(w http.ResponseWriter, r *http.Request)
| 50 | } |
| 51 | |
| 52 | func (a *API) adminGenerateLink(w http.ResponseWriter, r *http.Request) error { |
| 53 | ctx := r.Context() |
| 54 | db := a.db.WithContext(ctx) |
| 55 | config := a.config |
| 56 | mailer := a.Mailer() |
| 57 | adminUser := getAdminUser(ctx) |
| 58 | params := &GenerateLinkParams{} |
| 59 | if err := retrieveRequestParams(r, params); err != nil { |
| 60 | return err |
| 61 | } |
| 62 | |
| 63 | var err error |
| 64 | params.Email, err = a.validateEmail(params.Email) |
| 65 | if err != nil { |
| 66 | return err |
| 67 | } |
| 68 | referrer := utilities.GetReferrer(r, config) |
| 69 | if utilities.IsRedirectURLValid(config, params.RedirectTo) { |
| 70 | referrer = params.RedirectTo |
| 71 | } |
| 72 | |
| 73 | aud := a.requestAud(ctx, r) |
| 74 | user, err := models.FindUserByEmailAndAudience(db, params.Email, aud) |
| 75 | if err != nil { |
| 76 | if models.IsNotFoundError(err) { |
| 77 | switch params.Type { |
| 78 | case mail.MagicLinkVerification: |
| 79 | params.Type = mail.SignupVerification |
| 80 | params.Password, err = password.Generate(64, 10, 1, false, true) |
| 81 | if err != nil { |
| 82 | // password generation must always succeed |
| 83 | panic(err) |
| 84 | } |
| 85 | case mail.RecoveryVerification, mail.EmailChangeCurrentVerification, mail.EmailChangeNewVerification: |
| 86 | return apierrors.NewNotFoundError(apierrors.ErrorCodeUserNotFound, "User with this email not found") |
| 87 | } |
| 88 | } else { |
| 89 | return apierrors.NewInternalServerError("Database error finding user").WithInternalError(err) |
| 90 | } |
| 91 | } |
| 92 | |
| 93 | var url string |
| 94 | now := time.Now() |
| 95 | otp := crypto.GenerateOtp(config.Mailer.OtpLength) |
| 96 | |
| 97 | hashedToken := crypto.GenerateTokenHash(params.Email, otp) |
| 98 | |
| 99 | var ( |
| 100 | createdUser bool |
| 101 | signupUser *models.User |
| 102 | inviteUser *models.User |
| 103 | ) |
| 104 | switch { |
| 105 | case params.Type == mail.SignupVerification && user == nil: |
| 106 | signupParams := &SignupParams{ |
| 107 | Email: params.Email, |
| 108 | Password: params.Password, |
| 109 | Data: params.Data, |
nothing calls this directly
no test coverage detected