Ejemplo n.º 1
0
// ValidateClaim validate the JWT token and return the user model
// decoded from the claim
func ValidateClaim(certs *Certs, token string) (*models.User, error) {

	usr := new(models.User)

	w, err := jws.ParseJWT([]byte(token))
	if err != nil {
		return nil, err
	}

	if err := w.Validate(certs.PublicKey, crypto.SigningMethodRS512); err != nil {
		return nil, err
	}

	_, isExpired := w.Claims().Expiration()

	if !isExpired {
		return nil, ErrTokenExpired
	}

	usr.Email = extractKey("email", w.Claims())
	usr.Login = extractKey("login", w.Claims())
	usr.ID = extractKey("user_id", w.Claims())

	return usr, nil
}
Ejemplo n.º 2
0
func (ur UserResource) createUser(req *restful.Request, resp *restful.Response) {

	usr := new(models.User)
	err := req.ReadEntity(usr)

	if err != nil {
		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
		return
	}

	allErrs := validation.ValidateUserRegister(usr)

	if len(allErrs) != 0 {
		resp.WriteHeaderAndEntity(http.StatusBadRequest, validationErrors("validation failed", allErrs))
		return
	}

	exists, err := ur.store.Exists(models.StringValue(usr.Login))

	if err != nil {
		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
		return
	}

	if exists {
		resp.WriteHeaderAndEntity(http.StatusConflict, errorMsg("User already exists."))
		return
	}

	// hash the password
	pass := models.StringValue(usr.Password)

	pass, err = util.HashPassword(pass)

	if err != nil {
		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
		return
	}

	usr.Password = models.String(pass)

	nusr, err := ur.store.Create(usr)

	if err != nil {
		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
		return
	}

	nusr.Password = nil

	resp.WriteHeaderAndEntity(http.StatusCreated, nusr)
}
Ejemplo n.º 3
0
func (ur UserResource) updateUser(req *restful.Request, resp *restful.Response) {

	userid, ok := req.Attribute("user_id").(string)

	if !ok {
		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
		return
	}

	cusr, err := ur.store.GetByID(userid)

	if err != nil {
		resp.WriteHeaderAndEntity(http.StatusNotFound, errorMsg("User not found."))
		return
	}

	usr := new(models.User)
	err = req.ReadEntity(usr)
	if err != nil {
		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
		return
	}

	// ensure the userid is trusted
	usr.ID = models.String(userid)

	allErrs := validation.ValidateUserUpdate(usr, cusr)

	if len(allErrs) != 0 {
		resp.WriteHeaderAndEntity(http.StatusBadRequest, validationErrors("validation failed", allErrs))
		return
	}

	err = ur.store.Update(usr)
	if err != nil {
		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
		return
	}

	usr.Password = nil

	resp.WriteEntity(usr)
}
Ejemplo n.º 4
0
// Create create the user in RethinkDB
func (us *UserStoreRethinkDB) Create(user *models.User) (*models.User, error) {

	resp, err := r.DB(DBName).Table(TableName).Insert(user).RunWrite(us.session)

	if err != nil {
		return nil, err
	}

	user.ID = models.String(resp.GeneratedKeys[0])

	return user, nil
}
Ejemplo n.º 5
0
// Create create a new user in the system with the given information
func (usl *UserStoreLocal) Create(user *models.User) (*models.User, error) {

	var id string

	// check for unique login
	if usl.loginExists(models.StringValue(user.Login)) {
		return nil, ErrUserAlreadyExists
	}

	if user.ID == nil {
		id = newID()
		user.ID = models.String(id)
	} else {
		id = models.StringValue(user.ID)
	}

	usl.users[id] = user

	return user, nil
}