func (k *Kloud) AuthPasswordLogin(r *kite.Request) (interface{}, error) {
var req PasswordLoginRequest
if err := getReq(r, &req); err != nil {
return nil, err
}
if _, err := modelhelper.CheckAndGetUser(req.Username, req.Password); err != nil {
return nil, errors.New("username and/or password does not match")
}
resp, err := k.authLogin(req.Username, &req.LoginRequest)
if err != nil {
return nil, err
}
kiteKey, err := k.Userdata.Keycreator.Create(req.Username, uuid.NewV4().String())
if err != nil {
return nil, err
}
return &PasswordLoginResponse{
LoginResponse: *resp,
KiteKey: kiteKey,
}, nil
}
func authenticateMachine(authType string, r *kite.Request) error {
switch authType {
case "password":
password, err := r.Client.TellWithTimeout(
"kite.getPass",
10*time.Minute,
"Enter password: "******"token":
var args struct {
Token string
}
if err := r.Args.One().Unmarshal(&args); err != nil {
return err
}
if args.Token == "" {
return errors.New("token is empty")
}
// Try to fetch the token and remove it. If it doesn't exist it'll will
// return an error. If it's exist it'll be deleted and a nil error
// (means success) will be returned. The underlying implementation uses
// findAndModify so it's consistent across each kontrol.
session, err := modelhelper.GetSessionFromToken(args.Token)
if err != nil {
return err
}
if err := modelhelper.RemoveToken(session.ClientId); err != nil {
return err
}
// prevent using a wrong username
r.Client.Kite.Username = session.Username
r.Client.Username = session.Username
return nil
default:
return errors.New("authentication type for machine registration is not defined")
}
// everything is ok, succefully validated
return nil
}
