website/pkg/controller/account/age_gate.go

package account

import (
	"fmt"
	"net/http"
	"time"

	"code.nonshy.com/nonshy/website/pkg/config"
	"code.nonshy.com/nonshy/website/pkg/models"
	"code.nonshy.com/nonshy/website/pkg/session"
	"code.nonshy.com/nonshy/website/pkg/templates"
	"code.nonshy.com/nonshy/website/pkg/utility"
)

// User age gate page to collect birthdates retroactively (/settings/age-gate)
func AgeGate() http.HandlerFunc {
	tmpl := templates.Must("account/age_gate.html")
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		vars := map[string]interface{}{
			"Enum": config.ProfileEnums,
		}

		// Load the current user in case of updates.
		user, err := session.CurrentUser(r)
		if err != nil {
			session.FlashError(w, r, "Couldn't get CurrentUser: %s", err)
			templates.Redirect(w, r.URL.Path)
			return
		}

		// If we have already set our age, don't allow changing it.
		if !user.Birthdate.IsZero() {
			templates.NotFoundPage(w, r)
			return
		}

		// Are we POSTing?
		if r.Method == http.MethodPost {
			var (
				dob     = r.PostFormValue("dob")
				hideAge = r.PostFormValue("hide_age")
			)

			birthdate, err := time.Parse("2006-01-02", dob)
			if err != nil {
				session.FlashError(w, r, "Incorrect format for birthdate; should be in yyyy-mm-dd format but got: %s", dob)
				templates.Redirect(w, r.URL.Path)
				return
			}

			// Validate birthdate is at least age 18.
			if utility.Age(birthdate) <= 5 {
				// Probably an error: seen some users enter current year by mistake, don't instantly ban them.
				session.FlashError(w, r, "Please enter a valid birthdate. The year you entered (%d) was probably incorrect.", birthdate.Year())
				templates.Redirect(w, r.URL.Path)
				return
			} else if utility.Age(birthdate) < 18 {
				// Lock their account and notify the admins.
				fb := &models.Feedback{
					Intent:    "report",
					Subject:   "Age Gate has auto-banned a user account",
					TableName: "users",
					TableID:   user.ID,
					Message: fmt.Sprintf(
						"The user **%s** (id:%d) has seen the Age Gate page and entered their birthdate which was under 18 years old (their entry: %s, %d years old), and their account has been banned automatically.",
						user.Username, user.ID,
						birthdate.Format("2006-01-02"), utility.Age(birthdate),
					),
				}

				if err := models.CreateFeedback(fb); err != nil {
					session.FlashError(w, r, "Couldn't create admin notification: %s", err)
				}

				session.FlashError(w, r,
					"You must be 18 years old to use this site and you have entered a birthdate that looks to be %d. "+
						"If this was done by mistake, please contact support to resolve this issue. In the meantime, your "+
						"account will be locked and you have been logged out.",
					utility.Age(birthdate),
				)

				// Ban the account now.
				user.Status = models.UserStatusBanned
				if err := user.Save(); err != nil {
					session.FlashError(w, r, "Couldn't save update to your user account!")
				}

				session.LogoutUser(w, r)
				templates.Redirect(w, "/")
				return
			}

			user.Birthdate = birthdate

			if err := user.Save(); err != nil {
				session.FlashError(w, r, "Failed to save user to database: %s", err)
			}

			user.SetProfileField("hide_age", hideAge)

			session.Flash(w, r, "Thank you for entering your birthdate!")

			templates.Redirect(w, "/me")
			return
		}

		if err := tmpl.Execute(w, r, vars); err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
	})
}
Age gate: collect birthdates retroactively and on new signup 2023-06-16 04:38:09 +00:00			`package account`

			`import (`
			`"fmt"`
			`"net/http"`
			`"time"`

			`"code.nonshy.com/nonshy/website/pkg/config"`
			`"code.nonshy.com/nonshy/website/pkg/models"`
			`"code.nonshy.com/nonshy/website/pkg/session"`
			`"code.nonshy.com/nonshy/website/pkg/templates"`
			`"code.nonshy.com/nonshy/website/pkg/utility"`
			`)`

			`// User age gate page to collect birthdates retroactively (/settings/age-gate)`
			`func AgeGate() http.HandlerFunc {`
			`tmpl := templates.Must("account/age_gate.html")`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`vars := map[string]interface{}{`
			`"Enum": config.ProfileEnums,`
			`}`

			`// Load the current user in case of updates.`
			`user, err := session.CurrentUser(r)`
			`if err != nil {`
			`session.FlashError(w, r, "Couldn't get CurrentUser: %s", err)`
			`templates.Redirect(w, r.URL.Path)`
			`return`
			`}`

Bugfixes with changing user birthdates 2023-06-16 05:12:01 +00:00			`// If we have already set our age, don't allow changing it.`
			`if !user.Birthdate.IsZero() {`
			`templates.NotFoundPage(w, r)`
			`return`
			`}`

Age gate: collect birthdates retroactively and on new signup 2023-06-16 04:38:09 +00:00			`// Are we POSTing?`
			`if r.Method == http.MethodPost {`
Option to hide age from profile display 2023-06-16 05:05:21 +00:00			`var (`
			`dob = r.PostFormValue("dob")`
			`hideAge = r.PostFormValue("hide_age")`
			`)`
Age gate: collect birthdates retroactively and on new signup 2023-06-16 04:38:09 +00:00
			`birthdate, err := time.Parse("2006-01-02", dob)`
			`if err != nil {`
			`session.FlashError(w, r, "Incorrect format for birthdate; should be in yyyy-mm-dd format but got: %s", dob)`
			`templates.Redirect(w, r.URL.Path)`
			`return`
			`}`

			`// Validate birthdate is at least age 18.`
Fix age gate page to defend against common user error 2023-06-18 11:58:04 +00:00			`if utility.Age(birthdate) <= 5 {`
			`// Probably an error: seen some users enter current year by mistake, don't instantly ban them.`
			`session.FlashError(w, r, "Please enter a valid birthdate. The year you entered (%d) was probably incorrect.", birthdate.Year())`
			`templates.Redirect(w, r.URL.Path)`
			`return`
			`} else if utility.Age(birthdate) < 18 {`
Age gate: collect birthdates retroactively and on new signup 2023-06-16 04:38:09 +00:00			`// Lock their account and notify the admins.`
			`fb := &models.Feedback{`
			`Intent: "report",`
			`Subject: "Age Gate has auto-banned a user account",`
			`TableName: "users",`
			`TableID: user.ID,`
			`Message: fmt.Sprintf(`
			`"The user %s (id:%d) has seen the Age Gate page and entered their birthdate which was under 18 years old (their entry: %s, %d years old), and their account has been banned automatically.",`
			`user.Username, user.ID,`
			`birthdate.Format("2006-01-02"), utility.Age(birthdate),`
			`),`
			`}`

			`if err := models.CreateFeedback(fb); err != nil {`
			`session.FlashError(w, r, "Couldn't create admin notification: %s", err)`
			`}`

			`session.FlashError(w, r,`
			`"You must be 18 years old to use this site and you have entered a birthdate that looks to be %d. "+`
			`"If this was done by mistake, please contact support to resolve this issue. In the meantime, your "+`
			`"account will be locked and you have been logged out.",`
			`utility.Age(birthdate),`
			`)`

			`// Ban the account now.`
			`user.Status = models.UserStatusBanned`
			`if err := user.Save(); err != nil {`
			`session.FlashError(w, r, "Couldn't save update to your user account!")`
			`}`

			`session.LogoutUser(w, r)`
			`templates.Redirect(w, "/")`
			`return`
			`}`

			`user.Birthdate = birthdate`

			`if err := user.Save(); err != nil {`
			`session.FlashError(w, r, "Failed to save user to database: %s", err)`
			`}`

Option to hide age from profile display 2023-06-16 05:05:21 +00:00			`user.SetProfileField("hide_age", hideAge)`

Age gate: collect birthdates retroactively and on new signup 2023-06-16 04:38:09 +00:00			`session.Flash(w, r, "Thank you for entering your birthdate!")`

			`templates.Redirect(w, "/me")`
			`return`
			`}`

			`if err := tmpl.Execute(w, r, vars); err != nil {`
			`http.Error(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`})`
			`}`