func signinWithUserName(reqBody userReqPostBody) (*model.UserToken, *ae.Error) {
user := model.User{}
user.Email = reqBody.Email
err := user.GetUserByEmail()
if err == sql.ErrNoRows {
return nil, ae.InvalidUserNamePassword("")
}
if err != nil {
return nil, ae.DB("", err)
}
salt, err := user.GetPasswordSalt()
if err != nil {
return nil, ae.DB("", err)
}
user.Password = reqBody.Password
user.HashPassword(salt)
exists, err := user.IsValidUser()
if err != nil || !exists {
return nil, ae.InvalidUserNamePassword("")
}
userToken := model.UserToken{}
userToken.UserID = user.UserID
err = userToken.Add()
if err != nil {
return nil, ae.DB("", err)
}
return &userToken, nil
}
func signinWithGoogle(reqBody userReqPostBody) (*model.UserToken, *ae.Error) {
person, token, err := model.GetGooglUserDetails(reqBody.GoogleKey)
if err != nil {
return nil, ae.DB("", err)
}
user := model.User{Email: person.Emails[0].Value}
if err = user.GetUserByEmail(); err != nil {
if err == sql.ErrNoRows {
user.Verified = true
user.ProfilePicURL = person.Image.Url
if err1 := user.Save(); err1 != nil {
return nil, ae.DB("", err1)
}
} else {
return nil, ae.DB("", err)
}
}
gToken := model.GoogleToken{UserID: user.UserID}
gToken.Token = *token
if err := gToken.Replace(); err != nil {
return nil, ae.DB("", err)
}
userToken := model.UserToken{}
userToken.UserID = user.UserID
err = userToken.Add()
if err != nil {
return nil, ae.DB("", err)
}
return &userToken, nil
}
func RefreshToken(w http.ResponseWriter, r *http.Request) {
userID := context.Get(r, "user_id").(uint64)
token := context.Get(r, "user_token").(string)
var reqBody authorizePutBody
if appErr := decode(r, &reqBody); appErr != nil {
reply.Err(w, appErr)
return
}
userToken := model.UserToken{UserID: userID, Token: token, RefreshToken: reqBody.RefreshToken}
if valid, err := userToken.RefreshTokenValid(); !valid || err != nil {
if !valid {
reply.Err(w, ae.TokenInvalid("", err, "refresh_token"))
} else {
reply.Err(w, ae.DB("", err))
}
return
}
if err := userToken.Delete(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
newToken := model.UserToken{UserID: userID}
if err := newToken.Add(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
reply.OK(w, newToken)
}
func CheckOnlyToken() Adapter {
return func(h http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("X-TOKEN")
if token == "" {
reply.Err(w, ae.Forbidden(""))
return
}
userToken := model.UserToken{Token: token}
if err := userToken.GetUserIdFromToken(); err != nil || userToken.UserID == 0 {
reply.Err(w, ae.Forbidden(""))
return
}
context.Set(r, "user_id", userToken.UserID)
context.Set(r, "user_token", userToken.Token)
h.ServeHTTP(w, r)
})
}
}
func SignOut(w http.ResponseWriter, r *http.Request) {
userToken := model.UserToken{}
userToken.Token = context.Get(r, "user_token").(string)
if err := userToken.GetUserIdFromToken(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
if err := userToken.Delete(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
reply.OK(w, userToken)
}
