// POST /_browserid creates a browserID-based login session and sets its cookie.
// It's API-compatible with the CouchDB plugin: <https://github.com/iriscouch/browserid_couchdb/>
func (h *handler) handleBrowserIDPOST() error {
var params struct {
Assertion string `json:"assertion"`
}
err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, ¶ms)
if err != nil {
return err
}
if h.context.serverURL == "" {
log.Printf("Warning: Can't accept BrowserID logins: Server URL not configured")
return &base.HTTPError{http.StatusInternalServerError, "Server url not configured"}
}
// OK, now verify it:
log.Printf("BrowserID: Verifying assertion %q for %q", params.Assertion, h.context.serverURL)
verifiedInfo, err := VerifyBrowserID(params.Assertion, h.context.serverURL)
if err != nil {
log.Printf("BrowserID: Failed verify: %v", err)
return err
}
log.Printf("BrowserID: Logged in %q!", verifiedInfo.Email)
// Email is verified. Look up the user and make a login session for her:
auth := h.context.auth
user, err := auth.GetUserByEmail(verifiedInfo.Email)
if err != nil {
return err
}
return h.makeSession(user)
}
// POST /_persona creates a browserID-based login session and sets its cookie.
// It's API-compatible with the CouchDB plugin: <https://github.com/iriscouch/browserid_couchdb/>
func (h *handler) handlePersonaPOST() error {
var params struct {
Assertion string `json:"assertion"`
}
err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, ¶ms)
if err != nil {
return err
}
origin := h.server.config.Persona.Origin
if origin == "" {
base.Warn("Can't accept Persona logins: Server URL not configured")
return &base.HTTPError{http.StatusInternalServerError, "Server url not configured"}
}
// OK, now verify it:
base.Log("Persona: Verifying assertion %q for %q", params.Assertion, origin)
verifiedInfo, err := VerifyPersona(params.Assertion, origin)
if err != nil {
base.Log("Persona: Failed verify: %v", err)
return err
}
base.Log("Persona: Logged in %q!", verifiedInfo.Email)
createUserIfNeeded := h.server.config.Persona.Register
return h.makeSessionFromEmail(verifiedInfo.Email, createUserIfNeeded)
}
func (h *handler) handleRevsDiff() error {
var input db.RevsDiffInput
err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &input)
if err != nil {
return err
}
output, err := h.db.RevsDiff(input)
if err == nil {
h.writeJSON(output)
}
return err
}
// POST /_facebook creates a facebook-based login session and sets its cookie.
func (h *handler) handleFacebookPOST() error {
var params struct {
AccessToken string `json:"access_token"`
}
err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, ¶ms)
if err != nil {
return err
}
facebookResponse, err := verifyFacebook(kFacebookOpenGraphURL, params.AccessToken)
if err != nil {
return err
}
createUserIfNeeded := h.server.config.Facebook.Register
return h.makeSessionFromEmail(facebookResponse.Email, createUserIfNeeded)
}
// POST /_session creates a login session and sets its cookie
func (h *handler) handleSessionPOST() error {
var params struct {
Name string `json:"name"`
Password string `json:"password"`
}
err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, ¶ms)
if err != nil {
return err
}
var user auth.User
user, err = h.db.Authenticator().GetUser(params.Name)
if err != nil {
return err
}
if !user.Authenticate(params.Password) {
user = nil
}
return h.makeSession(user)
}
// POST /_persona creates a browserID-based login session and sets its cookie.
// It's API-compatible with the CouchDB plugin: <https://github.com/iriscouch/browserid_couchdb/>
func (h *handler) handlePersonaPOST() error {
var params struct {
Assertion string `json:"assertion"`
}
err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, ¶ms)
if err != nil {
return err
}
origin := h.server.config.Persona.Origin
if origin == "" {
base.Warn("Can't accept Persona logins: Server URL not configured")
return &base.HTTPError{http.StatusInternalServerError, "Server url not configured"}
}
// OK, now verify it:
base.Log("Persona: Verifying assertion %q for %q", params.Assertion, origin)
verifiedInfo, err := VerifyPersona(params.Assertion, origin)
if err != nil {
base.Log("Persona: Failed verify: %v", err)
return err
}
base.Log("Persona: Logged in %q!", verifiedInfo.Email)
// Email is verified. Look up the user and make a login session for her:
user, err := h.db.Authenticator().GetUserByEmail(verifiedInfo.Email)
if err != nil {
return err
}
if user == nil {
// The email address is authentic but we have no user account for it.
if !h.server.config.Persona.Register {
return &base.HTTPError{http.StatusUnauthorized, "No such user"}
}
// Create a User with the given email address as username and a random password.
user, err = h.registerPersonaUser(verifiedInfo)
if err != nil {
return err
}
}
return h.makeSession(user)
}
// POST /_browserid creates a browserID-based login session and sets its cookie.
// It's API-compatible with the CouchDB plugin: <https://github.com/iriscouch/browserid_couchdb/>
func (h *handler) handleBrowserIDPOST() error {
var params struct {
Assertion string `json:"assertion"`
}
err := db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, ¶ms)
if err != nil {
return err
}
if h.context.serverURL == "" {
log.Printf("Warning: Can't accept BrowserID logins: Server URL not configured")
return &base.HTTPError{http.StatusInternalServerError, "Server url not configured"}
}
// OK, now verify it:
log.Printf("BrowserID: Verifying assertion %q for %q", params.Assertion, h.context.serverURL)
verifiedInfo, err := VerifyBrowserID(params.Assertion, h.context.serverURL)
if err != nil {
log.Printf("BrowserID: Failed verify: %v", err)
return err
}
log.Printf("BrowserID: Logged in %q!", verifiedInfo.Email)
// Email is verified. Look up the user and make a login session for her:
user, err := h.context.auth.GetUserByEmail(verifiedInfo.Email)
if err != nil {
return err
}
if user == nil {
// The email address is authentic but we have no user account for it.
// Create a User for this session, with the given email address but no
// channel access and a random password.
user, err = h.registerBrowserIDUser(verifiedInfo)
if err != nil {
return err
}
}
return h.makeSession(user)
}
// Parses a JSON request body, returning it as a Body map.
func (h *handler) readJSON() (db.Body, error) {
var body db.Body
return body, db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, &body)
}
// Parses a JSON request body into a custom structure.
func (h *handler) readJSONInto(into interface{}) error {
return db.ReadJSONFromMIME(h.rq.Header, h.rq.Body, into)
}