package users import ( "encoding/json" "fmt" "net/http" "git.quimbo.fr/odwrtw/canape/backend/auth" "git.quimbo.fr/odwrtw/canape/backend/config" "git.quimbo.fr/odwrtw/canape/backend/tokens" "git.quimbo.fr/odwrtw/canape/backend/web" "github.com/gorilla/mux" ) // SignupPOSTHandler handles the user's Signup func SignupPOSTHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error { var data struct { Username string `json:"username"` Password string `json:"password"` PasswordConfirm string `json:"password_confirm"` } if err := json.NewDecoder(r.Body).Decode(&data); err != nil { return err } e.Log.Debugf("creating new user ...") if data.Password == "" && data.PasswordConfirm != "" { return e.RenderError(w, fmt.Errorf("Empty password")) } if data.Password != data.PasswordConfirm { return e.RenderError(w, fmt.Errorf("Passwords missmatch")) } user := User{Name: data.Username} var err error user.Hash, err = e.Auth.GenHash(data.Password) if err != nil { return err } err = user.NewConfig() if err != nil { return err } if err = user.Add(e.Database); err != nil { return err } e.Log.Debugf("new user %s created ...", data.Username) return e.RenderOK(w, "User created") } // LoginPOSTHandler handles the login proccess func LoginPOSTHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error { var data struct { Username string `json:"username"` Password string `json:"password"` } if err := json.NewDecoder(r.Body).Decode(&data); err != nil { return err } token, err := e.Auth.Login(r, data.Username, data.Password) if err != nil { if err == auth.ErrInvalidPassword || err == ErrUnknownUser { return e.RenderError(w, fmt.Errorf("Error invalid user or password")) } return err } e.Log.Debugf("logged %s", token.Username) // TODO: add token expiration / keep me login stuff var out = struct { Token string `json:"token"` }{ Token: token.Token, } return e.RenderJSON(w, out) } // DetailsHandler show user details func DetailsHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error { v := auth.GetCurrentUser(r, e.Log) user, ok := v.(*User) if !ok { return fmt.Errorf("invalid user type") } var polochonConfig config.UserPolochon err := user.GetConfig("polochon", &polochonConfig) if err != nil { return err } return e.RenderJSON(w, polochonConfig) } // EditHandler allow editing user info and configuration func EditHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error { v := auth.GetCurrentUser(r, e.Log) user, ok := v.(*User) if !ok { return fmt.Errorf("invalid user type") } var data struct { PolochonURL string `json:"polochon_url"` PolochonToken string `json:"polochon_token"` Password string `json:"password"` PasswordConfirm string `json:"password_confirm"` } if err := json.NewDecoder(r.Body).Decode(&data); err != nil { return err } if data.Password != "" && data.PasswordConfirm != "" { if data.Password != data.PasswordConfirm { return e.RenderError(w, fmt.Errorf("Passwords empty or missmatch")) } // Update the user config var err error user.Hash, err = e.Auth.GenHash(data.Password) if err != nil { return err } } // Update the polochon config var polochonConfig config.UserPolochon if err := user.GetConfig("polochon", &polochonConfig); err != nil { return err } polochonConfig.URL = data.PolochonURL polochonConfig.Token = data.PolochonToken if err := user.SetConfig("polochon", polochonConfig); err != nil { return err } // Save the user with the new configurations if err := user.Update(e.Database); err != nil { return err } return e.RenderOK(w, "user updated") } // GetTokensHandler lists the tokens of a user func GetTokensHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error { v := auth.GetCurrentUser(r, e.Log) user, ok := v.(*User) if !ok { return fmt.Errorf("invalid user type") } tokens, err := tokens.GetUserTokens(e.Database, user.Name) if err != nil { return err } return e.RenderJSON(w, tokens) } // DeleteTokenHandler helps delete a token func DeleteTokenHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error { vars := mux.Vars(r) token := vars["token"] v := auth.GetCurrentUser(r, e.Log) user, ok := v.(*User) if !ok { return fmt.Errorf("invalid user type") } if err := tokens.DeleteToken(e.Database, user.Name, token); err != nil { return err } return e.RenderOK(w, "token deleted") } // EditTokenHandler helps delete a token func EditTokenHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error { vars := mux.Vars(r) token := vars["token"] v := auth.GetCurrentUser(r, e.Log) user, ok := v.(*User) if !ok { return fmt.Errorf("invalid user type") } t, err := tokens.GetUserToken(e.Database, user.Name, token) if err != nil { return err } data := struct { Description string `json:"description"` }{} if err := json.NewDecoder(r.Body).Decode(&data); err != nil { return err } t.Description = data.Description if err := t.Update(e.Database); err != nil { return err } return e.RenderJSON(w, t) } // GetModulesStatus returns the status of the modules func GetModulesStatus(e *web.Env, w http.ResponseWriter, r *http.Request) error { // Get the user from the request v := auth.GetCurrentUser(r, e.Log) user, ok := v.(*User) if !ok { return e.RenderError(w, fmt.Errorf("invalid user type")) } // Create a papi client client, err := user.NewPapiClient() if err != nil { return e.RenderError(w, fmt.Errorf("error while getting user")) } status, err := client.GetModulesStatus() if err != nil { return e.RenderError(w, fmt.Errorf("error while getting modules status %q", err)) } return e.RenderJSON(w, status) }