added user.NewAuthToken

database/user.go

@@ -14,9 +14,11 @@ import (
 	"encoding/hex"
 	"errors"
 	"fmt"
+	"hash/crc32"
 	"sync"
 	"time"
 
+	"git.erbosoft.com/amy/amsterdam/util"
 	lru "github.com/hashicorp/golang-lru"
 	log "github.com/sirupsen/logrus"
 )
@@ -68,6 +70,23 @@ func (u *User) ContactInfo() (*ContactInfo, error) {
 	return AmGetContactInfo(u.ContactID)
 }
 
+/* NewAuthToken generates and returns a new authentication token for the user.
+ * Returns:
+ *     Authentication token value
+ *	   Standard Go error status.
+ */
+func (u *User) NewAuthToken() (string, error) {
+	u.Mutex.Lock()
+	defer u.Mutex.Unlock()
+	newToken := util.GenerateRandomAuthString()
+	if _, err := amdb.Exec("UPDATE users SET tokenauth = ? WHERE uid = ?", newToken, u.Uid); err != nil {
+		return "", err
+	}
+	u.Tokenauth = &newToken
+	checkValue := uint32(u.Uid) ^ crc32.ChecksumIEEE([]byte(newToken))
+	return fmt.Sprintf("AQAT:%d|%s|%d|", u.Uid, newToken, checkValue), nil
+}
+
 /* AmGetUser returns a reference to the specified user.
  * Parameters:
  *     uid - The UID of the user.

login.go

@@ -78,7 +78,7 @@ func Login(ctxt ui.AmContext) (string, any, error) {
 				ci, uerr = user.ContactInfo()
 				if uerr == nil {
 					if ci != nil && ci.Email != nil && *ci.Email != "" {
-						msg := email.AmNewEmailMessage(user.Uid, ctxt.RemoteIP())
+						msg := email.AmNewEmailMessage(ctxt.CurrentUserId(), ctxt.RemoteIP())
 						msg.AddTo(*ci.Email, "")
 						msg.SetTemplate("pass_remind.jet")
 						msg.AddVariable("username", user.Username)

util/random.go

@@ -0,0 +1,35 @@
+/*
+ * Amsterdam Web Communities System
+ * Copyright (c) 2025 Erbosoft Metaverse Design Solutions, All Rights Reserved
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/.
+ */
+
+// Package util contains utility definitions.
+package util
+
+import (
+	"crypto/rand"
+	"io"
+)
+
+// authAlphabet is the set of characters from which we generate auth strings.
+const authAlphabet = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./"
+
+// authStringLen is the standard lengtth of authentication strings.
+const authStringLen = 32
+
+// GenerateRandomAuthString generates a random authentication string.
+func GenerateRandomAuthString() string {
+	b := make([]byte, authStringLen)
+	if _, err := io.ReadFull(rand.Reader, b); err != nil {
+		// can't happen (at least on a modern OS)
+		panic("failed to read random: " + err.Error())
+	}
+	for i := 0; i < authStringLen; i++ {
+		b[i] = authAlphabet[int(b[i])%len(authAlphabet)]
+	}
+	return string(b)
+}