218 lines
5.0 KiB
Go
218 lines
5.0 KiB
Go
package users
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"github.com/gorilla/mux"
|
|
"git.quimbo.fr/odwrtw/canape/backend/auth"
|
|
"git.quimbo.fr/odwrtw/canape/backend/config"
|
|
"git.quimbo.fr/odwrtw/canape/backend/tokens"
|
|
"git.quimbo.fr/odwrtw/canape/backend/web"
|
|
)
|
|
|
|
// SignupPOSTHandler handles the user's Signup
|
|
func SignupPOSTHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error {
|
|
var data struct {
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
PasswordConfirm string `json:"password_confirm"`
|
|
}
|
|
if err := json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
return err
|
|
}
|
|
e.Log.Debugf("creating new user ...")
|
|
|
|
if data.Password == "" && data.PasswordConfirm != "" {
|
|
return e.RenderError(w, fmt.Errorf("Empty password"))
|
|
}
|
|
|
|
if data.Password != data.PasswordConfirm {
|
|
return e.RenderError(w, fmt.Errorf("Passwords missmatch"))
|
|
}
|
|
|
|
user := User{Name: data.Username}
|
|
|
|
var err error
|
|
user.Hash, err = e.Auth.GenHash(data.Password)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = user.NewConfig()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if err = user.Add(e.Database); err != nil {
|
|
return err
|
|
}
|
|
e.Log.Debugf("new user %s created ...", data.Username)
|
|
|
|
return e.RenderOK(w, "User created")
|
|
}
|
|
|
|
// LoginPOSTHandler handles the login proccess
|
|
func LoginPOSTHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error {
|
|
var data struct {
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
}
|
|
|
|
if err := json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
return err
|
|
}
|
|
|
|
token, err := e.Auth.Login(r, data.Username, data.Password)
|
|
if err != nil {
|
|
if err == auth.ErrInvalidPassword || err == ErrUnknownUser {
|
|
return e.RenderError(w, fmt.Errorf("Error invalid user or password"))
|
|
}
|
|
return err
|
|
}
|
|
e.Log.Debugf("logged %s", token.Username)
|
|
|
|
// TODO: add token expiration / keep me login stuff
|
|
|
|
var out = struct {
|
|
Token string `json:"token"`
|
|
}{
|
|
Token: token.Token,
|
|
}
|
|
|
|
return e.RenderJSON(w, out)
|
|
}
|
|
|
|
// DetailsHandler show user details
|
|
func DetailsHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error {
|
|
v := auth.GetCurrentUser(r, e.Log)
|
|
user, ok := v.(*User)
|
|
if !ok {
|
|
return fmt.Errorf("invalid user type")
|
|
}
|
|
|
|
var polochonConfig config.UserPolochon
|
|
err := user.GetConfig("polochon", &polochonConfig)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return e.RenderJSON(w, polochonConfig)
|
|
}
|
|
|
|
// EditHandler allow editing user info and configuration
|
|
func EditHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error {
|
|
v := auth.GetCurrentUser(r, e.Log)
|
|
user, ok := v.(*User)
|
|
if !ok {
|
|
return fmt.Errorf("invalid user type")
|
|
}
|
|
|
|
var data struct {
|
|
PolochonURL string `json:"polochon_url"`
|
|
PolochonToken string `json:"polochon_token"`
|
|
Password string `json:"password"`
|
|
PasswordConfirm string `json:"password_confirm"`
|
|
}
|
|
if err := json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
return err
|
|
}
|
|
|
|
if data.Password != "" && data.PasswordConfirm != "" {
|
|
if data.Password != data.PasswordConfirm {
|
|
return e.RenderError(w, fmt.Errorf("Passwords empty or missmatch"))
|
|
}
|
|
|
|
// Update the user config
|
|
var err error
|
|
user.Hash, err = e.Auth.GenHash(data.Password)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
// Update the polochon config
|
|
var polochonConfig config.UserPolochon
|
|
if err := user.GetConfig("polochon", &polochonConfig); err != nil {
|
|
return err
|
|
}
|
|
polochonConfig.URL = data.PolochonURL
|
|
polochonConfig.Token = data.PolochonToken
|
|
if err := user.SetConfig("polochon", polochonConfig); err != nil {
|
|
return err
|
|
}
|
|
|
|
// Save the user with the new configurations
|
|
if err := user.Update(e.Database); err != nil {
|
|
return err
|
|
}
|
|
|
|
return e.RenderOK(w, "user updated")
|
|
}
|
|
|
|
// GetTokensHandler lists the tokens of a user
|
|
func GetTokensHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error {
|
|
v := auth.GetCurrentUser(r, e.Log)
|
|
user, ok := v.(*User)
|
|
if !ok {
|
|
return fmt.Errorf("invalid user type")
|
|
}
|
|
|
|
tokens, err := tokens.GetUserTokens(e.Database, user.Name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return e.RenderJSON(w, tokens)
|
|
}
|
|
|
|
// DeleteTokenHandler helps delete a token
|
|
func DeleteTokenHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error {
|
|
vars := mux.Vars(r)
|
|
token := vars["token"]
|
|
|
|
v := auth.GetCurrentUser(r, e.Log)
|
|
user, ok := v.(*User)
|
|
if !ok {
|
|
return fmt.Errorf("invalid user type")
|
|
}
|
|
|
|
if err := tokens.DeleteToken(e.Database, user.Name, token); err != nil {
|
|
return err
|
|
}
|
|
|
|
return e.RenderOK(w, "token deleted")
|
|
}
|
|
|
|
// EditTokenHandler helps delete a token
|
|
func EditTokenHandler(e *web.Env, w http.ResponseWriter, r *http.Request) error {
|
|
vars := mux.Vars(r)
|
|
token := vars["token"]
|
|
|
|
v := auth.GetCurrentUser(r, e.Log)
|
|
user, ok := v.(*User)
|
|
if !ok {
|
|
return fmt.Errorf("invalid user type")
|
|
}
|
|
|
|
t, err := tokens.GetUserToken(e.Database, user.Name, token)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
data := struct {
|
|
Description string `json:"description"`
|
|
}{}
|
|
if err := json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
return err
|
|
}
|
|
|
|
t.Description = data.Description
|
|
if err := t.Update(e.Database); err != nil {
|
|
return err
|
|
}
|
|
|
|
return e.RenderJSON(w, t)
|
|
}
|