// Get performs a HTTP GET as an authorized user
func (v *ValuesAPI) Get(params *api.Request) api.Response {
var message bytes.Buffer
message.WriteString("You are currently authorized.\nYour role is: ")
if params.Identity.IsAdmin() {
message.WriteString("ADMIN")
} else {
message.WriteString("NORMAL USER")
}
return api.PlainTextResponse(http.StatusOK, message.String())
}
// ActivateAppUser is an endpoint for activating an app user
func (v *DevAPI) ActivateAppUser(params *api.Request) api.Response {
var token, found = filter.GetStringParameter("token", params.Form)
if !found {
return api.BadRequest(api.ErrInvalidInput)
}
var err = auth.ActivateAppUser(token)
if err != nil {
return api.BadRequest(err)
}
return api.PlainTextResponse(http.StatusOK, "Account is now active")
}
// GetAnonymous performs a HTTP GET as an anonymous user
func (v *ValuesAPI) GetAnonymous(params *api.Request) api.Response {
var message bytes.Buffer
status := http.StatusOK
message.WriteString("You have accessed an endpoint action available for anonymous users.\n")
if params.Identity.IsAuthorized() {
message.WriteString("BTW, You are an authorized user")
} else if !params.Identity.IsAnonymous() {
message.WriteString("Cannot verify your authorization status, something is wrong")
status = http.StatusForbidden
} else {
message.WriteString("BTW, You are an anonymous user")
}
return api.PlainTextResponse(status, message.String())
}
// CreateSession creates a new session for an existing user account
func (a *AuthAPI) CreateSession(params *api.Request) api.Response {
model := &AuthModel{}
err := util.DeserializeJSON(params.Body, model)
if err != nil {
return api.BadRequest(err)
}
if model.Password != model.PasswordConfirmation {
return api.BadRequest(ErrPasswordMatch)
}
if !bson.IsObjectIdHex(model.AppUserID) {
return api.BadRequest(api.ErrInvalidIDParam)
}
token, err := auth.GenerateUserAuth(bson.ObjectIdHex(model.AppUserID), model.ClientDetails)
if err != nil {
return api.BadRequest(err)
}
return api.PlainTextResponse(http.StatusOK, token)
}