Example #1
0
func handleUserCreate(d db.DB) htr.Handle {
	return func(w http.ResponseWriter, r *http.Request, ps htr.Params) {
		if err := r.ParseForm(); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("bad admin request: %#v", r)
			return
		}

		key := util.Key(r.Form.Get("key"))
		if err := admin.IsAdmin(d, key); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("bad admin request: %#v", r)
			return
		}

		email := r.Form.Get("email")
		pwhash := r.Form.Get("pwhash")

		if err := user.Create(d, email, pwhash); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("error creating user %s: %s", email, err.Error())
			return
		}

		log.Printf("user %s created", email)
		WriteResponse(w, &user.User{
			Email: email,
			Hash:  util.Hash(pwhash),
		})
	}
}
Example #2
0
func handleAdminDelete(d db.DB) htr.Handle {
	return func(w http.ResponseWriter, r *http.Request, ps htr.Params) {
		if err := r.ParseForm(); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("bad admin request: %#v", r)
			return
		}

		key := util.Key(r.Form.Get("key"))
		if err := admin.IsAdmin(d, key); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("bad admin request: %s", err.Error())
			return
		}

		if err := admin.Delete(d, key); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("error deleting admin for %s: %s", key, err.Error())
			return
		}

		log.Printf("admin %s deleted", key)
		WriteResponse(w, &admin.Admin{
			Key: key,
		})
	}
}
Example #3
0
func (s *UserSuite) testValidate(u t.TestUser, pause int, c *gc.C) error {
	<-time.NewTimer(timeout(pause)).C
	err := user.ValidLogin(s.d, u.Email, util.Key(u.LoginKey))
	if err != nil {
		return err
	}

	return nil
}
Example #4
0
func (s *AuthSuite) testValidate(user t.TestUser, pause int, c *gc.C) error {
	<-time.NewTimer(timeout(pause)).C
	err := auth.Valid(s.d, user.Email, util.Key(user.LoginKey))
	if err != nil {
		return err
	}

	return nil
}
Example #5
0
func (s *UserSuite) deleteTests(u t.TestUser, c *gc.C) error {
	if err := user.Delete(s.d, u.Email); err != nil {
		return err
	}

	err := user.ValidLogin(s.d, u.Email, util.Key(u.LoginKey))
	c.Assert(err, gc.ErrorMatches, fmt.Sprintf("could not get login for email %q not valid", u.Email))
	return nil
}
Example #6
0
func (s *AuthSuite) deleteTests(user t.TestUser, c *gc.C) error {
	err := auth.DeleteUser(s.d, user.Email)
	if err != nil {
		return err
	}

	err = auth.Valid(s.d, user.Email, util.Key(user.LoginKey))
	c.Assert(err, gc.ErrorMatches, fmt.Sprintf("user %q not logged in user not found", user.Email))
	return nil
}
Example #7
0
func (s *UserSuite) logoutTests(u t.TestUser, key util.Key, login bool, c *gc.C) error {
	if login {
		key, err := user.LoginUser(s.d, u.Email, u.Pwhash)
		c.Assert(err, jc.ErrorIsNil)
		u = t.TestUser{
			Email:    u.Email,
			Pwhash:   u.Pwhash,
			LoginKey: string(key),
		}
	}

	if key != util.Key("") {
		u.LoginKey = string(key)
	}

	err := user.LogoutUser(s.d, u.Email, util.Key(u.LoginKey))
	if err != nil {
		return err
	}

	err = user.LogoutUser(s.d, u.Email, util.Key(u.LoginKey))
	c.Assert(err, gc.ErrorMatches, fmt.Sprintf("could not get login for email %q not valid", u.Email))
	return nil
}
Example #8
0
func (s *AuthSuite) logoutTests(user t.TestUser, key util.Key, login bool, c *gc.C) error {
	if login {
		key, err := auth.LoginUser(s.d, user.Email, user.Pwhash)
		c.Assert(err, gc.IsNil)
		user = t.TestUser{
			Email:    user.Email,
			Pwhash:   user.Pwhash,
			LoginKey: string(key),
		}
	}

	if key != util.Key("") {
		user.LoginKey = string(key)
	}

	err := auth.LogoutUser(s.d, user.Email, util.Key(user.LoginKey))
	if err != nil {
		return err
	}

	err = auth.LogoutUser(s.d, user.Email, util.Key(user.LoginKey))
	c.Assert(err, gc.ErrorMatches, fmt.Sprintf("user %q not logged in user not found", user.Email))
	return nil
}
Example #9
0
func handleUserDelete(d db.DB) htr.Handle {
	return func(w http.ResponseWriter, r *http.Request, ps htr.Params) {
		if err := r.ParseForm(); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("bad admin request: %#v", r)
			return
		}

		key := util.Key(r.Form.Get("key"))
		email := r.Form.Get("email")
		pwhash := r.Form.Get("pwhash")

		switch {
		case key != "":
			// An admin can delete any user.
			if err := admin.IsAdmin(d, key); err != nil {
				WriteResponse(w, newApiError(err.Error(), err))
				log.Printf("bad admin request: %#v", r)
				return
			}

		case email != "", pwhash != "":
			if err := user.CheckUser(d, email, pwhash); err != nil {
				WriteResponse(w, newApiError(err.Error(), err))
				log.Printf("invalid user %s: %s", email, err.Error())
				return
			}
		default:
			// No key, no email, no pwhash -- no delete.
			WriteResponse(w, newApiError("must pass pwhash and email, or API key", nil))
			log.Printf("invalid user delete request: no values")
			return
		}

		if err := user.Delete(d, email); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("error deleting user %q: %s", email, err.Error())
			return
		}

		log.Printf("user %q deleted", email)
		WriteResponse(w, &user.User{
			Email: email,
		})
	}
}
Example #10
0
func handleAdminValid(d db.DB) htr.Handle {
	return func(w http.ResponseWriter, r *http.Request, ps htr.Params) {
		if err := r.ParseForm(); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("bad admin request: %#v", r)
			return
		}

		key := r.Form.Get("key")
		if err := admin.IsAdmin(d, util.Key(key)); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("bad admin request: %s", err.Error())
			return
		}

		WriteResponse(w, "ok")
		log.Printf("admin %s verified", key)
	}
}
Example #11
0
func handleLogout(d db.DB) htr.Handle {
	return func(w http.ResponseWriter, r *http.Request, ps htr.Params) {
		err := r.ParseForm()
		if err != nil {
			WriteResponse(w, newApiError("bad request: "+err.Error(), err))
			log.Error("bad request: %#v", r)
			return
		}
		email := r.Form.Get("email")
		key := util.Key(r.Form.Get("key"))
		err = auth.LogoutUser(d, email, key)
		if err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Error("user %q logout for key %q failed: %s", email, key, err.Error())
			return
		}
		WriteResponse(w, &auth.User{
			Email: email,
		})
	}
}
Example #12
0
func handleUserValid(d db.DB) htr.Handle {
	return func(w http.ResponseWriter, r *http.Request, ps htr.Params) {
		if err := r.ParseForm(); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("bad admin request: %#v", r)
			return
		}

		email := r.Form.Get("email")
		key := util.Key(r.Form.Get("key"))

		if err := user.ValidLogin(d, email, key); err != nil {
			WriteResponse(w, newApiError(err.Error(), err))
			log.Printf("error authenticating user %q, key %q: %s", email, key, err.Error())
			return
		}

		log.Printf("user %q validated", email)
		WriteResponse(w, &user.User{
			Email: email,
		})
	}
}
Example #13
0
func (s *AdminSuite) createTests(adm t.TestAdmin, c *gc.C) error {
	key, err := admin.Create(s.d, adm.Email, adm.Pwhash)
	if err != nil {
		return err
	}

	err = admin.IsAdmin(s.d, util.Key(key))
	c.Assert(err, jc.ErrorIsNil)

	adminBytes, err := db.GetByKey(s.d, admin.Admins, []byte(key))
	if err != nil {
		return err
	}
	c.Assert(len(adminBytes), gc.Not(gc.Equals), 0)

	var tmpAdmin admin.Admin
	if err = json.Unmarshal(adminBytes, &tmpAdmin); err != nil {
		return err
	}

	c.Check(tmpAdmin.Email, gc.Equals, adm.Email)
	return nil
}