Exemple #1
0
//NewManager creates and initializes a new Manager
func NewManager(r *http.Request) *Manager {
	session := db.GetDBSession(r)
	return &Manager{
		session:    session,
		collection: db.GetCollection(session, mongoCollectionName),
	}
}
Exemple #2
0
func (manager *Manager) GetByKeyEmailAddressValidationInformation(key string) (info *EmailAddressValidationInformation, err error) {
	mgoCollection := db.GetCollection(manager.session, mongoOngoingEmailAddressValidationCollectionName)
	err = mgoCollection.Find(bson.M{"key": key}).One(&info)
	if err == mgo.ErrNotFound {
		info = nil
		err = nil
	}
	return
}
Exemple #3
0
func (manager *Manager) IsEmailAddressValidated(username string, emailaddress string) (validated bool, err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses)
	count, err := mgoCollection.Find(bson.M{"username": username, "emailaddress": emailaddress}).Count()
	validated = false
	if err != nil {
		return
	}
	if count != 0 {
		validated = true
	}
	return
}
Exemple #4
0
func (manager *Manager) IsPhonenumberValidated(username string, phonenumber string) (validated bool, err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers)
	count, err := mgoCollection.Find(bson.M{"username": username, "phonenumber": phonenumber}).Count()
	validated = false
	if err != nil {
		return
	}
	if count != 0 {
		validated = true
	}
	return
}
Exemple #5
0
//GetSmsCode returns an sms code for a specified phone label
func (service *Service) GetSmsCode(w http.ResponseWriter, request *http.Request) {
	phoneLabel := mux.Vars(request)["phoneLabel"]
	loginSession, err := service.GetSession(request, SessionLogin, "loginsession")
	if err != nil {
		log.Error("Error getting login session", err)
		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
		return
	}
	sessionInfo, err := newLoginSessionInformation()
	if err != nil {
		log.Error("Error creating login session information", err)
		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
		return
	}
	username, ok := loginSession.Values["username"].(string)
	if username == "" || !ok {
		http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
		return
	}
	userMgr := user.NewManager(request)
	userFromDB, err := userMgr.GetByName(username)
	if err != nil {
		log.Error("Error getting user", err)
		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
		return
	}
	phoneNumber, err := userFromDB.GetPhonenumberByLabel(phoneLabel)
	if err != nil {
		log.Debug(userFromDB.Phonenumbers)
		http.Error(w, http.StatusText(http.StatusNotFound), http.StatusNotFound)
		return
	}
	loginSession.Values["sessionkey"] = sessionInfo.SessionKey
	authClientId := loginSession.Values["auth_client_id"]
	authenticatingOrganization := ""
	if authClientId != nil {
		authenticatingOrganization = authClientId.(string)
	}
	mgoCollection := db.GetCollection(db.GetDBSession(request), mongoLoginCollectionName)
	mgoCollection.Insert(sessionInfo)
	organizationText := ""
	if authenticatingOrganization != "" {
		split := strings.Split(authenticatingOrganization, ".")
		organizationText = fmt.Sprintf("to authorize the organization %s, ", split[len(split)-1])
	}
	smsmessage := fmt.Sprintf("To continue signing in at itsyou.online %senter the code %s in the form or use this link: https://%s/sc?c=%s&k=%s",
		organizationText, sessionInfo.SMSCode, request.Host, sessionInfo.SMSCode, url.QueryEscape(sessionInfo.SessionKey))
	sessions.Save(request, w)
	go service.smsService.Send(phoneNumber.Phonenumber, smsmessage)
	w.WriteHeader(http.StatusNoContent)
}
Exemple #6
0
func (service *Service) getLoginSessionInformation(request *http.Request, sessionKey string) (sessionInfo *loginSessionInformation, err error) {

	if sessionKey == "" {
		sessionKey, err = service.getSessionKey(request)
		if err != nil || sessionKey == "" {
			return
		}
	}

	mgoCollection := db.GetCollection(db.GetDBSession(request), mongoLoginCollectionName)
	sessionInfo = &loginSessionInformation{}
	err = mgoCollection.Find(bson.M{"sessionkey": sessionKey}).One(sessionInfo)
	if err == mgo.ErrNotFound {
		sessionInfo = nil
		err = nil
	}
	return
}
Exemple #7
0
//MobileSMSConfirmation is the page that is linked to in the SMS and is thus accessed on the mobile phone
func (service *Service) MobileSMSConfirmation(w http.ResponseWriter, request *http.Request) {

	err := request.ParseForm()
	if err != nil {
		log.Debug("ERROR parsing mobile smsconfirmation form", err)
		http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
		return
	}

	values := request.Form
	sessionKey := values.Get("k")
	smscode := values.Get("c")

	var validsmscode bool
	sessionInfo, err := service.getLoginSessionInformation(request, sessionKey)
	if err != nil {
		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
		return
	}

	if sessionInfo == nil {
		service.renderSMSConfirmationPage(w, request, "Invalid or expired link")
		return
	}

	validsmscode = (smscode == sessionInfo.SMSCode)

	if !validsmscode { //TODO: limit to 3 failed attempts
		service.renderSMSConfirmationPage(w, request, "Invalid or expired link")
		return
	}
	mgoCollection := db.GetCollection(db.GetDBSession(request), mongoLoginCollectionName)

	_, err = mgoCollection.UpdateAll(bson.M{"sessionkey": sessionKey}, bson.M{"$set": bson.M{"confirmed": true}})
	if err != nil {
		log.Error("Error while confirming sms 2fa - ", err)
		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
		return
	}
	service.renderSMSConfirmationPage(w, request, "You will be logged in within a few seconds")
}
Exemple #8
0
func (manager *Manager) GetByPhoneNumber(searchString string) (validatedPhonenumber ValidatedPhonenumber, err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers)
	err = mgoCollection.Find(bson.M{"phonenumber": searchString}).One(&validatedPhonenumber)
	return validatedPhonenumber, err
}
Exemple #9
0
func (manager *Manager) HasValidatedPhones(username string) (hasValidatedPhones bool, err error) {
	count, err := db.GetCollection(manager.session, mongoValidatedPhonenumbers).Find(bson.M{"username": username}).Count()
	hasValidatedPhones = count > 0
	return hasValidatedPhones, err
}
Exemple #10
0
func getCollection(session *mgo.Session) *mgo.Collection {
	return db.GetCollection(session, mongoCollectionName)
}
Exemple #11
0
//getAccessTokenCollection returns the mongo collection for the accessTokens
func (m *Manager) getAccessTokenCollection() *mgo.Collection {
	return db.GetCollection(m.session, tokensCollectionName)
}
Exemple #12
0
func (m *Manager) getUserCollection() *mgo.Collection {
	return db.GetCollection(m.session, mongoUsersCollectionName)
}
Exemple #13
0
//getClientsCollection returns the mongo collection for the clients
func (m *Manager) getClientsCollection() *mgo.Collection {
	return db.GetCollection(m.session, clientsCollectionName)
}
Exemple #14
0
func (manager *Manager) GetByEmailAddress(searchString string) (validatedEmailaddress ValidatedEmailAddress, err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses)
	err = mgoCollection.Find(bson.M{"emailaddress": searchString}).One(&validatedEmailaddress)
	return validatedEmailaddress, err
}
Exemple #15
0
//SavePhonenumberValidationInformation stores a validated phonenumber.
func (manager *Manager) SavePhonenumberValidationInformation(info *PhonenumberValidationInformation) (err error) {
	mgoCollection := db.GetCollection(manager.session, mongoOngoingPhonenumberValidationCollectionName)
	_, err = mgoCollection.Upsert(bson.M{"phonenumber": info.Phonenumber}, info)
	return
}
Exemple #16
0
func (manager *Manager) UpdateEmailAddressValidationInformation(key string, confirmed bool) (err error) {
	mgoCollection := db.GetCollection(manager.session, mongoOngoingEmailAddressValidationCollectionName)
	err = mgoCollection.Update(bson.M{"key": key}, bson.M{"$set": bson.M{"confirmed": confirmed}})
	return
}
Exemple #17
0
func (manager *Manager) RemoveEmailAddressValidationInformation(key string) (err error) {
	mgoCollection := db.GetCollection(manager.session, mongoOngoingEmailAddressValidationCollectionName)
	_, err = mgoCollection.RemoveAll(bson.M{"key": key})
	return
}
Exemple #18
0
func (manager *Manager) RemoveValidatedEmailAddress(username string, email string) (err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses)
	_, err = mgoCollection.RemoveAll(bson.M{"username": username, "emailaddress": email})
	return
}
Exemple #19
0
func (manager *Manager) RemoveValidatedPhonenumber(username string, phonenumber string) (err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers)
	_, err = mgoCollection.RemoveAll(bson.M{"username": username, "phonenumber": phonenumber})
	return
}
Exemple #20
0
//SaveEmailAddressValidationInformation stores a validated emailaddress
func (manager *Manager) SaveEmailAddressValidationInformation(info *EmailAddressValidationInformation) (err error) {
	mgoCollection := db.GetCollection(manager.session, mongoOngoingEmailAddressValidationCollectionName)
	_, err = mgoCollection.Upsert(bson.M{"emailaddress": info.EmailAddress}, info)
	return
}
Exemple #21
0
func getCompanyCollection(session *mgo.Session) *mgo.Collection {
	return db.GetCollection(session, COLLECTION_COMPANIES)
}
Exemple #22
0
func (manager *Manager) SaveValidatedPhonenumber(validated *ValidatedPhonenumber) (err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers)
	_, err = mgoCollection.Upsert(bson.M{"phonenumber": validated.Phonenumber}, validated)
	return
}
Exemple #23
0
func (m *Manager) getRegistryCollection() *mgo.Collection {
	return db.GetCollection(m.session, mongoRegistryCollectionName)
}
Exemple #24
0
func (manager *Manager) SaveValidatedEmailAddress(validated *ValidatedEmailAddress) (err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses)
	_, err = mgoCollection.Upsert(bson.M{"emailaddress": validated.EmailAddress}, validated)
	return
}
Exemple #25
0
func (m *Manager) getAuthorizationCollection() *mgo.Collection {
	return db.GetCollection(m.session, mongoAuthorizationsCollectionName)
}
Exemple #26
0
func (manager *Manager) GetByUsernameValidatedPhonenumbers(username string) (validatednumbers []ValidatedPhonenumber, err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers)
	err = mgoCollection.Find(bson.M{"username": username}).All(&validatednumbers)
	return
}
Exemple #27
0
//getAuthorizationRequestCollection returns the mongo collection for the authorizationRequests
func (m *Manager) getAuthorizationRequestCollection() *mgo.Collection {
	return db.GetCollection(m.session, requestsCollectionName)
}
Exemple #28
0
func (manager *Manager) GetByEmailAddressValidatedEmailAddress(email string) (validatedemail *ValidatedEmailAddress, err error) {
	validatedemail = &ValidatedEmailAddress{}
	mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses)
	err = mgoCollection.Find(bson.M{"emailaddress": email}).One(validatedemail)
	return
}
Exemple #29
0
func getOrganizationRequestCollection(session *mgo.Session) *mgo.Collection {
	return db.GetCollection(session, mongoOrganizationRequestCollectionName)
}
Exemple #30
0
func (manager *Manager) GetByUsernameValidatedEmailAddress(username string) (validatedemails []ValidatedEmailAddress, err error) {
	mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses)
	err = mgoCollection.Find(bson.M{"username": username}).All(&validatedemails)
	return
}