func ChangePassword(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder, dtx *apicontext.DataContext) string {
user := customer.CustomerUser{
Email: r.FormValue("email"),
}
oldPass := r.FormValue("oldPass")
newPass := r.FormValue("newPass")
if err := user.ChangePass(oldPass, newPass, dtx); err != nil {
apierror.GenerateError("Could not change password: "******""
}
return encoding.Must(enc.Encode("Success"))
}
func ResetPassword(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder) string {
var err error
email := r.FormValue("email")
custID := r.FormValue("customerID")
site := r.FormValue("site")
if email == "" {
err = errors.New("No email address provided")
apierror.GenerateError("No email address provided", err, rw, r)
return ""
}
if custID == "" {
err = errors.New("Customer ID cannot be blank")
apierror.GenerateError("Customer ID cannot be blank", err, rw, r)
return ""
}
var user customer.CustomerUser
user.Email = email
user.CustID, err = strconv.Atoi(custID)
if err != nil {
apierror.GenerateError("Trouble parsing cust ID", err, rw, r)
return ""
}
resp, err := user.ResetPass()
if err != nil || resp == "" {
apierror.GenerateError("Trouble resetting user password", err, rw, r)
return ""
}
//email
subject := "Your Password Has Been Reset"
body := `<p>Here is your new password for the ` + site + ` site.</p>
<p>Password: ` + resp + `</p><p> If you did not request this password, please contact <a href="mailto:[email protected]">Web Support</a></p>
<p>Thanks, </p>
<p>The Ecommerce Developer Team</P>`
err = emailHelper.Send([]string{email}, subject, body, true)
if err != nil {
apierror.GenerateError("Trouble emailing new user password", err, rw, r)
return ""
}
return encoding.Must(enc.Encode("success"))
}
func DeleteCustomerUser(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder, params martini.Params) string {
var err error
var cu customer.CustomerUser
if params["id"] != "" {
cu.Id = params["id"]
} else if r.FormValue("id") != "" {
cu.Id = r.FormValue("id")
} else {
err = errors.New("Trouble getting customer user ID")
apierror.GenerateError("Trouble getting customer user ID", err, rw, r)
return ""
}
if err = cu.Delete(); err != nil {
apierror.GenerateError("Trouble deleting customer user", err, rw, r)
return ""
}
return encoding.Must(enc.Encode(cu))
}
func GetUserById(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder, params martini.Params) string {
var err error
var user customer.CustomerUser
qs := r.URL.Query()
key := qs.Get("key")
if params["id"] != "" {
user.Id = params["id"]
} else if r.FormValue("id") != "" {
user.Id = r.FormValue("id")
} else {
err = errors.New("Trouble getting customer user ID")
apierror.GenerateError("Trouble getting customer user ID", err, rw, r)
return ""
}
if err = user.Get(key); err != nil {
apierror.GenerateError("Trouble getting customer user", err, rw, r)
return ""
}
return encoding.Must(enc.Encode(user))
}
func UpdateCustomerUser(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder, params martini.Params) string {
var err error
var cu customer.CustomerUser
qs := r.URL.Query()
key := qs.Get("key")
if params["id"] != "" {
cu.Id = params["id"]
} else if r.FormValue("id") != "" {
cu.Id = r.FormValue("id")
} else {
err = errors.New("Trouble getting customer user ID")
apierror.GenerateError("Trouble getting customer user ID", err, rw, r)
return ""
}
if err = cu.Get(key); err != nil {
apierror.GenerateError("Trouble getting customer user", err, rw, r)
return ""
}
if strings.ToLower(r.Header.Get("Content-Type")) == "application/json" {
var data []byte
if data, err = ioutil.ReadAll(r.Body); err != nil {
apierror.GenerateError("Trouble reading request body while updating customer user", err, rw, r)
return ""
}
if err = json.Unmarshal(data, &cu); err != nil {
apierror.GenerateError("Trouble unmarshalling json request body while updating customer user", err, rw, r)
return ""
}
} else {
name := r.FormValue("name")
email := r.FormValue("email")
isActive := r.FormValue("isActive")
locationID := r.FormValue("locationID")
isSudo := r.FormValue("isSudo")
notCustomer := r.FormValue("notCustomer")
if name != "" {
cu.Name = name
}
if email != "" {
cu.Email = email
}
if isActive != "" {
if cu.Active, err = strconv.ParseBool(isActive); err != nil {
cu.Active = false
}
}
if locationID != "" {
if cu.Location.Id, err = strconv.Atoi(locationID); err != nil {
apierror.GenerateError("Trouble getting location ID", err, rw, r)
return ""
}
}
if isSudo != "" {
if cu.Sudo, err = strconv.ParseBool(isSudo); err != nil {
cu.Sudo = false
}
}
if notCustomer != "" {
if cu.NotCustomer, err = strconv.ParseBool(notCustomer); err != nil {
cu.NotCustomer = false
}
}
}
if err = cu.UpdateCustomerUser(); err != nil {
apierror.GenerateError("Trouble updating customer user", err, rw, r)
return ""
}
return encoding.Must(enc.Encode(cu))
}
//registers an inactive user; emails user and webdev that a new inactive user exists - used by dealers site
func RegisterUser(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder) string {
var err error
name := r.FormValue("name")
email := r.FormValue("email")
pass := r.FormValue("pass")
customerID, err := strconv.Atoi(r.FormValue("customerID"))
// isActive, err := strconv.ParseBool(r.FormValue("isActive"))
locationID, err := strconv.Atoi(r.FormValue("locationID"))
// isSudo, err := strconv.ParseBool(r.FormValue("isSudo"))
cust_ID, err := strconv.Atoi(r.FormValue("cust_ID"))
notCustomer, err := strconv.ParseBool(r.FormValue("notCustomer"))
if email == "" || pass == "" {
err = errors.New("Email and password are required.")
apierror.GenerateError("Email and password are required", err, rw, r)
return ""
}
var user customer.CustomerUser
user.Email = email
user.Password = pass
if name != "" {
user.Name = name
}
if customerID != 0 {
user.OldCustomerID = customerID
}
if locationID != 0 {
user.Location.Id = locationID
}
if cust_ID != 0 {
user.CustomerID = cust_ID
}
user.Active = false
user.Sudo = false
user.Current = notCustomer
//check for existence of user
err = user.FindByEmail()
if err == nil {
apierror.GenerateError("A user with that email address already exists.", err, rw, r)
return ""
}
err = nil
user.Brands, err = brand.GetUserBrands(cust_ID)
if err != nil {
apierror.GenerateError("Trouble getting user brands.", err, rw, r)
return ""
}
var brandIds []int
for _, brand := range user.Brands {
brandIds = append(brandIds, brand.ID)
}
if err = user.Create(brandIds); err != nil {
apierror.GenerateError("Trouble registering new customer user", err, rw, r)
return ""
}
//email
if err = user.SendRegistrationEmail(); err != nil {
apierror.GenerateError("Trouble emailing new customer user", err, rw, r)
return ""
}
if err = user.SendRegistrationRequestEmail(); err != nil {
apierror.GenerateError("Trouble emailing webdevelopment regarding new customer user", err, rw, r)
return ""
}
return encoding.Must(enc.Encode(user))
}
//Post - Form Authentication
func AuthenticateUser(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder) string {
var err error
user := customer.CustomerUser{
Email: r.FormValue("email"),
Password: r.FormValue("password"),
}
if err = user.AuthenticateUser(); err != nil {
apierror.GenerateError("Trouble authenticating customer user", err, rw, r)
return ""
}
if err = user.GetLocation(); err != nil {
apierror.GenerateError("Trouble getting customer user location", err, rw, r)
return ""
}
if err = user.GetKeys(); err != nil {
apierror.GenerateError("Trouble getting customer user API keys", err, rw, r)
return ""
}
user.GetComnetAccounts()
var key string
if len(user.Keys) != 0 {
key = user.Keys[0].Key
}
cust, err := user.GetCustomer(key)
if err != nil {
apierror.GenerateError("Trouble getting customer user", err, rw, r)
return ""
}
return encoding.Must(enc.Encode(cust))
}
func TestCustomer(t *testing.T) {
var err error
var c customer.Customer
var cu customer.CustomerUser
once.Do(initDtx)
defer apicontextmock.DeMock(dtx)
cu.Id = dtx.UserID
err = cu.Get(dtx.APIKey)
if err != nil {
t.Log(err)
}
c.Users = append(c.Users, cu)
Convey("Testing customer/Customer", t, func() {
//test create customer
c.Name = "Jason Voorhees"
c.Email = "*****@*****.**"
bodyBytes, _ := json.Marshal(c)
bodyJson := bytes.NewReader(bodyBytes)
thyme := time.Now()
testThatHttp.Request("put", "/customer", "", "?key=", SaveCustomer, bodyJson, "application/json")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c)
So(err, ShouldBeNil)
So(c, ShouldHaveSameTypeAs, customer.Customer{})
So(c.Id, ShouldBeGreaterThan, 0)
//test update customer
c.Fax = "666-1313"
c.State.Id = 1
bodyBytes, _ = json.Marshal(c)
bodyJson = bytes.NewReader(bodyBytes)
thyme = time.Now()
testThatHttp.Request("put", "/customer/", ":id", strconv.Itoa(c.Id)+"?key=", SaveCustomer, bodyJson, "application/json")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c)
So(err, ShouldBeNil)
So(c, ShouldHaveSameTypeAs, customer.Customer{})
So(c.Id, ShouldBeGreaterThan, 0)
thyme = time.Now()
testThatHttp.RequestWithDtx("post", "/customer", "", "?key=", GetCustomer, nil, "", dtx)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c)
So(err, ShouldBeNil)
So(c, ShouldHaveSameTypeAs, customer.Customer{})
So(c.Id, ShouldBeGreaterThan, 0)
// get customer locations
thyme = time.Now()
testThatHttp.RequestWithDtx("get", "/customer/locations", "", "?key=", GetLocations, nil, "", dtx)
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()*6)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c.Locations)
So(err, ShouldBeNil)
So(c.Locations, ShouldHaveSameTypeAs, []customer.CustomerLocation{})
// //get user
thyme = time.Now()
testThatHttp.RequestWithDtx("post", "/customer/user", "", "?key="+dtx.APIKey, GetUser, nil, "", nil)
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu)
So(err, ShouldBeNil)
So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{})
//get users
thyme = time.Now()
testThatHttp.RequestWithDtx("get", "/customer/users", "", "?key=", GetUsers, nil, "", dtx)
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()*5)
So(testThatHttp.Response.Code, ShouldEqual, 200)
var cus []customer.CustomerUser
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cus)
So(err, ShouldBeNil)
So(cus, ShouldHaveSameTypeAs, []customer.CustomerUser{})
// get customer price
// price.CustID = c.Id
// price.Create()
// thyme = time.Now()
// testThatHttp.Request("get", "/new/customer/price/", ":id", strconv.Itoa(p.ID)+"?key="+apiKey, GetCustomerPrice, nil, "")
// So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
// So(testThatHttp.Response.Code, ShouldEqual, 200)
// var price float64
// err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &price)
// So(err, ShouldBeNil)
// So(price, ShouldHaveSameTypeAs, 7.1)
// //get customer cart reference
// ci.CustID = c.Id
// ci.Create()
// thyme = time.Now()
// testThatHttp.Request("get", "/new/customer/cartRef/", ":id", strconv.Itoa(p.ID)+"?key="+apiKey, GetCustomerCartReference, nil, "")
// So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
// So(testThatHttp.Response.Code, ShouldEqual, 200)
// var reference int
// err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &reference)
// So(err, ShouldBeNil)
// So(reference, ShouldHaveSameTypeAs, 7)
//test delete customer
thyme = time.Now()
testThatHttp.Request("delete", "/customer/", ":id", strconv.Itoa(c.Id)+"?key=", DeleteCustomer, nil, "")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c)
So(err, ShouldBeNil)
So(c, ShouldHaveSameTypeAs, customer.Customer{})
So(c.Id, ShouldBeGreaterThan, 0)
})
//cleanup
err = cu.Delete()
err = c.Delete()
}
func BenchmarkCRUDCustomerUser(b *testing.B) {
dtx, err := apicontextmock.Mock()
if err != nil {
b.Log(err)
}
var cu customer.CustomerUser
cu.Id = dtx.UserID
qs := make(url.Values, 0)
qs.Add("key", dtx.APIKey)
Convey("CustomerUser", b, func() {
form := url.Values{"name": {"Mitt Romney"}, "email": {"*****@*****.**"}, "pass": {"robthepoor"}, "customerID": {strconv.Itoa(dtx.CustomerID)}, "isActive": {"true"}, "locationID": {"1"}, "isSudo": {"true"}, "cust_ID": {"1"}}
//create
(&httprunner.BenchmarkOptions{
Method: "POST",
Route: "/customer/user/register",
ParameterizedRoute: "/customer/user/register",
Handler: RegisterUser,
QueryString: &qs,
JsonBody: cu,
FormBody: form,
Runs: b.N,
}).RequestBenchmark()
//authenticate user
form = url.Values{"email": {"*****@*****.**"}, "password": {"robthepoor"}}
(&httprunner.BenchmarkOptions{
Method: "POST",
Route: "/customer/auth",
ParameterizedRoute: "/customer/auth",
Handler: AuthenticateUser,
QueryString: &qs,
JsonBody: nil,
FormBody: nil,
Runs: b.N,
}).RequestBenchmark()
//authenticate user by key
(&httprunner.BenchmarkOptions{
Method: "GET",
Route: "/customer/auth",
ParameterizedRoute: "/customer/auth",
Handler: KeyedUserAuthentication,
QueryString: &qs,
JsonBody: nil,
FormBody: nil,
Runs: b.N,
}).RequestBenchmark()
//delete
(&httprunner.BenchmarkOptions{
Method: "DELETE",
Route: "/customer/user/register",
ParameterizedRoute: "/customer/user/register/" + cu.Id,
Handler: DeleteCustomerUser,
QueryString: &qs,
JsonBody: cu,
FormBody: nil,
Runs: b.N,
}).RequestBenchmark()
form = url.Values{"email": {"*****@*****.**"}, "password": {"robthepoor"}}
})
cu.Delete()
err = apicontextmock.DeMock(dtx)
if err != nil {
b.Log(err)
}
}
func TestCustomerUser(t *testing.T) {
var err error
var cu customer.CustomerUser
var c customer.Customer
c.Name = "Dog Bountyhunter"
c.BrandIDs = append(c.BrandIDs, 1)
c.Create()
var pub, pri, auth apiKeyType.ApiKeyType
if database.GetCleanDBFlag() != "" {
t.Log(database.GetCleanDBFlag())
//setup apiKeyTypes
pub.Type = "Public"
pri.Type = "Private"
auth.Type = "Authentication"
pub.Create()
pri.Create()
auth.Create()
}
Convey("Testing customer/User", t, func() {
//test create customer user
form := url.Values{"name": {"Mitt Romney"}, "email": {"*****@*****.**"}, "pass": {"robthepoor"}, "customerID": {strconv.Itoa(c.Id)}, "isActive": {"true"}, "locationID": {"1"}, "isSudo": {"true"}, "cust_ID": {strconv.Itoa(c.Id)}}
v := form.Encode()
body := strings.NewReader(v)
thyme := time.Now()
testThatHttp.Request("post", "/customer/user/register", "", "", RegisterUser, body, "application/x-www-form-urlencoded")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu)
So(err, ShouldBeNil)
So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{})
So(cu.Id, ShouldNotBeEmpty)
//key stuff - get apiKey
var apiKey string
for _, k := range cu.Keys {
if strings.ToLower(k.Type) == "public" {
apiKey = k.Key
}
}
//test update customer user
form = url.Values{"name": {"Michelle Bachman"}}
v = form.Encode()
body = strings.NewReader(v)
thyme = time.Now()
testThatHttp.Request("post", "/customer/user/", ":id", cu.Id, UpdateCustomerUser, body, "application/x-www-form-urlencoded")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu)
So(err, ShouldBeNil)
So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{})
So(cu.Name, ShouldNotEqual, "Mitt Romney")
//test authenticateUser
err = c.JoinUser(cu)
So(err, ShouldBeNil)
form = url.Values{"email": {"*****@*****.**"}, "password": {"robthepoor"}}
v = form.Encode()
body = strings.NewReader(v)
thyme = time.Now()
testThatHttp.Request("post", "/customer/auth", "", "", AuthenticateUser, body, "application/x-www-form-urlencoded")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c)
So(err, ShouldBeNil)
So(c, ShouldHaveSameTypeAs, customer.Customer{})
//test keyed user authentication
thyme = time.Now()
testThatHttp.Request("get", "/customer/auth", "", "?key="+apiKey, KeyedUserAuthentication, nil, "")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c)
So(err, ShouldBeNil)
So(c, ShouldHaveSameTypeAs, customer.Customer{})
//test get user by id
thyme = time.Now()
testThatHttp.Request("get", "/customer/", ":id", cu.Id+"?key="+apiKey, GetUserById, nil, "")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu)
So(err, ShouldBeNil)
So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{})
//test change user password
form = url.Values{"email": {"*****@*****.**"}, "oldPass": {"robthepoor"}, "newPass": {"prolife"}}
v = form.Encode()
body = strings.NewReader(v)
thyme = time.Now()
testThatHttp.Request("post", "/customer/user/changePassword", "", "?key="+apiKey, ChangePassword, body, "application/x-www-form-urlencoded")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()*2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
var result string
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &result)
So(err, ShouldBeNil)
So(result, ShouldHaveSameTypeAs, "Success")
//test reset user password
form = url.Values{"email": {"*****@*****.**"}, "customerID": {strconv.Itoa(c.CustomerId)}}
v = form.Encode()
body = strings.NewReader(v)
thyme = time.Now()
testThatHttp.Request("post", "/customer/user/resetPassword", "", "?key="+apiKey, ResetPassword, body, "application/x-www-form-urlencoded")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &result)
So(err, ShouldBeNil)
So(result, ShouldHaveSameTypeAs, "Success")
//test generate api key
thyme = time.Now()
testThatHttp.Request("post", "/customer/user/", ":id/key/:type", cu.Id+"/key/PRIVATE?key="+apiKey, GenerateApiKey, nil, "")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
var newKey customer.ApiCredentials
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &newKey)
So(err, ShouldBeNil)
So(newKey.Key, ShouldHaveSameTypeAs, "string")
//test delete customer users by customerId
var cu2 customer.CustomerUser
cu2.Create([]int{1})
c.JoinUser(cu2)
thyme = time.Now()
testThatHttp.Request("delete", "/customer/allUsersByCustomerID/", ":id", strconv.Itoa(c.Id), DeleteCustomerUsersByCustomerID, nil, "")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
var response string
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &response)
So(err, ShouldBeNil)
So(response, ShouldHaveSameTypeAs, "this is a string")
//test delete customer user
thyme = time.Now()
testThatHttp.Request("delete", "/customer/user/", ":id", cu.Id, DeleteCustomerUser, nil, "")
So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2)
So(testThatHttp.Response.Code, ShouldEqual, 200)
err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu)
So(err, ShouldBeNil)
So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{})
So(cu.Id, ShouldNotBeEmpty)
cu2.Delete()
})
//teardown
err = c.Delete()
if err != nil {
t.Log(err)
}
if database.EmptyDb != nil {
err = pub.Delete()
if err != nil {
t.Log(err)
}
err = pri.Delete()
if err != nil {
t.Log(err)
}
err = auth.Delete()
if err != nil {
t.Log(err)
}
}
err = cu.Delete()
if err != nil {
t.Log(err)
}
}
