frontend: disabled button while processing password reset

.gitignore

@@ -40,7 +40,6 @@ go.work
 !go.sum
 !go.mod
 #!*.sql
-
 !README.md
 !LICENSE
 

compose.yml

@@ -1,10 +1,10 @@
 services:
   app:
-    build: .
+    build: ./go-backend
     container_name: carsharingBackend
     ports:
       - "8080:8080"
     volumes:
-      - ./configs/config.json:/root/configs/config.json:ro
-      - ./data/db.sqlite3:/root/data/db.sqlite3
-      - ./templates:/root/templates:ro
+      - ./go-backend/configs/config.json:/root/configs/config.json:ro
+      - ./go-backend/data/db.sqlite3:/root/data/db.sqlite3
+      - ./go-backend/templates:/root/templates:ro

frontend/src/lib/components/SubscriptionEditForm.svelte

@@ -127,7 +127,7 @@
 		</div>
 		<div class="button-container">
 			{#if isUpdating}
-				<SmallLoader width={30} message={'Aktualisiere...'} />
+				<SmallLoader width={30} message={$t('loading.updating')} />
 			{:else}
 				<button type="button" class="button-dark" on:click={() => dispatch('cancel')}>
 					{$t('cancel')}</button

frontend/src/lib/components/UserEditForm.svelte

@@ -234,7 +234,7 @@
 				options={userStatusOptions}
 				readonly={role_id === 0}
 			/>
-			{#if localUser.role_id === 8}
+			{#if role_id === 8}
 				<InputField
 					name="user[role_id]"
 					type="select"
@@ -261,7 +261,7 @@
 			/>
 			<InputField
 				name="user[first_name]"
-				label={$t('first_name')}
+				label={$t('user.first_name')}
 				bind:value={localUser.first_name}
 				placeholder={$t('placeholder.first_name')}
 				required={true}
@@ -322,7 +322,7 @@
 				bind:value={localUser.city}
 				placeholder={$t('placeholder.city')}
 			/>
-			{#if localUser.role_id > 0}
+			{#if role_id > 0}
 				<InputField
 					name="user[notes]"
 					type="textarea"
@@ -528,7 +528,7 @@
 		</div>
 		<div class="button-container">
 			{#if isUpdating}
-				<SmallLoader width={30} message={'Aktualisiere...'} />
+				<SmallLoader width={30} message={$t('loading.updating')} />
 			{:else}
 				<button type="button" class="button-dark" on:click={() => dispatch('cancel')}>
 					{$t('cancel')}</button

frontend/src/lib/locales/de.js

@@ -134,7 +134,9 @@ export default {
 	},
 	loading: {
 		user_data: 'Lade Nutzerdaten',
-		subscription_data: 'Lade Modelldaten'
+		subscription_data: 'Lade Modelldaten',
+		please_wait: 'Bitte warten...',
+		updating: 'Aktualisiere...'
 	},
 	dialog: {
 		user_deletion: 'Soll der Nutzer {firstname} {lastname} wirklich gelöscht werden?',

frontend/src/routes/auth/password/change/+page.svelte

@@ -1,15 +1,19 @@
 <script>
 	import { applyAction, enhance } from '$app/forms';
+	import SmallLoader from '$lib/components/SmallLoader.svelte';
 	import { receive, send } from '$lib/utils/helpers';
 	import { t } from 'svelte-i18n';
 
 	/** @type {import('./$types').ActionData} */
 	export let form;
 
+	let loading = false;
 	/** @type {import('./$types').SubmitFunction} */
 	const handleRequestChange = async () => {
+		loading = true;
 		return async ({ result }) => {
 			await applyAction(result);
+			loading = false;
 		};
 	};
 </script>
@@ -40,6 +44,10 @@
 				required
 			/>
 		</div>
-		<button class="button-dark">{$t('confirm')}</button>
+		{#if loading}
+			<SmallLoader width={30} message={$t('loading.please_wait')} />
+		{:else}
+			<button class="button-dark" disabled={loading}>{$t('confirm')}</button>
+		{/if}
 	</form>
 </div>

go-backend/configs/config.template.json

@@ -18,7 +18,7 @@
     "MailPath": "templates/email",
     "HTMLPath": "templates/html",
     "StaticPath": "templates/css",
-    "LogoURI": "/images/LOGO.png"
+    "LogoURI": "/assets/LOGO.png"
   },
   "auth": {
     "APIKey": ""

go-backend/data/README.md

@@ -0,0 +1 @@
+Database Folder according to the project structure and the template configuration

go-backend/internal/controllers/user_Password.go

@@ -72,7 +72,9 @@ func (uc *UserController) ChangePassword(c *gin.Context) {
 	verification, err := uc.Service.VerifyUser(&input.Token, &constants.VerificationTypes.Password)
 	if err != nil || uint(userIDint) != verification.UserID {
 		if err == errors.ErrAlreadyVerified {
-			utils.RespondWithError(c, err, "User already verified", http.StatusConflict, errors.Responses.Fields.User, errors.Responses.Keys.PasswordAlreadyChanged)
+			utils.RespondWithError(c, err, "User already changed password", http.StatusConflict, errors.Responses.Fields.User, errors.Responses.Keys.PasswordAlreadyChanged)
+		} else if err.Error() == "record not found" {
+			utils.RespondWithError(c, err, "Couldn't find verification. This is most probably a outdated token.", http.StatusGone, errors.Responses.Fields.User, errors.Responses.Keys.NoAuthToken)
 		} else {
 			utils.RespondWithError(c, err, "Couldn't verify user", http.StatusInternalServerError, errors.Responses.Fields.General, errors.Responses.Keys.InternalServerError)
 		}

go-backend/internal/controllers/user_controller.go

@@ -256,7 +256,7 @@ func (uc *UserController) LoginHandler(c *gin.Context) {
 func (uc *UserController) RegisterUser(c *gin.Context) {
 
 	var regData RegistrationData
-
+	logger.Error.Printf("registering user...")
 	if err := c.ShouldBindJSON(&regData); err != nil {
 		utils.HandleValidationError(c, err)
 		return

go-backend/internal/middlewares/cors.go

@@ -13,7 +13,7 @@ func CORSMiddleware() gin.HandlerFunc {
 	logger.Info.Print("Applying CORS")
 	return cors.New(cors.Config{
 		AllowOrigins:     strings.Split(config.Site.AllowOrigins, ","),
-		AllowMethods:     []string{"GET", "POST", "PATCH", "PUT"},
+		AllowMethods:     []string{"GET", "POST", "PATCH", "PUT", "OPTIONS"},
 		AllowHeaders:     []string{"Origin", "Content-Type", "Accept", "Authorization", "X-Requested-With", "X-CSRF-Token"},
 		ExposeHeaders:    []string{"Content-Length"},
 		AllowCredentials: true,

go-backend/internal/middlewares/csp.go

@@ -9,6 +9,7 @@ import (
 )
 
 func CSPMiddleware() gin.HandlerFunc {
+	logger.Error.Printf("applying CSP")
 	return func(c *gin.Context) {
 		policy := "default-src 'self'; " +
 			"script-src 'self' 'unsafe-inline'" +

go-backend/internal/middlewares/headers.go

@@ -1,8 +1,13 @@
 package middlewares
 
-import "github.com/gin-gonic/gin"
+import (
+	"GoMembership/pkg/logger"
+
+	"github.com/gin-gonic/gin"
+)
 
 func SecurityHeadersMiddleware() gin.HandlerFunc {
+	logger.Error.Printf("applying headers")
 	return func(c *gin.Context) {
 		c.Header("X-Frame-Options", "DENY")
 		c.Header("X-Content-Type-Options", "nosniff")

go-backend/pkg/errors/errors.go

@@ -14,6 +14,7 @@ type ValidationKeys struct {
 	InvalidUserID             string
 	PasswordAlreadyChanged    string
 	UserDisabled              string
+	NoAuthToken               string
 }
 
 type ValidationFields struct {
@@ -63,6 +64,7 @@ var Responses = struct {
 		Duplicate:                 "server.validation.duplicate",
 		UserDisabled:              "server.validation.user_disabled",
 		PasswordAlreadyChanged:    "server.validation.password_already_changed",
+		NoAuthToken:               "server.error.no_auth_token",
 	},
 	Fields: ValidationFields{
 		General:            "general",