From ac1a65b99906cee63fb3053c4cb39d2364c89123 Mon Sep 17 00:00:00 2001
From: David Oduneye <44040421+DOOduneye@users.noreply.github.com>
Date: Tue, 2 Apr 2024 17:45:23 -0400
Subject: [PATCH] fixed minor issues (#451)

Co-authored-by: Garrett Ladley <92384606+garrettladley@users.noreply.github.com>
---
 backend/src/services/auth.go     | 35 +++++++++------
 backend/src/transactions/auth.go | 73 --------------------------------
 config/local.yml                 |  4 +-
 3 files changed, 24 insertions(+), 88 deletions(-)

diff --git a/backend/src/services/auth.go b/backend/src/services/auth.go
index 4540f71fb..e4788ad71 100644
--- a/backend/src/services/auth.go
+++ b/backend/src/services/auth.go
@@ -12,6 +12,7 @@ import (
 	"github.com/GenerateNU/sac/backend/src/utilities"
 	"github.com/gofiber/fiber/v2"
 	"github.com/golang-jwt/jwt"
+	"gorm.io/gorm"
 )
 
 type AuthServiceInterface interface {
@@ -272,27 +273,17 @@ func (a *AuthService) SendCode(email string) *errors.Error {
 	return nil
 }
 
-/* trunk-ignore(golangci-lint/cyclop) */
-func (a *AuthService) VerifyEmail(emailBody models.VerifyEmailRequestBody) *errors.Error {
-	if err := a.Validate.Struct(emailBody); err != nil {
-		return &errors.FailedToValidateUser
-	}
-
-	user, err := transactions.GetUserByEmail(a.DB, emailBody.Email)
-	if err != nil {
-		return err
-	}
-
+func verifyEmailHelper(user *models.User, token string, db *gorm.DB) *errors.Error {
 	if user.IsVerified {
 		return &errors.EmailAlreadyVerified
 	}
 
-	otp, otpErr := transactions.GetToken(a.DB, emailBody.Token, models.EmailVerificationType)
+	otp, otpErr := transactions.GetToken(db, token, models.EmailVerificationType)
 	if otpErr != nil {
 		return otpErr
 	}
 
-	if otp.Token != emailBody.Token {
+	if otp.Token != token {
 		return &errors.InvalidOTP
 	}
 
@@ -300,6 +291,24 @@ func (a *AuthService) VerifyEmail(emailBody models.VerifyEmailRequestBody) *erro
 		return &errors.OTPExpired
 	}
 
+	return nil
+}
+
+func (a *AuthService) VerifyEmail(emailBody models.VerifyEmailRequestBody) *errors.Error {
+	if err := a.Validate.Struct(emailBody); err != nil {
+		return &errors.FailedToValidateUser
+	}
+
+	user, err := transactions.GetUserByEmail(a.DB, emailBody.Email)
+	if err != nil {
+		return err
+	}
+
+	verifyErr := verifyEmailHelper(user, emailBody.Token, a.DB)
+	if verifyErr != nil {
+		return verifyErr
+	}
+
 	tx := a.DB.Begin()
 	defer func() {
 		if r := recover(); r != nil {
diff --git a/backend/src/transactions/auth.go b/backend/src/transactions/auth.go
index e5933156e..56abd3ea2 100644
--- a/backend/src/transactions/auth.go
+++ b/backend/src/transactions/auth.go
@@ -9,79 +9,6 @@ import (
 	"gorm.io/gorm"
 )
 
-// func SaveOTP(db *gorm.DB, userID uuid.UUID, otp string) *errors.Error {
-// 	otpModel := models.Verification{
-// 		UserID:    userID,
-// 		Token:     otp,
-// 		ExpiresAt: time.Now().Add(time.Minute * 30).UTC(),
-// 		Type:      models.EmailVerificationType,
-// 	}
-
-// 	if err := db.Create(&otpModel).Error; err != nil {
-// 		return &errors.FailedToSaveOTP
-// 	}
-
-// 	return nil
-// }
-
-// // @Deprecated
-// func GetOTP(db *gorm.DB, userID uuid.UUID) (*models.Verification, *errors.Error) {
-// 	var otp models.Verification
-// 	if err := db.Where("user_id = ? AND type = ?", userID, models.EmailVerificationType).First(&otp).Error; err != nil {
-// 		if stdliberrors.Is(err, gorm.ErrRecordNotFound) {
-// 			return nil, &errors.OTPNotFound
-// 		}
-
-// 		return nil, &errors.FailedToGetOTP
-// 	}
-
-// 	return &otp, nil
-// }
-
-// func DeleteOTP(db *gorm.DB, userID uuid.UUID) *errors.Error {
-// 	if err := db.Where("user_id = ? AND type = ?", userID, models.EmailVerificationType).Delete(&models.Verification{}).Error; err != nil {
-// 		return &errors.FailedToDeleteOTP
-// 	}
-
-// 	return nil
-// }
-
-// func SavePasswordResetToken(db *gorm.DB, userID uuid.UUID, token string) *errors.Error {
-// 	passwordReset := models.Verification{
-// 		UserID:    userID,
-// 		Token:     token,
-// 		ExpiresAt: time.Now().Add(time.Hour * 24).UTC(),
-// 		Type:      models.PasswordResetType,
-// 	}
-
-// 	if err := db.Create(&passwordReset).Error; err != nil {
-// 		return &errors.FailedToCreatePasswordReset
-// 	}
-
-// 	return nil
-// }
-
-// func DeletePasswordResetToken(db *gorm.DB, token string) *errors.Error {
-// 	if err := db.Where("token = ? AND type = ?", token, models.PasswordResetType).Delete(&models.Verification{}).Error; err != nil {
-// 		return &errors.FailedToDeletePasswordReset
-// 	}
-
-// 	return nil
-// }
-
-// // @Deprecated
-// func GetPasswordResetToken(db *gorm.DB, token string) (*models.Verification, *errors.Error) {
-// 	passwordReset := models.Verification{}
-// 	if err := db.Where("token = ? AND type = ?", token, models.PasswordResetType).First(&passwordReset).Error; err != nil {
-// 		if err == gorm.ErrRecordNotFound {
-// 			return nil, &errors.PasswordResetTokenNotFound
-// 		}
-// 		return nil, &errors.FailedToGetPasswordResetToken
-// 	}
-
-// 	return &passwordReset, nil
-// }
-
 func GetToken(db *gorm.DB, token string, tokenType models.VerificationType) (*models.Verification, *errors.Error) {
 	tokenModel := models.Verification{}
 	if err := db.Where("token = ? AND type = ?", token, tokenType).First(&tokenModel).Error; err != nil {
diff --git a/config/local.yml b/config/local.yml
index 8ba599a5d..1acbc27ef 100644
--- a/config/local.yml
+++ b/config/local.yml
@@ -13,6 +13,6 @@ superuser:
   password: Password#!1
 auth:
   accesskey: g(r|##*?>\Qp}h37e+,T2
-  accesstokenexpiry: 30 # in minutes
+  accesstokenexpiry: 60 # in minutes
   refreshkey: amk*2!gG}1i"8D9RwJS$p
-  refreshtokenexpiry: 60 # in days
+  refreshtokenexpiry: 30 # in days