// RoomsTeamIndex simply fetches all of the rooms that have
// been created for the given team.
func RoomsTeamIndex(c *gin.Context) {
teamID := models.FindTeamBySlug(c.Params.ByName("slug")).Id
rooms, err := models.FindRooms(teamID)
if err != nil {
c.Fail(500, err)
}
c.JSON(200, gin.H{
"rooms": rooms,
})
}
func RoomsCreate(c *gin.Context) {
teamID := models.FindTeamBySlug(c.Params.ByName("slug")).Id
var json RoomJSON
c.Bind(&json)
r := &models.Room{
TeamId: teamID,
Slug: json.Slug,
Topic: json.Topic,
}
room, err := models.FindOrCreateRoom(r)
if err != nil {
c.Fail(500, err)
}
c.JSON(201, gin.H{"room": room})
}
func SessionsNew(c *gin.Context) {
c.Request.ParseForm()
team := models.FindTeamBySlug(c.Request.Form.Get("team"))
if team == nil {
c.String(404, "Not found")
return
}
nonce, err := models.CreateNonce()
if err != nil {
panic(err)
}
raw := "nonce=" + nonce.Nonce + "&" + c.Request.URL.RawQuery
payload := base64.StdEncoding.EncodeToString([]byte(raw))
url := team.SSOUrl + "?payload=" + url.QueryEscape(payload) + "&sig=" + models.Sign([]byte(team.SSOSecret), []byte(payload))
c.Redirect(302, url)
}
func SessionsLoginSSO(c *gin.Context) {
r, err := ExtractSSORequest(c.Request)
if err != nil {
panic(err)
}
if !models.NonceValid(r.Nonce) {
c.String(403, "Invalid nonce")
return
}
team := models.FindTeamBySlug(r.TeamSlug)
if !r.IsValid(team.SSOSecret) {
c.String(403, "Not authorized")
return
}
u := &models.User{
TeamId: team.Id,
AvatarUrl: r.AvatarUrl,
Email: r.Email,
ExternalId: r.ExternalId,
ProfileUrl: r.ProfileUrl,
RealName: r.RealName,
Username: r.Username,
}
u, err = models.FindOrCreateUserByExternalId(u)
if err != nil {
panic(err)
}
token, expiration := GenerateToken(u.Id)
c.JSON(200, gin.H{"token": token, "expiration": expiration})
}
