// CreateWebToken return a token and session that can be used to authenticate a user.
func CreateWebToken(context interface{}, db *db.DB, u *User, expires time.Duration) (string, error) {
log.Dev(context, "CreateWebToken", "Started : PublicID[%s]", u.PublicID)
// Do we have a valid session right now?
s, err := session.GetByLatest(context, db, u.PublicID)
if err != nil && err != mgo.ErrNotFound {
log.Error(context, "CreateUser", err, "Completed")
return "", err
}
// If we don't have one or it has been expired create
// a new one.
if err == mgo.ErrNotFound || s.IsExpired(context) {
if s, err = session.Create(context, db, u.PublicID, expires); err != nil {
log.Error(context, "CreateUser", err, "Completed")
return "", err
}
}
// Set the return arguments though we will explicitly
// return them. Don't want any confusion.
token, err := u.WebToken(s.SessionID)
if err != nil {
log.Error(context, "CreateUser", err, "Completed")
return "", err
}
log.Dev(context, "CreateWebToken", "Completed : WebToken[%s]", token)
return token, nil
}
// TestNoSession tests when a nil session is used.
func TestNoSession(t *testing.T) {
tests.ResetLog()
defer tests.DisplayLog()
t.Log("Given the need to test calls with a bad session.")
{
t.Log("\tWhen using a nil session")
{
if _, err := session.Create(tests.Context, nil, publicID, 10*time.Second); err == nil {
t.Errorf("\t%s\tShould Not be able to create a session.", tests.Failed)
} else {
t.Logf("\t%s\tShould Not be able to create a session.", tests.Success)
}
if _, err := session.GetBySessionID(tests.Context, nil, "NOT EXISTS"); err == nil {
t.Errorf("\t%s\tShould Not be able to retrieve the session.", tests.Failed)
} else {
t.Logf("\t%s\tShould Not be able to retrieve the session.", tests.Success)
}
if _, err := session.GetByLatest(tests.Context, nil, publicID); err == nil {
t.Errorf("\t%s\tShould Not be able to retrieve the session.", tests.Failed)
} else {
t.Logf("\t%s\tShould Not be able to retrieve the session.", tests.Success)
}
}
}
}
// GetUserWebToken return a token if one exists and is valid.
func GetUserWebToken(context interface{}, db *db.DB, publicID string) (string, error) {
log.Dev(context, "GetUserWebToken", "Started : PublicID[%s]", publicID)
// Do we have a valid session right now?
s, err := session.GetByLatest(context, db, publicID)
if err != nil {
log.Error(context, "GetUserWebToken", err, "Completed")
return "", err
}
// If it is expired return failure.
if s.IsExpired(context) {
err := errors.New("Session expired.")
log.Error(context, "GetUserWebToken", err, "Completed")
return "", err
}
// Pull the user information.
u, err := GetUserByPublicID(context, db, publicID, true)
if err != nil {
log.Error(context, "GetUserWebToken", err, "Completed")
return "", err
}
// Generate a token that works right now.
token, err := u.WebToken(s.SessionID)
if err != nil {
log.Error(context, "GetUserWebToken", err, "Completed")
return "", err
}
log.Dev(context, "GetUserWebToken", "Completed : WebToken[%s]", token)
return token, nil
}
// TestGetLatest tests the retrieval of the latest session.
func TestGetLatest(t *testing.T) {
tests.ResetLog()
defer tests.DisplayLog()
db, err := db.NewMGO(tests.Context, tests.TestSession)
if err != nil {
t.Fatalf("\t%s\tShould be able to get a Mongo session : %v", tests.Failed, err)
}
defer db.CloseMGO(tests.Context)
defer func() {
if err := removeSessions(db); err != nil {
t.Errorf("\t%s\tShould be able to remove all sessions : %v", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to remove all sessions.", tests.Success)
}()
t.Log("Given the need to get the latest sessions in the DB.")
{
t.Logf("\tWhen using PublicID %s", publicID)
{
if err := removeSessions(db); err != nil {
t.Fatalf("\t%s\tShould be able to remove all sessions : %v", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to remove all sessions.", tests.Success)
if _, err := session.Create(tests.Context, db, publicID, 10*time.Second); err != nil {
t.Fatalf("\t%s\tShould be able to create a session : %v", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to create a session.", tests.Success)
time.Sleep(time.Second)
s2, err := session.Create(tests.Context, db, publicID, 10*time.Second)
if err != nil {
t.Fatalf("\t%s\tShould be able to create another session : %v", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to create another session.", tests.Success)
s3, err := session.GetByLatest(tests.Context, db, publicID)
if err != nil {
t.Fatalf("\t%s\tShould be able to retrieve the latest session : %v", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to retrieve the latest session.", tests.Success)
if s2.SessionID != s3.SessionID {
t.Errorf("\t%s\tShould be able to get back the latest session.", tests.Failed)
} else {
t.Logf("\t%s\tShould be able to get back the latest session.", tests.Success)
}
}
}
}