website/pkg/controller/account/age_gate.go

97 lines
2.8 KiB
Go
Raw Normal View History

package account
import (
"fmt"
"net/http"
"time"
"code.nonshy.com/nonshy/website/pkg/config"
"code.nonshy.com/nonshy/website/pkg/models"
"code.nonshy.com/nonshy/website/pkg/session"
"code.nonshy.com/nonshy/website/pkg/templates"
"code.nonshy.com/nonshy/website/pkg/utility"
)
// User age gate page to collect birthdates retroactively (/settings/age-gate)
func AgeGate() http.HandlerFunc {
tmpl := templates.Must("account/age_gate.html")
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
vars := map[string]interface{}{
"Enum": config.ProfileEnums,
}
// Load the current user in case of updates.
user, err := session.CurrentUser(r)
if err != nil {
session.FlashError(w, r, "Couldn't get CurrentUser: %s", err)
templates.Redirect(w, r.URL.Path)
return
}
// Are we POSTing?
if r.Method == http.MethodPost {
var dob = r.PostFormValue("dob")
birthdate, err := time.Parse("2006-01-02", dob)
if err != nil {
session.FlashError(w, r, "Incorrect format for birthdate; should be in yyyy-mm-dd format but got: %s", dob)
templates.Redirect(w, r.URL.Path)
return
}
// Validate birthdate is at least age 18.
if utility.Age(birthdate) < 18 {
// Lock their account and notify the admins.
fb := &models.Feedback{
Intent: "report",
Subject: "Age Gate has auto-banned a user account",
TableName: "users",
TableID: user.ID,
Message: fmt.Sprintf(
"The user **%s** (id:%d) has seen the Age Gate page and entered their birthdate which was under 18 years old (their entry: %s, %d years old), and their account has been banned automatically.",
user.Username, user.ID,
birthdate.Format("2006-01-02"), utility.Age(birthdate),
),
}
if err := models.CreateFeedback(fb); err != nil {
session.FlashError(w, r, "Couldn't create admin notification: %s", err)
}
session.FlashError(w, r,
"You must be 18 years old to use this site and you have entered a birthdate that looks to be %d. "+
"If this was done by mistake, please contact support to resolve this issue. In the meantime, your "+
"account will be locked and you have been logged out.",
utility.Age(birthdate),
)
// Ban the account now.
user.Status = models.UserStatusBanned
if err := user.Save(); err != nil {
session.FlashError(w, r, "Couldn't save update to your user account!")
}
session.LogoutUser(w, r)
templates.Redirect(w, "/")
return
}
user.Birthdate = birthdate
if err := user.Save(); err != nil {
session.FlashError(w, r, "Failed to save user to database: %s", err)
}
session.Flash(w, r, "Thank you for entering your birthdate!")
templates.Redirect(w, "/me")
return
}
if err := tmpl.Execute(w, r, vars); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
})
}