Ejemplo n.º 1
0
func (b *BuiltinStrategy) Login(w http.ResponseWriter, r *perfect.Request) (profile_id *string, err error) {

	//this is why each strategy needs to be able to render its
	//login screens, so that it can ask for custom fields.
	//here we have a simple username/password combo, but the
	//other strategies could show various options based on the
	//auth configuration
	data := make(map[string]string)

	err = r.ParseJSON(&data)
	if err != nil {
		log.Println(err)
		return
	}

	username, ok1 := data["username"]
	password, ok2 := data["password"]

	if !ok1 || !ok2 || len(username) == 0 || len(password) == 0 {
		err = errors.New("Invalid request")
		return
	}

	user := &builtinUser{Id: &username}

	//find this user in the built-in user database
	err = r.Module.Db.Find(user)
	if err == orm.ErrNotFound {
		log.Printf("No such builtin user: %v", username)
		return nil, ErrInvalidUsernameOrPassword
	} else if err != nil {
		return nil, err
	}

	sha512_password := hash(password, *user.Salt)

	//wrong password?
	if !bytes.Equal(sha512_password, *user.Password) {
		err = errors.New(BERR_INVALID_CREDENTIALS)
		return
	}

	return user.ProfileId, nil
}
Ejemplo n.º 2
0
func (b *BuiltinStrategy) Register(w http.ResponseWriter, r *perfect.Request) {

	//get the session
	session, err := r.Session()
	if err != nil {
		perfect.Error(w, r, err)
		return
	}

	//if the user is already authenticated, redirect to home
	if *session.Authenticated {
		perfect.Redirect(w, r, "/")
		return
	}

	data := make(map[string]string)

	err = r.ParseJSON(&data)
	if err != nil {
		perfect.Error(w, r, err)
		return
	}

	username, ok1 := data["username"]
	password, ok2 := data["password"]
	name, ok3 := data["name"]
	email, ok4 := data["email"]

	//TODO: this needs to be refactored into something better
	if !ok1 || !ok2 || !ok3 || !ok4 || len(username) == 0 || len(password) == 0 || len(name) == 0 || len(email) == 0 {
		perfect.JSONResult(w, r, false, "Please complete all fields")
		return
	}

	_, _, err = createBuiltinProfile(username, password, email, name, r.Module.Db)
	if err != nil {
		perfect.JSONResult(w, r, true, r.Module.MountPoint+"/")
		return
	}

	perfect.JSONResult(w, r, false, err)
}