Refactor login to email-only, remove phone/SMS auth
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -11,7 +11,6 @@ import (
|
|||||||
"log"
|
"log"
|
||||||
"math/big"
|
"math/big"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
|
||||||
"os"
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
@@ -94,18 +93,10 @@ func (s *Server) handleLoginSubmit(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
var identifier string
|
identifier := strings.ToLower(raw)
|
||||||
var method string // "email" or "phone"
|
if !isEmail(identifier) {
|
||||||
if isEmail(raw) {
|
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
||||||
identifier = strings.ToLower(raw)
|
return
|
||||||
method = "email"
|
|
||||||
} else {
|
|
||||||
identifier = normalizePhone(raw)
|
|
||||||
method = "phone"
|
|
||||||
if identifier == "" {
|
|
||||||
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
code := generateCode()
|
code := generateCode()
|
||||||
@@ -116,32 +107,19 @@ func (s *Server) handleLoginSubmit(w http.ResponseWriter, r *http.Request) {
|
|||||||
ExpiresAt: expiresAt,
|
ExpiresAt: expiresAt,
|
||||||
})
|
})
|
||||||
|
|
||||||
if method == "email" {
|
if err := sendVerificationEmail(identifier, code); err != nil {
|
||||||
if err := sendVerificationEmail(identifier, code); err != nil {
|
log.Printf("failed to send verification email to %s: %v", identifier, err)
|
||||||
log.Printf("failed to send verification email to %s: %v", identifier, err)
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
s.q.CreateSmsConsent(r.Context(), db.CreateSmsConsentParams{
|
|
||||||
Phone: identifier,
|
|
||||||
IpAddress: r.RemoteAddr,
|
|
||||||
UserAgent: r.UserAgent(),
|
|
||||||
})
|
|
||||||
if err := sendVerificationSMS(identifier, code); err != nil {
|
|
||||||
log.Printf("failed to send verification SMS to %s: %v", identifier, err)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pageTmpl["login"].ExecuteTemplate(w, "layout", map[string]any{
|
pageTmpl["login"].ExecuteTemplate(w, "layout", map[string]any{
|
||||||
"Step": "code",
|
"Step": "code",
|
||||||
"Identifier": identifier,
|
"Identifier": identifier,
|
||||||
"Method": method,
|
|
||||||
"AuthEnabled": true,
|
"AuthEnabled": true,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) handleVerifyCode(w http.ResponseWriter, r *http.Request) {
|
func (s *Server) handleVerifyCode(w http.ResponseWriter, r *http.Request) {
|
||||||
identifier := strings.TrimSpace(r.FormValue("identifier"))
|
identifier := strings.TrimSpace(r.FormValue("identifier"))
|
||||||
method := r.FormValue("method")
|
|
||||||
code := strings.TrimSpace(r.FormValue("code"))
|
code := strings.TrimSpace(r.FormValue("code"))
|
||||||
|
|
||||||
vc, err := s.q.GetVerificationCode(r.Context(), db.GetVerificationCodeParams{
|
vc, err := s.q.GetVerificationCode(r.Context(), db.GetVerificationCodeParams{
|
||||||
@@ -152,7 +130,6 @@ func (s *Server) handleVerifyCode(w http.ResponseWriter, r *http.Request) {
|
|||||||
pageTmpl["login"].ExecuteTemplate(w, "layout", map[string]any{
|
pageTmpl["login"].ExecuteTemplate(w, "layout", map[string]any{
|
||||||
"Step": "code",
|
"Step": "code",
|
||||||
"Identifier": identifier,
|
"Identifier": identifier,
|
||||||
"Method": method,
|
|
||||||
"Error": "Invalid or expired code. Try again.",
|
"Error": "Invalid or expired code. Try again.",
|
||||||
"AuthEnabled": true,
|
"AuthEnabled": true,
|
||||||
})
|
})
|
||||||
@@ -163,16 +140,9 @@ func (s *Server) handleVerifyCode(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
// Get or create user
|
// Get or create user
|
||||||
var user db.User
|
var user db.User
|
||||||
if method == "email" {
|
user, err = s.q.GetUserByEmail(r.Context(), sql.NullString{String: identifier, Valid: true})
|
||||||
user, err = s.q.GetUserByEmail(r.Context(), sql.NullString{String: identifier, Valid: true})
|
if err == sql.ErrNoRows {
|
||||||
if err == sql.ErrNoRows {
|
user, err = s.q.CreateUserByEmail(r.Context(), sql.NullString{String: identifier, Valid: true})
|
||||||
user, err = s.q.CreateUserByEmail(r.Context(), sql.NullString{String: identifier, Valid: true})
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
user, err = s.q.GetUserByPhone(r.Context(), sql.NullString{String: identifier, Valid: true})
|
|
||||||
if err == sql.ErrNoRows {
|
|
||||||
user, err = s.q.CreateUserByPhone(r.Context(), sql.NullString{String: identifier, Valid: true})
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("user lookup/create: %v", err)
|
log.Printf("user lookup/create: %v", err)
|
||||||
@@ -270,58 +240,6 @@ func generateSessionToken() string {
|
|||||||
return hex.EncodeToString(b)
|
return hex.EncodeToString(b)
|
||||||
}
|
}
|
||||||
|
|
||||||
// normalizePhone strips non-digit chars and prepends +1 if no country code.
|
|
||||||
func normalizePhone(raw string) string {
|
|
||||||
var digits strings.Builder
|
|
||||||
for _, c := range strings.TrimSpace(raw) {
|
|
||||||
if c >= '0' && c <= '9' {
|
|
||||||
digits.WriteRune(c)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
d := digits.String()
|
|
||||||
if d == "" {
|
|
||||||
return ""
|
|
||||||
}
|
|
||||||
// If 10 digits, assume US and prepend 1
|
|
||||||
if len(d) == 10 {
|
|
||||||
d = "1" + d
|
|
||||||
}
|
|
||||||
return "+" + d
|
|
||||||
}
|
|
||||||
|
|
||||||
func sendVerificationSMS(to, code string) error {
|
|
||||||
sid := os.Getenv("TWILIO_ACCOUNT_SID")
|
|
||||||
token := os.Getenv("TWILIO_AUTH_TOKEN")
|
|
||||||
from := os.Getenv("TWILIO_FROM_NUMBER")
|
|
||||||
|
|
||||||
if sid == "" || token == "" || from == "" {
|
|
||||||
log.Printf("Twilio not configured — code for %s is: %s", to, code)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
body := fmt.Sprintf("Your bbq login code: %s", code)
|
|
||||||
apiURL := fmt.Sprintf("https://api.twilio.com/2010-04-01/Accounts/%s/Messages.json", sid)
|
|
||||||
|
|
||||||
data := url.Values{}
|
|
||||||
data.Set("To", to)
|
|
||||||
data.Set("From", from)
|
|
||||||
data.Set("Body", body)
|
|
||||||
|
|
||||||
req, _ := http.NewRequest("POST", apiURL, strings.NewReader(data.Encode()))
|
|
||||||
req.SetBasicAuth(sid, token)
|
|
||||||
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
|
||||||
|
|
||||||
resp, err := http.DefaultClient.Do(req)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
defer resp.Body.Close()
|
|
||||||
if resp.StatusCode >= 400 {
|
|
||||||
return fmt.Errorf("twilio API returned %d", resp.StatusCode)
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func sendVerificationEmail(to, code string) error {
|
func sendVerificationEmail(to, code string) error {
|
||||||
apiKey := os.Getenv("RESEND_API_KEY")
|
apiKey := os.Getenv("RESEND_API_KEY")
|
||||||
if apiKey == "" {
|
if apiKey == "" {
|
||||||
|
|||||||
@@ -7,7 +7,7 @@
|
|||||||
<div class="event-tag">Account</div>
|
<div class="event-tag">Account</div>
|
||||||
<h1 class="event-title">Log in</h1>
|
<h1 class="event-title">Log in</h1>
|
||||||
<p style="font-family:'DM Mono',monospace;font-size:0.8rem;color:#555;margin-top:8px;">
|
<p style="font-family:'DM Mono',monospace;font-size:0.8rem;color:#555;margin-top:8px;">
|
||||||
Enter your email or phone number to receive a login code.
|
Enter your email to receive a login code.
|
||||||
</p>
|
</p>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
@@ -15,18 +15,14 @@
|
|||||||
{{if eq .Step "identify"}}
|
{{if eq .Step "identify"}}
|
||||||
<form method="POST" action="/login">
|
<form method="POST" action="/login">
|
||||||
<div class="form-row">
|
<div class="form-row">
|
||||||
<label>Email or phone</label>
|
<label>Email</label>
|
||||||
<input type="text" name="identifier" placeholder="you@example.com or (555) 123-4567" required autofocus>
|
<input type="email" name="identifier" placeholder="you@example.com" required autofocus>
|
||||||
</div>
|
</div>
|
||||||
<p style="font-family:'DM Mono',monospace;font-size:0.7rem;color:#777;margin-top:12px;line-height:1.5;">
|
|
||||||
By entering a phone number, you consent to receive a one-time verification code via SMS. Msg & data rates may apply. No marketing messages will be sent.
|
|
||||||
</p>
|
|
||||||
<button class="btn-submit" type="submit">Send code ↗</button>
|
<button class="btn-submit" type="submit">Send code ↗</button>
|
||||||
</form>
|
</form>
|
||||||
{{else}}
|
{{else}}
|
||||||
<form method="POST" action="/login/verify">
|
<form method="POST" action="/login/verify">
|
||||||
<input type="hidden" name="identifier" value="{{.Identifier}}">
|
<input type="hidden" name="identifier" value="{{.Identifier}}">
|
||||||
<input type="hidden" name="method" value="{{.Method}}">
|
|
||||||
<p style="font-family:'DM Mono',monospace;font-size:0.78rem;color:#555;margin-bottom:16px;">
|
<p style="font-family:'DM Mono',monospace;font-size:0.78rem;color:#555;margin-bottom:16px;">
|
||||||
Code sent to <strong>{{.Identifier}}</strong>
|
Code sent to <strong>{{.Identifier}}</strong>
|
||||||
</p>
|
</p>
|
||||||
|
|||||||
Reference in New Issue
Block a user