implement otp

Author: miladrahimi

.docker/.gitignore

@@ -1 +1,2 @@
 mysql
+redis

Makefile

@@ -1,16 +1,16 @@
 DIR := $(shell pwd)
 GO_CI := golangci/golangci-lint:v1.59.1
 
-.PHONY: dev-start
-dev-start:
-	@docker compose -f compose.dev.yml up -d
+.PHONY: local-up
+local-up:
+	@docker compose -f compose.local.yml up -d
 
-.PHONY: dev-stop
-dev-stop:
-	@docker compose -f compose.dev.yml down
+.PHONY: local-down
+local-down:
+	@docker compose -f compose.local.yml down
 
-.PHONY: dev-run
-dev-run:
+.PHONY: local-run
+local-run:
 	@go run main.go serve
 
 .PHONY: lint

compose.dev.yml compose.local.yml

@@ -6,7 +6,7 @@ require (
 	github.com/aws/aws-sdk-go-v2 v1.30.4
 	github.com/aws/aws-sdk-go-v2/config v1.27.28
 	github.com/aws/aws-sdk-go-v2/credentials v1.17.28
-	github.com/aws/aws-sdk-go-v2/service/s3 v1.59.0
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.60.0
 	github.com/aws/smithy-go v1.20.4
 	github.com/cockroachdb/errors v1.11.3
 	github.com/go-playground/validator/v10 v10.22.0
@@ -15,7 +15,7 @@ require (
 	github.com/spf13/cobra v1.8.1
 	go.uber.org/zap v1.27.0
 	golang.org/x/crypto v0.26.0
-	google.golang.org/api v0.192.0
+	google.golang.org/api v0.193.0
 	gorm.io/driver/mysql v1.5.7
 	gorm.io/gorm v1.25.11
 )
@@ -52,7 +52,6 @@ require (
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/s2a-go v0.1.8 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
@@ -81,7 +80,7 @@ require (
 	golang.org/x/sys v0.24.0 // indirect
 	golang.org/x/text v0.17.0 // indirect
 	golang.org/x/time v0.6.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240820151423-278611b39280 // indirect
 	google.golang.org/grpc v1.65.0 // indirect
 	google.golang.org/protobuf v1.34.2 // indirect
 )

go.mod

@@ -32,6 +32,15 @@ type signInGoogleRequest struct {
 	Token string `json:"google_token" validate:"required"`
 }
 
+type otpEmailGetRequest struct {
+	Email string `json:"email" validate:"required,email,max=191"`
+}
+
+type otpEmailValidateRequest struct {
+	Email string `json:"email" validate:"required,email,max=191"`
+	Otp   string `json:"otp" validate:"required"`
+}
+
 func AuthSignUp(ctr *container.Container) echo.HandlerFunc {
 	return func(ctx echo.Context) error {
 		var r signUpRequest
@@ -104,6 +113,93 @@ func AuthSignUp(ctr *container.Container) echo.HandlerFunc {
 	}
 }
 
+func AuthOtpEmailGenerate(ctr *container.Container) echo.HandlerFunc {
+	return func(ctx echo.Context) error {
+		var r otpEmailGetRequest
+		if err := ctx.Bind(&r); err != nil {
+			return ctx.JSON(http.StatusBadRequest, map[string]string{
+				"message": "Cannot parse the request body.",
+			})
+		}
+		if err := ctx.Validate(r); err != nil {
+			return ctx.JSON(http.StatusUnprocessableEntity, map[string]string{
+				"message": err.Error(),
+			})
+		}
+
+		ttl := ctr.OtpService.Email(r.Email)
+
+		return ctx.JSON(http.StatusCreated, map[string]interface{}{
+			"ttl": ttl,
+		})
+	}
+}
+
+func AuthOtpEmailSubmit(ctr *container.Container) echo.HandlerFunc {
+	return func(ctx echo.Context) error {
+		var r otpEmailValidateRequest
+		if err := ctx.Bind(&r); err != nil {
+			return ctx.JSON(http.StatusBadRequest, map[string]string{
+				"message": "Cannot parse the request body.",
+			})
+		}
+		if err := ctx.Validate(r); err != nil {
+			return ctx.JSON(http.StatusUnprocessableEntity, map[string]string{
+				"message": err.Error(),
+			})
+		}
+
+		isValid := ctr.OtpService.Check(r.Email, r.Otp)
+		if !isValid {
+			return ctx.JSON(http.StatusUnauthorized, map[string]interface{}{
+				"message": "The OTP (one-time password) is not valid.",
+			})
+		}
+
+		user, err := ctr.UserService.FindBy("email", r.Email)
+		if err != nil {
+			return errors.WithStack(err)
+		}
+
+		if user != nil {
+			token, err := ctr.TokenService.Create(user)
+			if err != nil {
+				return errors.WithStack(err)
+			}
+
+			return ctx.JSON(http.StatusCreated, map[string]interface{}{
+				"user":  user,
+				"token": token,
+			})
+		} else {
+			err = ctr.UserService.Create(&models.User{
+				Username: r.Email,
+				Email:    r.Email,
+				IsBanned: false,
+				Password: "",
+			})
+			if err != nil {
+				return errors.WithStack(err)
+			}
+
+			user, err = ctr.UserService.FindBy("email", r.Email)
+			if err != nil {
+				return errors.WithStack(err)
+			}
+
+			token, err := ctr.TokenService.Create(user)
+			if err != nil {
+				return errors.WithStack(err)
+			}
+
+			return ctx.JSON(http.StatusCreated, map[string]interface{}{
+				"user":  user,
+				"token": token,
+			})
+		}
+	}
+}
+
 func AuthSignInEmail(ctr *container.Container) echo.HandlerFunc {
 	return func(ctx echo.Context) error {
 		var r signInEmailRequest

go.sum

@@ -23,6 +23,8 @@ func (s *Server) registerRoutes() {
 			public.POST("auth/sign-in/email", v1.AuthSignInEmail(s.container))
 			public.POST("auth/sign-in/username", v1.AuthSignInUsername(s.container))
 			public.POST("auth/sign-in/google", v1.AuthSignInGoogle(s.container, s.config))
+			public.POST("auth/otp/email/generate", v1.AuthOtpEmailGenerate(s.container))
+			public.POST("auth/otp/email/submit", v1.AuthOtpEmailSubmit(s.container))
 		}
 
 		private := v1Api.Group("/", mw.Authorize(s.container))

internal/http/server/handlers/v1/auth.go

@@ -44,6 +44,21 @@ func (m *Mailer) SendWelcome(to, username string) {
 	m.Send(to, "Welcome to Nightell!", message)
 }
 
+func (m *Mailer) SendOtp(to, otp string) {
+	message := strings.Join([]string{
+		"Dear user,",
+		"Your One-Time Password (OTP) for accessing your account is:",
+		otp,
+		"Please enter this code within the next 3 minutes to complete your verification process.",
+		"For your security, do not share this code with anyone.",
+		"If you did not request this code, please ignore this email.",
+		"",
+		"Thank you for using our service!",
+		"https://nightell.neatplex.com",
+	}, "\r\n")
+	m.Send(to, "Nightell OTP (one-time password)", message)
+}
+
 func (m *Mailer) SendDeleteAccount(to, username, link string) {
 	message := strings.Join([]string{
 		"Dear " + username + ",",

internal/http/server/routes.go

@@ -7,6 +7,7 @@ import (
 	"github.com/neatplex/nightell-core/internal/services/file"
 	"github.com/neatplex/nightell-core/internal/services/followship"
 	"github.com/neatplex/nightell-core/internal/services/like"
+	"github.com/neatplex/nightell-core/internal/services/otp"
 	"github.com/neatplex/nightell-core/internal/services/post"
 	"github.com/neatplex/nightell-core/internal/services/remove"
 	"github.com/neatplex/nightell-core/internal/services/token"
@@ -21,6 +22,7 @@ type Container struct {
 	FileService       *file.Service
 	LikeService       *like.Service
 	FollowshipService *followship.Service
+	OtpService        *otp.Service
 }
 
 func New(d *database.Database, s3 *s3.S3, m *mailer.Mailer) *Container {
@@ -32,5 +34,6 @@ func New(d *database.Database, s3 *s3.S3, m *mailer.Mailer) *Container {
 		FileService:       file.New(d, s3),
 		LikeService:       like.New(d),
 		FollowshipService: followship.New(d),
+		OtpService:        otp.New(m),
 	}
 }

internal/mailer/mailer.go

@@ -0,0 +1,58 @@
+package otp
+
+import (
+	"github.com/neatplex/nightell-core/internal/mailer"
+	"math/rand"
+	"strconv"
+	"time"
+)
+
+const min3 = time.Duration(2) * time.Minute
+
+type Service struct {
+	mailer    *mailer.Mailer
+	passwords map[string]*password
+}
+
+type password struct {
+	Value    string
+	ExpireAt time.Time
+}
+
+func (s *Service) Email(email string) int {
+	if p, found := s.passwords[email]; found {
+		if p.ExpireAt.After(time.Now()) {
+			return s.ttl(p.ExpireAt)
+		}
+	}
+
+	s.passwords[email] = &password{
+		Value:    strconv.Itoa(rand.Intn(899999) + 100000),
+		ExpireAt: time.Now().Add(min3),
+	}
+
+	s.mailer.SendOtp(email, s.passwords[email].Value)
+
+	return s.ttl(s.passwords[email].ExpireAt)
+}
+
+func (s *Service) Check(identifier string, password string) bool {
+	if p, found := s.passwords[identifier]; found {
+		defer delete(s.passwords, identifier)
+		if p.ExpireAt.Before(time.Now().Add(min3)) {
+			return p.Value == password
+		}
+	}
+	return false
+}
+
+func (s *Service) ttl(t time.Time) int {
+	return int(t.Sub(time.Now()).Seconds())
+}
+
+func New(m *mailer.Mailer) *Service {
+	return &Service{
+		passwords: make(map[string]*password),
+		mailer:    m,
+	}
+}