package recovery import ( "codeword/internal/models" "codeword/internal/services" "encoding/base64" "github.com/gofiber/fiber/v2" "go.uber.org/zap" "time" ) type RecoveryController struct { logger *zap.Logger service *services.RecoveryService defaultURL string } func NewRecoveryController(logger *zap.Logger, service *services.RecoveryService, defaultRedirectionURL string) *RecoveryController { return &RecoveryController{ logger: logger, service: service, defaultURL: defaultRedirectionURL, } } func (r *RecoveryController) HandlePingDB(c *fiber.Ctx) error { return r.service.Ping(c.Context()) } // HandleRecoveryRequest обрабатывает запрос на восстановление пароля func (r *RecoveryController) HandleRecoveryRequest(c *fiber.Ctx) error { email := c.FormValue("email") referralURL := c.Get("Referrer") redirectionURL := c.FormValue("RedirectionURL") if redirectionURL == "" && referralURL != "" { redirectionURL = referralURL } else if redirectionURL == "" { redirectionURL = r.defaultURL } user, err := r.service.FindUserByEmail(c.Context(), email) if err != nil || user == nil { r.logger.Error("Failed to find user by email", zap.Error(err)) return c.Status(fiber.StatusNotFound).JSON(fiber.Map{"error": "User not found"}) } key, err := r.service.GenerateKey() if err != nil { r.logger.Error("Failed to generate key", zap.Error(err)) return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Internal Server Error"}) } signUrl := redirectionURL sign := base64.URLEncoding.EncodeToString(key) id, err := r.service.StoreRecoveryRecord(c.Context(), models.StoreRecDeps{ UserID: user.ID.Hex(), Email: user.Email, Key: sign, Url: signUrl, }) if err != nil { r.logger.Error("Failed to store recovery record", zap.Error(err)) return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Internal Server Error"}) } signWithID := sign + id // подпись с id записи err = r.service.RecoveryEmailTask(c.Context(), models.RecEmailDeps{UserID: user.ID.Hex(), Email: email, SignWithID: signWithID, ID: id}) if err != nil { r.logger.Error("Failed to send recovery email", zap.Error(err)) return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Internal Server Error"}) } return c.Status(fiber.StatusOK).JSON(fiber.Map{"sent": email}) } // todo тут скорее всего помимо подписи будет передаваться еще что-то, например email пользователя от фронта для поиска в бд // HandleRecoveryLink обрабатывает ссылку восстановления и обменивает ее на токены func (r *RecoveryController) HandleRecoveryLink(c *fiber.Ctx) error { key := c.Params("sign") record, err := r.service.GetRecoveryRecord(c.Context(), key) if err != nil { r.logger.Error("Recovery link expired", zap.String("signature", key)) return c.Redirect("https://shub.pena.digital/recover/expired") } if time.Since(record.CreatedAt) > 15*time.Minute { r.logger.Error("Recovery link expired", zap.String("signature", key)) return c.Redirect(record.SignUrl+"/expired") } tokens, err := r.service.ExchangeForTokens(record.UserID, record.Sign) if err != nil { r.logger.Error("Failed to exchange recovery link for tokens", zap.Error(err)) return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Internal Server Error"}) } c.Cookie(&fiber.Cookie{ Name: "refreshToken", Value: tokens["refreshToken"], Domain: ".pena.digital", Expires: time.Now().Add(30 * 24 * time.Hour), Secure: true, HTTPOnly: true, }) return c.Redirect(record.SignUrl+"?auth="+tokens["accessToken"]) }