Exemple #1
0
// Session attaches session to gin context
func Session(store *sessions.CookieStore) gin.HandlerFunc {
	return func(c *gin.Context) {
		session, err := store.Get(c.Request, utils.ConfigEntry("SessionName"))
		if err != nil {
			tracelog.CompletedError(err, "Session", "Getting the session")
			c.Error(err, "Failed to create session")
			c.AbortWithStatus(500)
		}

		c.Set("session", session)
		defer context.Clear(c.Request)
	}
}
Exemple #2
0
// Update udpates the user
func (uc *User) Update(c *gin.Context) {
	var u Update
	// Bind params
	c.Bind(&u)

	// Set user data
	uc.UM.UserData.Email = u.Email
	uc.UM.UserData.FirstName = u.FirstName
	uc.UM.UserData.LastName = u.LastName
	uc.UM.UserData.Hash = utils.ComputeHmac256(u.Password, utils.ConfigEntry("Salt"))

	// Update user
	err := uc.UM.Update()
	if err != nil {
		tracelog.CompletedError(err, "NewUser", "uc.UM.Update")
		c.JSON(500, gin.H{"message": "Something went wrong.", "status": 500})
		return
	}

	c.JSON(200, gin.H{"message": "User updated successfully.", "status": 200})
}
Exemple #3
0
// Register registers the user
func (uc *User) Register(c *gin.Context) {
	var r Register
	// Bind params
	c.Bind(&r)

	// Set user data
	uc.UM.UserData.Email = r.Email
	uc.UM.UserData.Username = r.Username
	uc.UM.UserData.FirstName = r.FirstName
	uc.UM.UserData.LastName = r.LastName
	uc.UM.UserData.Hash = utils.ComputeHmac256(r.Password, utils.ConfigEntry("Salt"))
	uc.UM.UserData.AccessLevel = 10 // Figure out how to set this properly
	uc.UM.UserData.Joined = time.Now().Local()

	// Create user
	id, err := uc.UM.Create()
	if err != nil {
		tracelog.CompletedError(err, "NewUser", "uc.UM.Save")
		c.JSON(500, gin.H{"message": "Something went wrong.", "status": 500})
		return
	}

	if id == 0 {
		c.JSON(409, gin.H{"message": "Duplicate entry.", "status": 409})
		return
	}

	// Set user ID to last inserted ID
	uc.UM.UserData.Id = strconv.FormatInt(id, 10)

	// Set session
	err = uc.setSession(c)
	if err != nil {
		tracelog.CompletedError(err, "NewUser", "uc.setSession")
		c.JSON(500, gin.H{"message": "Something went wrong.", "status": 500})
		return
	}

	c.JSON(200, gin.H{"message": "Registered successfully.", "status": 200})
}
Exemple #4
0
// Login logs the user in
func (uc *User) Login(c *gin.Context) {
	var g Login
	// Bind params
	c.Bind(&g)

	// Check if user exists and get User instance if it does
	user, err := uc.UM.User("email", g.Username)
	if err != nil {
		// Mybe the user provided the username instead of email
		user, err = uc.UM.User("username", g.Username)
		if user != nil {
			tracelog.CompletedError(err, "NewUser", "uc.UM.NewUser")
			c.JSON(401, gin.H{"message": "Invalid Username.", "status": 401})
			return
		}
	}

	// Compare hashes
	hash := utils.ComputeHmac256(g.Password, utils.ConfigEntry("Salt"))
	if hash != user.UserData.Hash {
		tracelog.CompletedError(err, "NewUser", "Hashes comparison")
		c.JSON(401, gin.H{"message": "Invalid password.", "status": 401})
		return
	}

	// Set session
	uc.UM.UserData = user.UserData
	err = uc.setSession(c)
	if err != nil {
		tracelog.CompletedError(err, "NewUser", "uc.setSession")
		c.JSON(500, gin.H{"message": "Something went wrong.", "status": 500})
		return
	}

	c.JSON(200, gin.H{"message": "Logged in successfully.", "status": 200})
}
Exemple #5
0
// Main go routine
func main() {
	// Start logger
	tracelog.StartFile(1, utils.ConfigEntry("LogDir"), 1)

	// Get new cookie store
	store := sessions.NewCookieStore([]byte(utils.ConfigEntry("SecretKey")))
	store.Options = &sessions.Options{
		Path:     "/",
		MaxAge:   3600,
		HttpOnly: true,
	}

	// Create DB connection
	dbHandle := utils.DbHandle()
	// Close DB
	defer dbHandle.Close()

	// Init Models
	sm := &models.Song{DbHandle: dbHandle}
	nm := &models.Nonce{DbHandle: dbHandle}
	um := models.NewUser(dbHandle)

	// Init Controllers
	sc := &controllers.Song{SM: sm}
	nc := &controllers.Nonce{NM: nm}
	vc := &controllers.View{Store: store}
	uc := &controllers.User{UM: um, Store: store}

	// Init Gin
	mux := gin.Default()

	// Load templates
	mux.LoadHTMLGlob("app/views/*")

	// Serve static files
	mux.Static("/public", utils.ConfigEntry("StaticDir"))

	// Routes for static pages
	static := mux.Group("/")
	{
		static.GET("/", vc.Index)
		static.GET("/about", vc.About)
		static.GET("/tos", vc.Tos)
		static.GET("/privacy-policy", vc.PrivacyPolicy)
		static.GET("/credits", vc.Credits)
	}

	// Routes that don't need authorization
	basic := mux.Group("/api/v1")
	basic.Use(middlewares.Session(store))
	{
		basic.GET("/nonce", nc.Create)
		basic.GET("/users/check-username/:username", uc.CheckUsername)
		basic.GET("/users/check-email/:email", uc.CheckEmail)
		basic.POST("/users/login", uc.Login)
		basic.POST("/users/register", uc.Register)
	}

	// Routes that need authorization
	auth := mux.Group("/api/v1")
	auth.Use(middlewares.Session(store), middlewares.UserAuth(store), middlewares.Nonce(nm))
	{
		auth.GET("/songs", sc.Index)
		auth.GET("/users/delete/:nonce", uc.ConfirmDelete)
		auth.POST("/users/delete", uc.Delete)
		auth.POST("/users/update", uc.Update)
		auth.POST("/users/logout", uc.Logout)
	}

	// Listen and serve on 0.0.0.0:8080
	mux.Run(":9000")

	tracelog.Stop()
}