Ejemplo n.º 1
0
func CreateUserHandler(w http.ResponseWriter, r *http.Request) {
	fields := createUserForm{}

	if formutils.ParseSend(w, r, &fields) {
		return
	}

	hash, err := cryptoutils.Hash(fields.Password, conf.PasswordLevel)
	if err != nil {
		log.Println(err)
		w.WriteHeader(http.StatusInternalServerError)
		return
	}

	user := model.User{
		ID:           bson.NewObjectId(),
		Name:         fields.Name,
		Email:        strings.TrimSpace(fields.Email),
		PasswordHash: hash,
		CreatedAt:    time.Now(),
	}

	if err := ctx.M(r).DB("").C("users").Insert(&user); err != nil {
		if mgo.IsDup(err) {
			eres.New(w).AddField("email", "already exists").Send()
			return
		}

		log.Println(err)
		w.WriteHeader(http.StatusInternalServerError)
		return
	}

	token := model.NewToken(user.ID, false)

	if err := ctx.M(r).DB("").C("tokens").Insert(&token); err != nil {
		log.Println(err)
		w.WriteHeader(http.StatusInternalServerError)
		return
	}

	rp := userResponse{
		User:        user,
		AccessToken: token.Token,
	}

	httpres.Json(w, http.StatusCreated, rp)
}
Ejemplo n.º 2
0
func SetUser(h http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		token := r.Header.Get("X-Auth-Token")

		if token == "" {
			ctx.SetCurrentUser(r, nil)
		} else {
			user, found, err := model.FindUserByToken(token, ctx.M(r))

			if err != nil {
				log.Println(err)
				w.WriteHeader(http.StatusInternalServerError)
				return
			}

			if found {
				ctx.SetCurrentUser(r, &user)
			} else {
				ctx.SetCurrentUser(r, nil)
			}
		}

		h.ServeHTTP(w, r)
	})
}
Ejemplo n.º 3
0
func DeleteAllTokensHandler(w http.ResponseWriter, r *http.Request) {
	user := ctx.CurrentUser(r)

	if _, err := ctx.M(r).DB("").C("tokens").RemoveAll(bson.M{
		"user_id": user.ID,
	}); err != nil && err != mgo.ErrNotFound {
		log.Println(err)
		w.WriteHeader(http.StatusBadRequest)
		return
	}

	w.WriteHeader(http.StatusNoContent)
}
Ejemplo n.º 4
0
func CreateTokenHandler(w http.ResponseWriter, r *http.Request) {
	fields := createTokenForm{}

	if formutils.ParseSend(w, r, &fields) {
		return
	}

	var user model.User

	if err := ctx.M(r).DB("").C("users").Find(bson.M{
		"email": strings.TrimSpace(fields.Email),
	}).One(&user); err != nil {
		if err == mgo.ErrNotFound {
			eres.New(w).SetMessage("bad credentials").Send()
			return
		}

		log.Println(err)
		w.WriteHeader(http.StatusBadRequest)
		return
	}

	if err := bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(fields.Password)); err != nil {
		eres.New(w).SetMessage("bad credentials").Send()
		return
	}

	token := model.NewToken(user.ID, fields.Forever)

	if err := ctx.M(r).DB("").C("tokens").Insert(&token); err != nil {
		log.Println(err)
		w.WriteHeader(http.StatusInternalServerError)
		return
	}

	httpres.Json(w, http.StatusCreated, tokenResponse{token.Token})
}
Ejemplo n.º 5
0
func ListUsersHandler(w http.ResponseWriter, r *http.Request) {
	fields := listUsersForm{}

	if formutils.ParseSend(w, r, &fields) {
		return
	}

	m := bson.M{}

	if fields.Name != "" {
		//todo: do full text search instead
		m["name"] = bson.RegEx{fields.Name, "i"}
	}

	q := ctx.M(r).DB("").C("users").Find(m)

	totalCount, err := q.Count()
	if err != nil {
		log.Println(err)
		w.WriteHeader(http.StatusInternalServerError)
		return
	}

	p := paging.Paging{
		Page:  fields.Page,
		Limit: fields.Limit,
		Count: totalCount,
	}.Calc()

	users := []model.User{}

	if err = q.
		Limit(p.Limit).
		Skip(p.Offset).
		Sort("-created_at").
		All(&users); err != nil {
		log.Println(err)
		w.WriteHeader(http.StatusInternalServerError)
		return
	}

	rp := usersResponse{
		Users:           users,
		CurrentPage:     p.Page,
		TotalPagesCount: p.TotalPages,
	}

	httpres.Json(w, http.StatusOK, rp)
}
Ejemplo n.º 6
0
func GetUserHandler(w http.ResponseWriter, r *http.Request) {
	id, err := bsonutils.ObjectId(mux.Vars(r)["id"])

	if err != nil {
		w.WriteHeader(http.StatusNotFound)
		return
	}

	var user model.User

	if err := ctx.M(r).DB("").C("users").FindId(id).One(&user); err != nil {
		if err == mgo.ErrNotFound {
			w.WriteHeader(http.StatusNotFound)
			return
		}

		log.Println(err)
		w.WriteHeader(http.StatusInternalServerError)
		return
	}

	httpres.Json(w, http.StatusOK, userResponse{User: user})
}