Ejemplo n.º 1
0
// POST /_browserid creates a browserID-based login session and sets its cookie.
// It's API-compatible with the CouchDB plugin: <https://github.com/iriscouch/browserid_couchdb/>
func (h *handler) handleBrowserIDPOST() error {
	var params struct {
		Assertion string `json:"assertion"`
	}
	err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &params)
	if err != nil {
		return err
	}
	if h.context.serverURL == "" {
		log.Printf("Warning: Can't accept BrowserID logins: Server URL not configured")
		return &base.HTTPError{http.StatusInternalServerError, "Server url not configured"}
	}

	// OK, now verify it:
	log.Printf("BrowserID: Verifying assertion %q for %q", params.Assertion, h.context.serverURL)
	verifiedInfo, err := VerifyBrowserID(params.Assertion, h.context.serverURL)
	if err != nil {
		log.Printf("BrowserID: Failed verify: %v", err)
		return err
	}
	log.Printf("BrowserID: Logged in %q!", verifiedInfo.Email)

	// Email is verified. Look up the user and make a login session for her:
	auth := h.context.auth
	user, err := auth.GetUserByEmail(verifiedInfo.Email)
	if err != nil {
		return err
	}
	return h.makeSession(user)
}
Ejemplo n.º 2
0
// POST /_persona creates a browserID-based login session and sets its cookie.
// It's API-compatible with the CouchDB plugin: <https://github.com/iriscouch/browserid_couchdb/>
func (h *handler) handlePersonaPOST() error {
	var params struct {
		Assertion string `json:"assertion"`
	}
	err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &params)
	if err != nil {
		return err
	}

	origin := h.server.config.Persona.Origin
	if origin == "" {
		base.Warn("Can't accept Persona logins: Server URL not configured")
		return &base.HTTPError{http.StatusInternalServerError, "Server url not configured"}
	}

	// OK, now verify it:
	base.Log("Persona: Verifying assertion %q for %q", params.Assertion, origin)
	verifiedInfo, err := VerifyPersona(params.Assertion, origin)
	if err != nil {
		base.Log("Persona: Failed verify: %v", err)
		return err
	}
	base.Log("Persona: Logged in %q!", verifiedInfo.Email)

	createUserIfNeeded := h.server.config.Persona.Register
	return h.makeSessionFromEmail(verifiedInfo.Email, createUserIfNeeded)

}
Ejemplo n.º 3
0
func (h *handler) handleRevsDiff() error {
	var input db.RevsDiffInput
	err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &input)
	if err != nil {
		return err
	}
	output, err := h.db.RevsDiff(input)
	if err == nil {
		h.writeJSON(output)
	}
	return err
}
Ejemplo n.º 4
0
// POST /_facebook creates a facebook-based login session and sets its cookie.
func (h *handler) handleFacebookPOST() error {

	var params struct {
		AccessToken string `json:"access_token"`
	}
	err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &params)
	if err != nil {
		return err
	}

	facebookResponse, err := verifyFacebook(kFacebookOpenGraphURL, params.AccessToken)
	if err != nil {
		return err
	}

	createUserIfNeeded := h.server.config.Facebook.Register
	return h.makeSessionFromEmail(facebookResponse.Email, createUserIfNeeded)

}
Ejemplo n.º 5
0
// POST /_session creates a login session and sets its cookie
func (h *handler) handleSessionPOST() error {
	var params struct {
		Name     string `json:"name"`
		Password string `json:"password"`
	}
	err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &params)
	if err != nil {
		return err
	}
	var user auth.User
	user, err = h.db.Authenticator().GetUser(params.Name)
	if err != nil {
		return err
	}
	if !user.Authenticate(params.Password) {
		user = nil
	}
	return h.makeSession(user)
}
Ejemplo n.º 6
0
// POST /_persona creates a browserID-based login session and sets its cookie.
// It's API-compatible with the CouchDB plugin: <https://github.com/iriscouch/browserid_couchdb/>
func (h *handler) handlePersonaPOST() error {
	var params struct {
		Assertion string `json:"assertion"`
	}
	err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &params)
	if err != nil {
		return err
	}

	origin := h.server.config.Persona.Origin
	if origin == "" {
		base.Warn("Can't accept Persona logins: Server URL not configured")
		return &base.HTTPError{http.StatusInternalServerError, "Server url not configured"}
	}

	// OK, now verify it:
	base.Log("Persona: Verifying assertion %q for %q", params.Assertion, origin)
	verifiedInfo, err := VerifyPersona(params.Assertion, origin)
	if err != nil {
		base.Log("Persona: Failed verify: %v", err)
		return err
	}
	base.Log("Persona: Logged in %q!", verifiedInfo.Email)

	// Email is verified. Look up the user and make a login session for her:
	user, err := h.db.Authenticator().GetUserByEmail(verifiedInfo.Email)
	if err != nil {
		return err
	}
	if user == nil {
		// The email address is authentic but we have no user account for it.
		if !h.server.config.Persona.Register {
			return &base.HTTPError{http.StatusUnauthorized, "No such user"}
		}
		// Create a User with the given email address as username and a random password.
		user, err = h.registerPersonaUser(verifiedInfo)
		if err != nil {
			return err
		}
	}
	return h.makeSession(user)
}
Ejemplo n.º 7
0
// POST /_browserid creates a browserID-based login session and sets its cookie.
// It's API-compatible with the CouchDB plugin: <https://github.com/iriscouch/browserid_couchdb/>
func (h *handler) handleBrowserIDPOST() error {
	var params struct {
		Assertion string `json:"assertion"`
	}
	err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &params)
	if err != nil {
		return err
	}
	if h.context.serverURL == "" {
		log.Printf("Warning: Can't accept BrowserID logins: Server URL not configured")
		return &base.HTTPError{http.StatusInternalServerError, "Server url not configured"}
	}

	// OK, now verify it:
	log.Printf("BrowserID: Verifying assertion %q for %q", params.Assertion, h.context.serverURL)
	verifiedInfo, err := VerifyBrowserID(params.Assertion, h.context.serverURL)
	if err != nil {
		log.Printf("BrowserID: Failed verify: %v", err)
		return err
	}
	log.Printf("BrowserID: Logged in %q!", verifiedInfo.Email)

	// Email is verified. Look up the user and make a login session for her:
	user, err := h.context.auth.GetUserByEmail(verifiedInfo.Email)
	if err != nil {
		return err
	}
	if user == nil {
		// The email address is authentic but we have no user account for it.
		// Create a User for this session, with the given email address but no
		// channel access and a random password.
		user, err = h.registerBrowserIDUser(verifiedInfo)
		if err != nil {
			return err
		}
	}
	return h.makeSession(user)
}
Ejemplo n.º 8
0
// Parses a JSON request body, returning it as a Body map.
func (h *handler) readJSON() (db.Body, error) {
	var body db.Body
	return body, db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &body)
}
Ejemplo n.º 9
0
// Parses a JSON request body into a custom structure.
func (h *handler) readJSONInto(into interface{}) error {
	return db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, into)
}