("registration is not open for this server")
-	}
-
-	if err := util.ValidateSignUpUsername(form.Username); err != nil {
-		return err
-	}
-
-	if err := util.ValidateEmail(form.Email); err != nil {
-		return err
-	}
-
-	if err := util.ValidateSignUpPassword(form.Password); err != nil {
-		return err
-	}
-
-	if !form.Agreement {
-		return errors.New("agreement to terms and conditions not given")
-	}
-
-	if err := util.ValidateLanguage(form.Locale); err != nil {
-		return err
-	}
-
-	if err := util.ValidateSignUpReason(form.Reason, c.ReasonRequired); err != nil {
-		return err
-	}
-
-	if err := database.IsEmailAvailable(form.Email); err != nil {
-		return err
-	}
-
-	if err := database.IsUsernameAvailable(form.Username); err != nil {
-		return err
-	}
-
-	return nil
-}
--- a/internal/module/account/validation_test.go
+++ b/internal/module/account/validation_test.go
@ -1,19 +0,0 @@
-/*
-   GoToSocial
-   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
-
-   This program is free software: you can redistribute it and/or modify
-   it under the terms of the GNU Affero General Public License as published by
-   the Free Software Foundation, either version 3 of the License, or
-   (at your option) any later version.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU Affero General Public License for more details.
-
-   You should have received a copy of the GNU Affero General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-package account