diff --git a/pkg/server/controllers/routes.go b/pkg/server/controllers/routes.go index f3b93fe0..af76bf76 100644 --- a/pkg/server/controllers/routes.go +++ b/pkg/server/controllers/routes.go @@ -40,7 +40,7 @@ func NewWebRoutes(a *app.App, c *Controllers) []Route { {"GET", "/password-reset/{token}", c.Users.PasswordResetConfirm, true}, {"POST", "/reset-token", c.Users.CreateResetToken, true}, {"POST", "/verification-token", mw.Auth(a, c.Users.CreateEmailVerificationToken, redirectGuest), true}, - {"GET", "/verify-email", mw.Auth(a, c.Users.VerifyEmail, redirectGuest), true}, + {"GET", "/verify-email/{token}", mw.Auth(a, c.Users.VerifyEmail, redirectGuest), true}, {"PATCH", "/account/profile", mw.Auth(a, c.Users.ProfileUpdate, nil), true}, {"PATCH", "/account/password", mw.Auth(a, c.Users.PasswordUpdate, nil), true}, } diff --git a/pkg/server/controllers/users.go b/pkg/server/controllers/users.go index 458ecdd8..ba8cdca1 100644 --- a/pkg/server/controllers/users.go +++ b/pkg/server/controllers/users.go @@ -603,7 +603,8 @@ func (u *Users) ProfileUpdate(w http.ResponseWriter, r *http.Request) { func (u *Users) VerifyEmail(w http.ResponseWriter, r *http.Request) { vd := views.Data{} - tokenValue := r.URL.Query().Get("token") + vars := mux.Vars(r) + tokenValue := vars["token"] if tokenValue == "" { handleHTMLError(w, r, app.ErrMissingToken, "Missing email verification token", u.EmailVerificationView, vd) diff --git a/pkg/server/controllers/users_test.go b/pkg/server/controllers/users_test.go index b59b63cd..110e61b1 100644 --- a/pkg/server/controllers/users_test.go +++ b/pkg/server/controllers/users_test.go @@ -1166,7 +1166,7 @@ func TestVerifyEmail(t *testing.T) { testutils.MustExec(t, testutils.DB.Save(&tok), "preparing token") // Execute - req := testutils.MakeReq(server.URL, "GET", fmt.Sprintf("/verify-email?token=%s", "someTokenValue"), "") + req := testutils.MakeReq(server.URL, "GET", fmt.Sprintf("/verify-email/%s", "someTokenValue"), "") res := testutils.HTTPAuthDo(t, req, user) // Test @@ -1210,7 +1210,7 @@ func TestVerifyEmail(t *testing.T) { testutils.MustExec(t, testutils.DB.Save(&tok), "preparing token") // Execute - req := testutils.MakeReq(server.URL, "GET", fmt.Sprintf("/verify-email?token=%s", "someTokenValue"), "") + req := testutils.MakeReq(server.URL, "GET", fmt.Sprintf("/verify-email/%s", "someTokenValue"), "") res := testutils.HTTPAuthDo(t, req, user) // Test @@ -1253,7 +1253,7 @@ func TestVerifyEmail(t *testing.T) { testutils.MustExec(t, testutils.DB.Model(&tok).Update("created_at", time.Now().Add(time.Minute*-31)), "Failed to prepare token created_at") // Execute - req := testutils.MakeReq(server.URL, "GET", fmt.Sprintf("/verify-email?token=%s", "someTokenValue"), "") + req := testutils.MakeReq(server.URL, "GET", fmt.Sprintf("/verify-email/%s", "someTokenValue"), "") res := testutils.HTTPAuthDo(t, req, user) // Test @@ -1296,7 +1296,7 @@ func TestVerifyEmail(t *testing.T) { testutils.MustExec(t, testutils.DB.Save(&tok), "preparing token") // Execute - req := testutils.MakeReq(server.URL, "GET", fmt.Sprintf("/verify-email?token=%s", "someTokenValue"), "") + req := testutils.MakeReq(server.URL, "GET", fmt.Sprintf("/verify-email/%s", "someTokenValue"), "") res := testutils.HTTPAuthDo(t, req, user) // Test diff --git a/pkg/server/mailer/templates/src/verify_email.txt b/pkg/server/mailer/templates/src/verify_email.txt index 087e14a8..a85ab705 100644 --- a/pkg/server/mailer/templates/src/verify_email.txt +++ b/pkg/server/mailer/templates/src/verify_email.txt @@ -2,7 +2,7 @@ Hi. Welcome to Dnote! To verify your email, visit the following link: - {{ .WebURL }}/verify-email?token={{ .Token }} + {{ .WebURL }}/verify-email/{{ .Token }} Thanks for using Dnote.