qor · alex77g · Sep 12, 2018 · Sep 30, 2018 · Dec 25, 2018 · Jan 2, 2019
diff --git a/providers/password/confirm.go b/providers/password/confirm.go
@@ -40,6 +40,7 @@ var DefaultConfirmationMailer = func(email string, context *auth.Context, claims
 	return context.Auth.Mailer.Send(
 		mailer.Email{
 			TO:      []mail.Address{{Address: email}},
+			From:    &mail.Address{Address: "[email protected]"},
 			Subject: ConfirmationMailSubject,
 		}, mailer.Template{
 			Name:    "auth/confirmation",
@@ -68,6 +69,7 @@ var DefaultConfirmHandler = func(context *auth.Context) error {
 		provider, _ = context.Provider.(*Provider)
 		tx          = context.Auth.GetDB(context.Request)
 		token       = context.Request.URL.Query().Get("token")
+		currentUser = reflect.New(utils.ModelType(context.Auth.Config.UserModel)).Interface()
 	)
 
 	claims, err := context.SessionStorer.ValidateClaims(token)
@@ -76,17 +78,26 @@ var DefaultConfirmHandler = func(context *auth.Context) error {
 		if err = claims.Valid(); err == nil {
 			authInfo.Provider = provider.GetName()
 			authInfo.UID = claims.Id
+			authInfo.UserID = claims.UserID
 			authIdentity := reflect.New(utils.ModelType(context.Auth.Config.AuthIdentityModel)).Interface()
+			authwhere := auth_identity.AuthIdentity{Basic: authInfo}
 
-			if tx.Where(authInfo).First(authIdentity).RecordNotFound() {
+			if tx.Where(authwhere).First(authIdentity).RecordNotFound() {
 				err = auth.ErrInvalidAccount
+				return err
 			}
+			//load user to get ConfirmedAt date
+			tx.Where(&authwhere).First(&authwhere)
 
 			if err == nil {
-				if authInfo.ConfirmedAt == nil {
+				if authwhere.Basic.ConfirmedAt == nil {
 					now := time.Now()
 					authInfo.ConfirmedAt = &now
-					if err = tx.Model(authIdentity).Update(authInfo).Error; err == nil {
+
+					//add token to user table
+					tx.Model(&currentUser).Where("ID = ? and email = ?", authwhere.Basic.UserID, authwhere.Basic.UID).Updates(map[string]interface{}{"confirm_token": token, "confirmed": true})
+
+					if err = tx.Model(authwhere).Where("user_id = ?", authInfo.UserID).Update(authInfo).Error; err == nil {
 						context.SessionStorer.Flash(context.Writer, context.Request, session.Message{Message: ConfirmedAccountFlashMessage, Type: "success"})
 						context.Auth.Redirector.Redirect(context.Writer, context.Request, "confirm")
 						return nil

diff --git a/providers/password/handlers.go b/providers/password/handlers.go
@@ -1,13 +1,11 @@
 package password
 
 import (
-	"reflect"
 	"strings"
 
 	"github.com/qor/auth"
 	"github.com/qor/auth/auth_identity"
 	"github.com/qor/auth/claims"
-	"github.com/qor/qor/utils"
 	"github.com/qor/session"
 )
 
@@ -23,8 +21,9 @@ var DefaultAuthorizeHandler = func(context *auth.Context) (*claims.Claims, error
 	req.ParseForm()
 	authInfo.Provider = provider.GetName()
 	authInfo.UID = strings.TrimSpace(req.Form.Get("login"))
+	authwhere := auth_identity.AuthIdentity{Basic: authInfo}
 
-	if tx.Model(context.Auth.AuthIdentityModel).Where(authInfo).Scan(&authInfo).RecordNotFound() {
+	if tx.Model(context.Auth.AuthIdentityModel).Where(authwhere).Scan(&authInfo).RecordNotFound() { //authInfo in authwhere geändert
 		return nil, auth.ErrInvalidAccount
 	}
 
@@ -65,8 +64,10 @@ var DefaultRegisterHandler = func(context *auth.Context) (*claims.Claims, error)
 
 	authInfo.Provider = provider.GetName()
 	authInfo.UID = strings.TrimSpace(req.Form.Get("login"))
+	authwhere := auth_identity.AuthIdentity{Basic: authInfo}
+	//authIdentity := reflect.New(utils.ModelType(context.Auth.Config.AuthIdentityModel)).Interface()
 
-	if !tx.Model(context.Auth.AuthIdentityModel).Where(authInfo).Scan(&authInfo).RecordNotFound() {
+	if !tx.Model(context.Auth.AuthIdentityModel).Where(authwhere).Scan(&authInfo).RecordNotFound() {
 		return nil, auth.ErrInvalidAccount
 	}
 
@@ -81,9 +82,10 @@ var DefaultRegisterHandler = func(context *auth.Context) (*claims.Claims, error)
 			return nil, err
 		}
 
-		// create auth identity
-		authIdentity := reflect.New(utils.ModelType(context.Auth.Config.AuthIdentityModel)).Interface()
-		if err = tx.Where(authInfo).FirstOrCreate(authIdentity).Error; err == nil {
+		// copy authInfo to authwhere because it has no login credencials
+		authwhere.Basic = authInfo
+		// store login credencials
+		if err = tx.Where(authwhere).FirstOrCreate(&authwhere).Error; err == nil {
 			if provider.Config.Confirmable {
 				context.SessionStorer.Flash(context.Writer, req, session.Message{Message: ConfirmFlashMessage, Type: "success"})
 				err = provider.Config.ConfirmMailer(schema.Email, context, authInfo.ToClaims(), currentUser)

diff --git a/providers/password/views/mailers/auth/confirmation.text.tmpl b/providers/password/views/mailers/auth/confirmation.text.tmpl
@@ -0,0 +1,3 @@
+<p>Please click on the below link to validate your email address:</p>
+
+<p><a href="{{confirm_url}}">{{confirm_url}}</a></p>
diff --git a/schema.go b/schema.go
@@ -13,6 +13,7 @@ type Schema struct {
 	Image     string
 	Phone     string
 	URL       string
+	Role      string `gorm:"default:'Costumer'"`
 
 	RawInfo interface{}
 }
diff --git a/user_storer.go b/user_storer.go
@@ -67,6 +67,7 @@ func (UserStorer) Save(schema *Schema, context *Context) (user interface{}, user
 
 	if context.Auth.Config.UserModel != nil {
 		currentUser := reflect.New(utils.ModelType(context.Auth.Config.UserModel)).Interface()
+		schema.Role = "Costumer" //set the default role for every new user
 		copier.Copy(currentUser, schema)
 		err = tx.Create(currentUser).Error
 		return currentUser, fmt.Sprint(tx.NewScope(currentUser).PrimaryKeyValue()), err
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		<p>Please click on the below link to validate your email address:</p>

		<p><a href="{{confirm_url}}">{{confirm_url}}</a></p>