Exemple #1
0
func changePasswordOfCurrentUser(c *bitmonster.Context) error {
	// Obtain the data from the context.
	data := struct {
		OldPassword string `json:"oldPassword"`
		NewPassword string `json:"newPassword"`
	}{}

	err := c.Decode(&data)
	if err != nil {
		return err
	}

	// Obtain the current user.
	user, err := CurrentUser(c.Socket())
	if err != nil {
		return err
	}

	// Check if the old password is valid.
	if match := user.ComparePasswords(data.OldPassword); !match {
		c.Error("wrong_password")
		return nil
	}

	// Change the user's password.
	err = user.ChangePassword(data.NewPassword)
	if err != nil {
		return err
	}

	// Update the user in the database.
	err = UpdateUser(user)
	if err != nil {
		return err
	}

	return nil
}
Exemple #2
0
func getUsers(c *bitmonster.Context) error {
	println("getUsers")

	v := struct {
		Foo string
		Bar string
	}{}

	err := c.Decode(&v)
	if err != nil {
		return err
	}

	fmt.Printf("%+v\n", v)

	// Get the event.
	e, err := c.Module().Event("onNew")
	if err != nil {
		return err
	}

	// Trigger the event.
	err = e.Trigger(v)
	if err != nil {
		return err
	}

	// Only this socket.
	err = e.TriggerSocket(c.Socket(), v)
	if err != nil {
		return err
	}

	c.Data(&v)
	c.Error("error message")

	return nil
}
Exemple #3
0
func getUser(c *bitmonster.Context) error {
	// Obtain the data from the context.
	data := struct {
		// Either pass an ID or an Username.
		ID       string `json:"id"`
		Username string `json:"username"`
	}{}

	err := c.Decode(&data)
	if err != nil {
		return err
	}

	// Obtain the user.
	var user *User

	if len(data.ID) > 0 {
		user, err = GetUser(data.ID)
		if err != nil {
			return err
		}
	} else if len(data.Username) > 0 {
		user, err = GetUserByUsername(data.Username)
		if err != nil {
			return err
		}
	} else {
		c.Error("invalid method data passed")
		return nil
	}

	// Set the user as return data.
	c.Data(user)

	return nil
}
Exemple #4
0
func login(c *bitmonster.Context) error {
	// Obtain the authentication data from the context.
	loginData := struct {
		Username    string `json:"username"`
		Password    string `json:"password"`
		Fingerprint string `json:"fingerprint"`
	}{}

	err := c.Decode(&loginData)
	if err != nil {
		return err
	}

	if len(loginData.Username) == 0 || len(loginData.Password) == 0 || len(loginData.Fingerprint) == 0 {
		c.Error("invalid login credentials")
		return nil
	}

	// Get the user by the username.
	user, err := GetUserByUsername(loginData.Username)
	if err != nil {
		c.Error("invalid login credentials")
		return nil
	}

	// Compare the password.
	if match := user.ComparePasswords(loginData.Password); !match {
		c.Error("invalid login credentials")
		return nil
	}

	// Update the last login timestamp.
	timeNow := time.Now()
	user.LastLogin = timeNow

	// Handle the fingerprint like a password.
	fingerprint, err := hashPassword(loginData.Fingerprint)
	if err != nil {
		return err
	}

	// Create the map if nil.
	if user.AuthSessions == nil {
		user.AuthSessions = make(AuthSessions)
	}

	// Remove the oldest sessions if the maximum count of sessions is reached.
	// Included endless-loop prevention. Just to be sure.
	for i := 0; i < 100 && len(user.AuthSessions) >= maxAuthSessions; i++ {
		minTime := timeNow
		var minKey string
		for key, as := range user.AuthSessions {
			if as.LastAuth.Before(minTime) {
				minTime = as.LastAuth
				minKey = key
			}
		}
		delete(user.AuthSessions, minKey)
	}

	// Create a new authenticated session.
	as := &AuthSession{
		Fingerprint:  fingerprint,
		Token:        utils.RandomString(authSessionTokenLength),
		TokenCreated: timeNow,
		Created:      timeNow,
		LastAuth:     timeNow,
	}

	// Create a new unique key for it.
	key := utils.RandomString(authSessionKeyLength)
	for {
		if _, ok := user.AuthSessions[key]; !ok {
			break
		}
		key = utils.RandomString(authSessionKeyLength)
	}

	// Add it to the map with the key.
	user.AuthSessions[key] = as

	// Create a new encrypted authentication token.
	authToken, err := newAuthToken(user.ID, key, as.Token)
	if err != nil {
		return err
	}

	// Update the user in the database.
	err = UpdateUser(user)
	if err != nil {
		return err
	}

	// Create the respond data.
	data := struct {
		Token string `json:"token"`
	}{
		Token: authToken,
	}

	// Set it.
	c.Data(data)

	return nil
}