Exemple #1
0
// CreateWebToken return a token and session that can be used to authenticate a user.
func CreateWebToken(context interface{}, db *db.DB, u *User, expires time.Duration) (string, error) {
	log.Dev(context, "CreateWebToken", "Started : PublicID[%s]", u.PublicID)

	// Do we have a valid session right now?
	s, err := session.GetByLatest(context, db, u.PublicID)
	if err != nil && err != mgo.ErrNotFound {
		log.Error(context, "CreateUser", err, "Completed")
		return "", err
	}

	// If we don't have one or it has been expired create
	// a new one.
	if err == mgo.ErrNotFound || s.IsExpired(context) {
		if s, err = session.Create(context, db, u.PublicID, expires); err != nil {
			log.Error(context, "CreateUser", err, "Completed")
			return "", err
		}
	}

	// Set the return arguments though we will explicitly
	// return them. Don't want any confusion.
	token, err := u.WebToken(s.SessionID)
	if err != nil {
		log.Error(context, "CreateUser", err, "Completed")
		return "", err
	}

	log.Dev(context, "CreateWebToken", "Completed : WebToken[%s]", token)
	return token, nil
}
Exemple #2
0
// TestNoSession tests when a nil session is used.
func TestNoSession(t *testing.T) {
	tests.ResetLog()
	defer tests.DisplayLog()

	t.Log("Given the need to test calls with a bad session.")
	{
		t.Log("\tWhen using a nil session")
		{
			if _, err := session.Create(tests.Context, nil, publicID, 10*time.Second); err == nil {
				t.Errorf("\t%s\tShould Not be able to create a session.", tests.Failed)
			} else {
				t.Logf("\t%s\tShould Not be able to create a session.", tests.Success)
			}

			if _, err := session.GetBySessionID(tests.Context, nil, "NOT EXISTS"); err == nil {
				t.Errorf("\t%s\tShould Not be able to retrieve the session.", tests.Failed)
			} else {
				t.Logf("\t%s\tShould Not be able to retrieve the session.", tests.Success)
			}

			if _, err := session.GetByLatest(tests.Context, nil, publicID); err == nil {
				t.Errorf("\t%s\tShould Not be able to retrieve the session.", tests.Failed)
			} else {
				t.Logf("\t%s\tShould Not be able to retrieve the session.", tests.Success)
			}
		}
	}
}
Exemple #3
0
// GetUserWebToken return a token if one exists and is valid.
func GetUserWebToken(context interface{}, db *db.DB, publicID string) (string, error) {
	log.Dev(context, "GetUserWebToken", "Started : PublicID[%s]", publicID)

	// Do we have a valid session right now?
	s, err := session.GetByLatest(context, db, publicID)
	if err != nil {
		log.Error(context, "GetUserWebToken", err, "Completed")
		return "", err
	}

	// If it is expired return failure.
	if s.IsExpired(context) {
		err := errors.New("Session expired.")
		log.Error(context, "GetUserWebToken", err, "Completed")
		return "", err
	}

	// Pull the user information.
	u, err := GetUserByPublicID(context, db, publicID, true)
	if err != nil {
		log.Error(context, "GetUserWebToken", err, "Completed")
		return "", err
	}

	// Generate a token that works right now.
	token, err := u.WebToken(s.SessionID)
	if err != nil {
		log.Error(context, "GetUserWebToken", err, "Completed")
		return "", err
	}

	log.Dev(context, "GetUserWebToken", "Completed : WebToken[%s]", token)
	return token, nil
}
Exemple #4
0
// TestGetLatest tests the retrieval of the latest session.
func TestGetLatest(t *testing.T) {
	tests.ResetLog()
	defer tests.DisplayLog()

	db, err := db.NewMGO(tests.Context, tests.TestSession)
	if err != nil {
		t.Fatalf("\t%s\tShould be able to get a Mongo session : %v", tests.Failed, err)
	}
	defer db.CloseMGO(tests.Context)

	defer func() {
		if err := removeSessions(db); err != nil {
			t.Errorf("\t%s\tShould be able to remove all sessions : %v", tests.Failed, err)
		}
		t.Logf("\t%s\tShould be able to remove all sessions.", tests.Success)
	}()

	t.Log("Given the need to get the latest sessions in the DB.")
	{
		t.Logf("\tWhen using PublicID %s", publicID)
		{
			if err := removeSessions(db); err != nil {
				t.Fatalf("\t%s\tShould be able to remove all sessions : %v", tests.Failed, err)
			}
			t.Logf("\t%s\tShould be able to remove all sessions.", tests.Success)

			if _, err := session.Create(tests.Context, db, publicID, 10*time.Second); err != nil {
				t.Fatalf("\t%s\tShould be able to create a session : %v", tests.Failed, err)
			}
			t.Logf("\t%s\tShould be able to create a session.", tests.Success)

			time.Sleep(time.Second)

			s2, err := session.Create(tests.Context, db, publicID, 10*time.Second)
			if err != nil {
				t.Fatalf("\t%s\tShould be able to create another session : %v", tests.Failed, err)
			}
			t.Logf("\t%s\tShould be able to create another session.", tests.Success)

			s3, err := session.GetByLatest(tests.Context, db, publicID)
			if err != nil {
				t.Fatalf("\t%s\tShould be able to retrieve the latest session : %v", tests.Failed, err)
			}
			t.Logf("\t%s\tShould be able to retrieve the latest session.", tests.Success)

			if s2.SessionID != s3.SessionID {
				t.Errorf("\t%s\tShould be able to get back the latest session.", tests.Failed)
			} else {
				t.Logf("\t%s\tShould be able to get back the latest session.", tests.Success)
			}
		}
	}
}