Add token repositorie

controllers/cartItemController.go

@@ -1,8 +1,6 @@
 package controllers
 
 import (
-	"crypto/rand"
-	"encoding/hex"
 	"errors"
 	"fmt"
 	"net/http"
@@ -15,6 +13,7 @@ import (
 	"git.dynamicdiscord.de/kalipso/zineshop/models"
 	//"git.dynamicdiscord.de/kalipso/zineshop/services"
 	"git.dynamicdiscord.de/kalipso/zineshop/repositories"
+	"git.dynamicdiscord.de/kalipso/zineshop/utils"
 )
 
 type CartItemController interface {
@@ -53,15 +52,6 @@ func getSetCookieValue(c *gin.Context, cookieName string) string {
 	return "" // Return empty string if cookie is not found
 }
 
-func generateSessionId(length int) string {
-	bytes := make([]byte, length) // 16 bytes = 128 bits
-	_, err := rand.Read(bytes)
-	if err != nil {
-		panic("failed to generate session ID")
-	}
-	return hex.EncodeToString(bytes)
-}
-
 func GetSessionId(ctx *gin.Context) string {
 	sessionId, err := ctx.Cookie("session_id")
 
@@ -73,17 +63,13 @@ func GetSessionId(ctx *gin.Context) string {
 			return responseCookie
 		}
 
-		sessionId = generateSessionId(16)
+		sessionId = utils.GenerateSessionId(16)
 		ctx.SetCookie("session_id", sessionId, 3600, "/", "", false, true)
 	}
 
 	return sessionId
 }
 
-func GenerateToken() string {
-	return generateSessionId(16)
-}
-
 func (rc *cartItemController) NewCartItemFromForm(ctx *gin.Context) (models.CartItem, error) {
 	sessionId := GetSessionId(ctx)
 	shopItemIdStr := ctx.PostForm("ShopItemId")
@@ -162,7 +148,7 @@ func (rc *cartItemController) NewAddressFromForm(ctx *gin.Context) (models.Addre
 func (rc *cartItemController) NewOrderFromForm(ctx *gin.Context) (models.Order, error) {
 	sessionId := GetSessionId(ctx)
 	status := models.OrderStatus("AwaitingConfirmation")
-	token := GenerateToken()
+	token := utils.GenerateToken()
 	email := ctx.PostForm("email")
 	comment := ctx.PostForm("comment")
 	firstName := ctx.PostForm("firstName")

controllers/userController.go

@@ -35,7 +35,7 @@ func (uc *UserController) Register(c *gin.Context) {
 		return
 	}
 
-	_, err = services.Users.Register(body.Name, body.Email, body.Password)
+	_, err = services.Users.Register(body.Name, body.Email, body.Password, false)
 
 	if err != nil {
 		fmt.Println("Error: ", err)
@@ -152,18 +152,75 @@ func (rc *UserController) RegisterHandler(c *gin.Context) {
 	email := c.PostForm("email")
 	password := c.PostForm("password")
 
-	_, err := services.Users.Register(name, email, password)
+	//first registered user is admin
+	isEmpty, _ := repositories.Users.IsEmpty()
+	if isEmpty {
+		_, err := services.Users.Register(name, email, password, true)
+		if err != nil {
+			data := gin.H{
+				"error":   "Registering Failed.",
+				"success": "",
+			}
+			c.HTML(http.StatusOK, "register.html", data)
+			return
+		}
 
+		data := gin.H{
+			"error":   "",
+			"success": "You successfully registered as Admin. Try logging in.",
+		}
+
+		c.HTML(http.StatusOK, "register.html", data)
+		return
+	}
+
+	//for any other user token is required
+	token := c.PostForm("token")
+
+	if token == "" {
+		data := gin.H{
+			"error":   "No token. No register.",
+			"success": "",
+		}
+
+		c.HTML(http.StatusOK, "register.html", data)
+	}
+
+	tokenExists, err := repositories.Tokens.Exists(token)
+
+	if err != nil {
+		data := gin.H{
+			"error":   err,
+			"success": "",
+		}
+
+		c.HTML(http.StatusOK, "register.html", data)
+	}
+
+	if !tokenExists {
+		data := gin.H{
+			"error":   "Invalid Token.",
+			"success": "",
+		}
+		c.HTML(http.StatusOK, "register.html", data)
+	}
+
+	_, err = services.Users.Register(name, email, password, false)
 	if err != nil {
 		data := gin.H{
 			"error":   "Registering Failed.",
 			"success": "",
 		}
-
 		c.HTML(http.StatusOK, "register.html", data)
 		return
 	}
 
+	err = repositories.Tokens.Delete(token)
+
+	if err != nil {
+		fmt.Println("Could not delete RegisterToken: ", err)
+	}
+
 	data := gin.H{
 		"error":   "",
 		"success": "You successfully registered. Try logging in.",