fleet/server/kolide/emails.go

package kolide

import (
	"bytes"
	"html/template"
	"time"
)

// PasswordResetStore manages password resets in the Datastore
type PasswordResetStore interface {
	NewPasswordResetRequest(req *PasswordResetRequest) (*PasswordResetRequest, error)
	SavePasswordResetRequest(req *PasswordResetRequest) error
	DeletePasswordResetRequest(req *PasswordResetRequest) error
	DeletePasswordResetRequestsForUser(userID uint) error
	FindPassswordResetByID(id uint) (*PasswordResetRequest, error)
	FindPassswordResetsByUserID(id uint) ([]*PasswordResetRequest, error)
	FindPassswordResetByToken(token string) (*PasswordResetRequest, error)
	FindPassswordResetByTokenAndUserID(token string, id uint) (*PasswordResetRequest, error)
}

// Mailer is an email campaign
// Types which implement the Campaign interface
// can be marshalled into an email body
type Mailer interface {
	Message() ([]byte, error)
}

type Email struct {
	To   []string
	From string
	Msg  Mailer
}

type MailService interface {
	SendEmail(e Email) error
}

// PasswordResetRequest represents a database table for
// Password Reset Requests
type PasswordResetRequest struct {
	UpdateCreateTimestamps
	ID        uint
	ExpiresAt time.Time `db:"expires_at"`
	UserID    uint      `db:"user_id"`
	Token     string
}

const passwordResetTemplate = `
You requested a password reset,
Follow the link below to reset your password:
http://localhost:8080/login/reset?token={{.Token}}
`

func (r PasswordResetRequest) Message() ([]byte, error) {
	var msg bytes.Buffer
	var err error
	t := template.New(passwordResetTemplate)
	if t, err = t.Parse(passwordResetTemplate); err != nil {
		return nil, err
	}
	if err = t.Execute(&msg, r); err != nil {
		return nil, err
	}
	return msg.Bytes(), nil
}
Session shuffle and rename app to server (#84) * renaming campaign to email * moving session management code to the new kolide/datastore pattern * removing global configuration variables in favor of config * moving email operations to package kolide * moving app to server * using http.ListenAndServeTLS instead of a method on gin.Engine remove the kolide.go dependency on gin 2016-08-19 00:45:39 +00:00			`package kolide`
Email-based password reset (#54) * No more hard deletes * scaffolding for password reset endpoint * Ensure password reset state is accounted for in VC checks * password reset endpoints and data structures * ability to change password with reset token * smtp server connection pool management * stubbing out the sending of the email * adding mailhog via docker * HTML emails with confgurable host name * fixing typo in the comments * Fixing merge which undid DatabaseError replacement * documentation in the readme * webpack shortcut for components * removing a sneaky merge line that snuck in * temporary email content api * tests for password reset flow * fixing go vet * comments and making all db use `&value` rather than `reference` * more correct usage of the errors library and moving email sending to it's own method * using the wrong error * fixing email mock object error * less incorrect error usage * rebasing and merging * http constants for status code * using ParseAndValidateJSON instead of BindJSON * validate instead of binding in struct tags * NewFromError instead of New 2016-08-12 19:20:29 +00:00
			`import (`
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`"bytes"`
			`"html/template"`
Email-based password reset (#54) * No more hard deletes * scaffolding for password reset endpoint * Ensure password reset state is accounted for in VC checks * password reset endpoints and data structures * ability to change password with reset token * smtp server connection pool management * stubbing out the sending of the email * adding mailhog via docker * HTML emails with confgurable host name * fixing typo in the comments * Fixing merge which undid DatabaseError replacement * documentation in the readme * webpack shortcut for components * removing a sneaky merge line that snuck in * temporary email content api * tests for password reset flow * fixing go vet * comments and making all db use `&value` rather than `reference` * more correct usage of the errors library and moving email sending to it's own method * using the wrong error * fixing email mock object error * less incorrect error usage * rebasing and merging * http constants for status code * using ParseAndValidateJSON instead of BindJSON * validate instead of binding in struct tags * NewFromError instead of New 2016-08-12 19:20:29 +00:00			`"time"`
			`)`

Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`// PasswordResetStore manages password resets in the Datastore`
			`type PasswordResetStore interface {`
			`NewPasswordResetRequest(req PasswordResetRequest) (PasswordResetRequest, error)`
			`SavePasswordResetRequest(req *PasswordResetRequest) error`
Session shuffle and rename app to server (#84) * renaming campaign to email * moving session management code to the new kolide/datastore pattern * removing global configuration variables in favor of config * moving email operations to package kolide * moving app to server * using http.ListenAndServeTLS instead of a method on gin.Engine remove the kolide.go dependency on gin 2016-08-19 00:45:39 +00:00			`DeletePasswordResetRequest(req *PasswordResetRequest) error`
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`DeletePasswordResetRequestsForUser(userID uint) error`
Session shuffle and rename app to server (#84) * renaming campaign to email * moving session management code to the new kolide/datastore pattern * removing global configuration variables in favor of config * moving email operations to package kolide * moving app to server * using http.ListenAndServeTLS instead of a method on gin.Engine remove the kolide.go dependency on gin 2016-08-19 00:45:39 +00:00			`FindPassswordResetByID(id uint) (*PasswordResetRequest, error)`
Integration tests (#90) * tests for auth endpoints * create user test and fatals instead of panics * more tests * remove init viper config setting * stubbing * more tests * more tests * organizing auth and users files * rest of auth tests * password reset tests 2016-08-20 06:56:49 +00:00			`FindPassswordResetsByUserID(id uint) ([]*PasswordResetRequest, error)`
Session shuffle and rename app to server (#84) * renaming campaign to email * moving session management code to the new kolide/datastore pattern * removing global configuration variables in favor of config * moving email operations to package kolide * moving app to server * using http.ListenAndServeTLS instead of a method on gin.Engine remove the kolide.go dependency on gin 2016-08-19 00:45:39 +00:00			`FindPassswordResetByToken(token string) (*PasswordResetRequest, error)`
			`FindPassswordResetByTokenAndUserID(token string, id uint) (*PasswordResetRequest, error)`
			`}`

Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`// Mailer is an email campaign`
			`// Types which implement the Campaign interface`
			`// can be marshalled into an email body`
			`type Mailer interface {`
			`Message() ([]byte, error)`
Email-based password reset (#54) * No more hard deletes * scaffolding for password reset endpoint * Ensure password reset state is accounted for in VC checks * password reset endpoints and data structures * ability to change password with reset token * smtp server connection pool management * stubbing out the sending of the email * adding mailhog via docker * HTML emails with confgurable host name * fixing typo in the comments * Fixing merge which undid DatabaseError replacement * documentation in the readme * webpack shortcut for components * removing a sneaky merge line that snuck in * temporary email content api * tests for password reset flow * fixing go vet * comments and making all db use `&value` rather than `reference` * more correct usage of the errors library and moving email sending to it's own method * using the wrong error * fixing email mock object error * less incorrect error usage * rebasing and merging * http constants for status code * using ParseAndValidateJSON instead of BindJSON * validate instead of binding in struct tags * NewFromError instead of New 2016-08-12 19:20:29 +00:00			`}`

Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`type Email struct {`
			`To []string`
			`From string`
			`Msg Mailer`
Email-based password reset (#54) * No more hard deletes * scaffolding for password reset endpoint * Ensure password reset state is accounted for in VC checks * password reset endpoints and data structures * ability to change password with reset token * smtp server connection pool management * stubbing out the sending of the email * adding mailhog via docker * HTML emails with confgurable host name * fixing typo in the comments * Fixing merge which undid DatabaseError replacement * documentation in the readme * webpack shortcut for components * removing a sneaky merge line that snuck in * temporary email content api * tests for password reset flow * fixing go vet * comments and making all db use `&value` rather than `reference` * more correct usage of the errors library and moving email sending to it's own method * using the wrong error * fixing email mock object error * less incorrect error usage * rebasing and merging * http constants for status code * using ParseAndValidateJSON instead of BindJSON * validate instead of binding in struct tags * NewFromError instead of New 2016-08-12 19:20:29 +00:00			`}`

Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`type MailService interface {`
			`SendEmail(e Email) error`
Email-based password reset (#54) * No more hard deletes * scaffolding for password reset endpoint * Ensure password reset state is accounted for in VC checks * password reset endpoints and data structures * ability to change password with reset token * smtp server connection pool management * stubbing out the sending of the email * adding mailhog via docker * HTML emails with confgurable host name * fixing typo in the comments * Fixing merge which undid DatabaseError replacement * documentation in the readme * webpack shortcut for components * removing a sneaky merge line that snuck in * temporary email content api * tests for password reset flow * fixing go vet * comments and making all db use `&value` rather than `reference` * more correct usage of the errors library and moving email sending to it's own method * using the wrong error * fixing email mock object error * less incorrect error usage * rebasing and merging * http constants for status code * using ParseAndValidateJSON instead of BindJSON * validate instead of binding in struct tags * NewFromError instead of New 2016-08-12 19:20:29 +00:00			`}`
Session shuffle and rename app to server (#84) * renaming campaign to email * moving session management code to the new kolide/datastore pattern * removing global configuration variables in favor of config * moving email operations to package kolide * moving app to server * using http.ListenAndServeTLS instead of a method on gin.Engine remove the kolide.go dependency on gin 2016-08-19 00:45:39 +00:00
			`// PasswordResetRequest represents a database table for`
			`// Password Reset Requests`
			`type PasswordResetRequest struct {`
Datastore refactor (#439) Removed Gorm, replaced it with Sqlx * Added SQL bundling command to Makfile * Using go-kit logger * Added soft delete capability * Changed SearchLabel to accept a variadic param for optional omit list instead of array * Gorm removed * Refactor table structures to use CURRENT_TIMESTAMP mysql function * Moved Inmem datastore into it's own package * Updated README * Implemented code review suggestions from @zwass * Removed reference to Gorm from glide.yaml 2016-11-16 13:47:49 +00:00			`UpdateCreateTimestamps`
			`ID uint`
			ExpiresAt time.Time `db:"expires_at"`
			UserID uint `db:"user_id"`
			`Token string`
Session shuffle and rename app to server (#84) * renaming campaign to email * moving session management code to the new kolide/datastore pattern * removing global configuration variables in favor of config * moving email operations to package kolide * moving app to server * using http.ListenAndServeTLS instead of a method on gin.Engine remove the kolide.go dependency on gin 2016-08-19 00:45:39 +00:00			`}`

Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			const passwordResetTemplate = `
Fix bugs with password resets (#330) - Permissions error with admin forced password reset - Redirecting on successful admin forced password reset - URL fix for forgot password reset - Use JWT key for password reset request 2016-10-20 19:09:51 +00:00			`You requested a password reset,`
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`Follow the link below to reset your password:`
Fix bugs with password resets (#330) - Permissions error with admin forced password reset - Redirecting on successful admin forced password reset - URL fix for forgot password reset - Use JWT key for password reset request 2016-10-20 19:09:51 +00:00			`http://localhost:8080/login/reset?token={{.Token}}`
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`

			`func (r PasswordResetRequest) Message() ([]byte, error) {`
			`var msg bytes.Buffer`
			`var err error`
			`t := template.New(passwordResetTemplate)`
			`if t, err = t.Parse(passwordResetTemplate); err != nil {`
Session shuffle and rename app to server (#84) * renaming campaign to email * moving session management code to the new kolide/datastore pattern * removing global configuration variables in favor of config * moving email operations to package kolide * moving app to server * using http.ListenAndServeTLS instead of a method on gin.Engine remove the kolide.go dependency on gin 2016-08-19 00:45:39 +00:00			`return nil, err`
			`}`
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`if err = t.Execute(&msg, r); err != nil {`
Session shuffle and rename app to server (#84) * renaming campaign to email * moving session management code to the new kolide/datastore pattern * removing global configuration variables in favor of config * moving email operations to package kolide * moving app to server * using http.ListenAndServeTLS instead of a method on gin.Engine remove the kolide.go dependency on gin 2016-08-19 00:45:39 +00:00			`return nil, err`
			`}`
Update users service (#156) Closes #144 #145 #160 Implements PATCH method on user and endpoint middleware for authnz Implements `reset_password` (with token) and `forgot_password` endpoints Added godoc comments for UserService interface Shift to using testify/assert in test code Multiple fixes/changes to the UserService API 2016-09-15 14:52:17 +00:00			`return msg.Bytes(), nil`
Session shuffle and rename app to server (#84) * renaming campaign to email * moving session management code to the new kolide/datastore pattern * removing global configuration variables in favor of config * moving email operations to package kolide * moving app to server * using http.ListenAndServeTLS instead of a method on gin.Engine remove the kolide.go dependency on gin 2016-08-19 00:45:39 +00:00			`}`