feat: add /api/account/update-email route

2024-03-19 07:48:04 -04:00 · 2024-03-19 07:48:04 -04:00 · 080a4a1a85
parent 9bfdef1519
commit 080a4a1a85
3 changed files with 45 additions and 0 deletions
--- a/api/account/account.go
+++ b/api/account/account.go
@ -319,6 +319,21 @@ func (a AccountAPI) uploadLimit(c jape.Context) {
 	})
 }

+func (a AccountAPI) updateEmail(c jape.Context) {
+	user := middleware.GetUserFromContext(c.Request.Context())
+
+	var request UpdateEmailRequest
+
+	if c.Decode(&request) != nil {
+		return
+	}
+
+	err := a.accounts.UpdateAccountEmail(user, request.Email, request.Password)
+	if c.Check("failed to update email", err) != nil {
+		return
+	}
+}
+
 func (a *AccountAPI) Routes() (*httprouter.Router, error) {
 	loginAuthMw2fa := authMiddleware(middleware.AuthMiddlewareOptions{
 		Identity:     a.identity,
@ -387,17 +402,21 @@ func (a *AccountAPI) Routes() (*httprouter.Router, error) {
 	})

 	routes := map[string]jape.Handler{
+		// Auth
 		"POST /api/auth/ping":         middleware.ApplyMiddlewares(a.ping, corsMw.Handler, pingAuthMw, middleware.ProxyMiddleware),
 		"POST /api/auth/login":        middleware.ApplyMiddlewares(a.login, corsMw.Handler, loginAuthMw2fa, middleware.ProxyMiddleware),
 		"POST /api/auth/register":     middleware.ApplyMiddlewares(a.register, corsMw.Handler, middleware.ProxyMiddleware),
 		"POST /api/auth/otp/validate": middleware.ApplyMiddlewares(a.otpValidate, corsMw.Handler, authMw, middleware.ProxyMiddleware),
 		"POST /api/auth/logout":       middleware.ApplyMiddlewares(a.logout, corsMw.Handler, authMw, middleware.ProxyMiddleware),

+		// Account
 		"POST /api/account/verify-email":           middleware.ApplyMiddlewares(a.verifyEmail, corsMw.Handler, middleware.ProxyMiddleware),
 		"POST /api/account/otp/verify":             middleware.ApplyMiddlewares(a.otpVerify, corsMw.Handler, authMw, middleware.ProxyMiddleware),
 		"POST /api/account/otp/disable":            middleware.ApplyMiddlewares(a.otpDisable, corsMw.Handler, authMw, middleware.ProxyMiddleware),
 		"POST /api/account/password-reset/request": middleware.ApplyMiddlewares(a.passwordResetRequest, corsMw.Handler, middleware.ProxyMiddleware),
 		"POST /api/account/password-reset/confirm": middleware.ApplyMiddlewares(a.passwordResetConfirm, corsMw.Handler, middleware.ProxyMiddleware),
+		"POST /api/account/update-email":           middleware.ApplyMiddlewares(a.updateEmail, corsMw.Handler, middleware.ProxyMiddleware),
+
 		"GET /*path": middleware.ApplyMiddlewares(getHandler, corsMw.Handler),
 	}

--- a/api/account/messages.go
+++ b/api/account/messages.go
@ -58,3 +58,7 @@ type AccountInfoResponse struct {
 type UploadLimitResponse struct {
 	Limit uint64 `json:"limit"`
 }
+type UpdateEmailRequest struct {
+	Email    string `json:"email"`
+	Password string `json:"password"`
+}
--- a/api/account/swagger.yaml
+++ b/api/account/swagger.yaml
@ -148,6 +148,18 @@ paths:
                                $ref: '#/components/schemas/AccountInfoResponse'
                '401':
                    description: Unauthorized
+    /api/account/update-email:
+        post:
+            summary: Update email address
+            requestBody:
+                required: true
+                content:
+                    application/json:
+                        schema:
+                            $ref: '#/components/schemas/UpdateEmailRequest'
+            responses:
+                '200':
+                    description: Email updated successfully
    /api/upload-limit:
        get:
            summary: Get the basic file upload (POST) upload limit set by the portal
@ -248,6 +260,16 @@ components:
                    type: string
                password:
                    type: string
+        UpdateEmailRequest:
+            type: object
+            required:
+                - email
+                - password
+            properties:
+                email:
+                    type: string
+                password:
+                    type: string
        PingResponse:
            type: object
            properties: