func login(w http.ResponseWriter, req *http.Request, ctx *Context) error {
uid, password := req.FormValue("username"), req.FormValue("password")
// log.Printf("accept: %v (%d)", req.Header["Accept"], len(req.Header["Accept"]))
res := make(osin.ResponseData)
if !backends.Authenticate(uid, password) {
// ctx.Session.AddFlash("Invalid Username/Password")
res["ok"] = false
res["error"] = map[string]string{"message": "Invalid Username/Password", "field": "password"}
return outputJson(res, w)
}
staff, err := backends.GetStaff(uid)
if err != nil {
res["ok"] = false
res["error"] = map[string]string{"message": "Load user failed"}
return outputJson(res, w)
}
//store the user id in the values and redirect to welcome
user := UserFromStaff(staff)
user.Refresh()
ctx.Session.Values[kUserOL] = user
ctx.Session.Values[kLastUid] = staff.Uid
res["ok"] = true
res["referer"] = ctx.Referer
return outputJson(res, w)
// http.Redirect(w, req, reverse("welcome"), http.StatusSeeOther)
}
func profileForm(w http.ResponseWriter, req *http.Request, ctx *Context) error {
if ctx.User == nil || ctx.User.IsExpired() {
http.Redirect(w, req, reverse("login"), http.StatusTemporaryRedirect)
return nil
}
staff, err := backends.GetStaff(ctx.User.Uid)
if err != nil {
return err
}
return T("profile.html").Execute(w, map[string]interface{}{
"ctx": ctx,
"staff": staff,
})
}
// Information endpoint
func oauthInfo(w http.ResponseWriter, r *http.Request, ctx *Context) (err error) {
resp := server.NewResponse()
defer resp.Close()
if ir := server.HandleInfoRequest(resp, r); ir != nil {
debugf("ir Code %s Token %s", ir.Code, ir.AccessData.AccessToken)
var (
uid string
topic = ctx.Vars["topic"]
)
uid = ir.AccessData.UserData.(string)
staff, err := backends.GetStaff(uid)
if err != nil {
resp.SetError("get_user_error", "staff not found")
resp.InternalError = err
} else {
resp.Output["uid"] = uid
if strings.HasPrefix(topic, "me") {
resp.Output["me"] = staff
if len(topic) > 2 && strings.Index(topic, "+") == 2 {
// TODO: search group topic[2:]
}
} else if topic == "staff" {
resp.Output["staff"] = staff
}
}
server.FinishInfoRequest(resp, r, ir)
}
if resp.IsError && resp.InternalError != nil {
log.Printf("info ERROR: %s\n", resp.InternalError)
}
osin.OutputJSON(resp, w, r)
return resp.InternalError
}
// Access token endpoint
func oauthToken(w http.ResponseWriter, r *http.Request, ctx *Context) (err error) {
resp := server.NewResponse()
defer resp.Close()
var (
uid string = ""
user *User
)
if ar := server.HandleAccessRequest(resp, r); ar != nil {
debugf("ar Code %s Scope %s", ar.Code, ar.Scope)
switch ar.Type {
case osin.AUTHORIZATION_CODE:
uid = ar.UserData.(string)
staff, err := backends.GetStaff(uid)
if err != nil {
resp.SetError("get_user_error", "staff not found")
resp.InternalError = err
} else {
user = UserFromStaff(staff)
}
ar.Authorized = true
case osin.REFRESH_TOKEN:
ar.Authorized = true
case osin.PASSWORD:
if Settings.HttpListen == "localhost:3000" && ar.Username == "test" && ar.Password == "test" {
ar.UserData = "test"
ar.Authorized = true
break
}
if !backends.Authenticate(ar.Username, ar.Password) {
resp.SetError("authentication_failed", err.Error())
break
}
staff, err := backends.GetStaff(ar.Username)
if err != nil {
// resp.InternalError = err
resp.SetError("get_user_failed", err.Error())
break
}
ar.Authorized = true
ar.UserData = staff.Uid
user = UserFromStaff(staff)
case osin.CLIENT_CREDENTIALS:
ar.Authorized = true
case osin.ASSERTION:
if ar.AssertionType == "urn:osin.example.complete" && ar.Assertion == "osin.data" {
ar.Authorized = true
}
}
server.FinishAccessRequest(resp, r, ar)
}
if resp.IsError && resp.InternalError != nil {
log.Printf("token ERROR: %s\n", resp.InternalError)
}
if !resp.IsError {
if uid != "" {
resp.Output["uid"] = uid
resp.Output["is_keeper"] = IsKeeper(uid)
}
if user != nil {
resp.Output["user"] = user
}
}
debugf("oauthToken resp: %v", resp)
osin.OutputJSON(resp, w, r)
return resp.InternalError
}