func createUser(ctx context.Context, w http.ResponseWriter, r *http.Request) (status int, err error) {
var body = struct {
Address, Nick, Password, Company string
}{}
if err = json.NewDecoder(r.Body).Decode(&body); err != nil {
return http.StatusBadRequest, err
}
var companyKey *datastore.Key
if body.Company != "" {
companyKey, err = datastore.DecodeKey(body.Company)
if err != nil {
return http.StatusBadRequest, err
}
}
if err = util.CheckNick(body.Nick); err != nil {
return http.StatusBadRequest, err
}
var address *mail.Address
if address, err = mail.ParseAddress(body.Address); err != nil {
return http.StatusBadRequest, err
}
// Duplicate length check. If we move this after the conflict checks,
// we could end up returning with a short password after querying Datastore.
// The other way round, we would have to hash the password, and then throw it
// away because of possible conflicts.
pw := []byte(body.Password)
if err = password.CheckLen(pw); err != nil {
return http.StatusBadRequest, err
}
var emailConflict bool
if emailConflict, err = alreadyExists(ctx, "Address", address.Address); err != nil {
return http.StatusInternalServerError, err
}
if emailConflict {
return http.StatusConflict, errors.New("duplicate e-mail address")
}
var nickConflict bool
if nickConflict, err = alreadyExists(ctx, "Nick", body.Nick); err != nil {
return http.StatusInternalServerError, err
}
if nickConflict {
return http.StatusConflict, errors.New("duplicate nick")
}
var hashedPassword []byte
if hashedPassword, err = password.Hash(pw); err != nil {
return http.StatusInternalServerError, err
}
user := model.User{
Address: *address,
Nick: body.Nick,
HashedPassword: hashedPassword,
}
var key *datastore.Key
if companyKey == nil {
key, err = user.Put(ctx, nil)
} else {
// Bind user to company for eternity.
key, err = user.PutWithParent(ctx, companyKey)
}
if err != nil {
return http.StatusInternalServerError, err
}
w.WriteHeader(http.StatusCreated)
json.NewEncoder(w).Encode(user.Key(key))
return http.StatusOK, nil
}
