From fa8217e27f43eaa23b8098dd7a9345e0316be0b5 Mon Sep 17 00:00:00 2001 From: Thomas Miceli <27960254+thomiceli@users.noreply.github.com> Date: Sun, 22 Sep 2024 23:21:43 +0200 Subject: [PATCH] Separate OAuth unlink URL (#336) --- internal/web/auth.go | 46 ++++++++++++++++++----------------- internal/web/server.go | 1 + templates/pages/settings.html | 8 +++--- 3 files changed, 29 insertions(+), 26 deletions(-) diff --git a/internal/web/auth.go b/internal/web/auth.go index 9a4f7b2..de3f477 100644 --- a/internal/web/auth.go +++ b/internal/web/auth.go @@ -342,28 +342,6 @@ func oauth(ctx echo.Context) error { goth.UseProviders(oidcProvider) } - currUser := getUserLogged(ctx) - if currUser != nil { - // Map each provider to a function that checks the relevant ID in currUser - providerIDCheckMap := map[string]func() bool{ - GitHubProvider: func() bool { return currUser.GithubID != "" }, - GitLabProvider: func() bool { return currUser.GitlabID != "" }, - GiteaProvider: func() bool { return currUser.GiteaID != "" }, - OpenIDConnect: func() bool { return currUser.OIDCID != "" }, - } - - // Check if the provider is valid and if the user has a linked ID - // Means that the user wants to unlink the account - if checkFunc, exists := providerIDCheckMap[provider]; exists && checkFunc() { - if err := currUser.DeleteProviderID(provider); err != nil { - return errorRes(500, "Cannot unlink account from "+cases.Title(language.English).String(provider), err) - } - - addFlash(ctx, tr(ctx, "flash.auth.account-unlinked-oauth", cases.Title(language.English).String(provider)), "success") - return redirect(ctx, "/settings") - } - } - ctxValue := context.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, provider) ctx.SetRequest(ctx.Request().WithContext(ctxValue)) if provider != GitHubProvider && provider != GitLabProvider && provider != GiteaProvider && provider != OpenIDConnect { @@ -374,6 +352,30 @@ func oauth(ctx echo.Context) error { return nil } +func oauthUnlink(ctx echo.Context) error { + provider := ctx.Param("provider") + + currUser := getUserLogged(ctx) + // Map each provider to a function that checks the relevant ID in currUser + providerIDCheckMap := map[string]func() bool{ + GitHubProvider: func() bool { return currUser.GithubID != "" }, + GitLabProvider: func() bool { return currUser.GitlabID != "" }, + GiteaProvider: func() bool { return currUser.GiteaID != "" }, + OpenIDConnect: func() bool { return currUser.OIDCID != "" }, + } + + if checkFunc, exists := providerIDCheckMap[provider]; exists && checkFunc() { + if err := currUser.DeleteProviderID(provider); err != nil { + return errorRes(500, "Cannot unlink account from "+cases.Title(language.English).String(provider), err) + } + + addFlash(ctx, tr(ctx, "flash.auth.account-unlinked-oauth", cases.Title(language.English).String(provider)), "success") + return redirect(ctx, "/settings") + } + + return redirect(ctx, "/settings") +} + func logout(ctx echo.Context) error { deleteSession(ctx) deleteCsrfCookie(ctx) diff --git a/internal/web/server.go b/internal/web/server.go index 91488bc..a98929a 100644 --- a/internal/web/server.go +++ b/internal/web/server.go @@ -260,6 +260,7 @@ func NewServer(isDev bool, sessionsPath string) *Server { g1.GET("/logout", logout) g1.GET("/oauth/:provider", oauth) g1.GET("/oauth/:provider/callback", oauthCallback) + g1.GET("/oauth/:provider/unlink", oauthUnlink, logged) g1.GET("/settings", userSettings, logged) g1.POST("/settings/email", emailProcess, logged) diff --git a/templates/pages/settings.html b/templates/pages/settings.html index 45b4078..02c43e9 100644 --- a/templates/pages/settings.html +++ b/templates/pages/settings.html @@ -96,7 +96,7 @@ {{ if .githubOauth }} {{ if .userLogged.GithubID }} - {{ .locale.Tr "settings.unlink-github-account" }} @@ -109,7 +109,7 @@ {{ if .gitlabOauth }} {{ if .userLogged.GitlabID }} - {{ .locale.Tr "settings.unlink-gitlab-account" }} @@ -122,7 +122,7 @@ {{ if .giteaOauth }} {{ if .userLogged.GiteaID }} - {{ .locale.Tr "settings.unlink-gitea-account" }} @@ -134,7 +134,7 @@ {{ end }} {{ if .oidcOauth }} {{ if .userLogged.OIDCID }} - Unlink OpenID account