/
login.go
71 lines (60 loc) · 1.49 KB
/
login.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package main
import (
"flag"
"net/http"
"strings"
"github.com/bbh-labs/digitaldigest/session"
"google.golang.org/api/plus/v1"
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
)
var redirectURL = flag.String("url", "http://localhost:8080", "redirect URL for OAuth2")
var conf = &oauth2.Config{
ClientID: "275859936684-90o26gr4hdbr4jgvdjobuath4qhq90fc.apps.googleusercontent.com",
ClientSecret: "G-rp5gffbNDQgMgAhMxT5I7m",
RedirectURL: *redirectURL,
Endpoint: google.Endpoint,
}
func login(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case "GET":
if session.GetEmail(r) != "" {
w.WriteHeader(http.StatusOK)
} else {
w.WriteHeader(http.StatusNotFound)
}
case "POST":
authCode := r.FormValue("authCode")
conf.RedirectURL = *redirectURL
tok, err := conf.Exchange(oauth2.NoContext, authCode)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
client := conf.Client(oauth2.NoContext, tok)
service, err := plus.New(client)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
call := service.People.Get("me")
person, err := call.Do()
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
email := ""
for _, em := range person.Emails {
if em.Type == "account" {
email = em.Value
break
}
}
if !strings.HasSuffix(email, "@bartleboglehegarty.com") {
w.WriteHeader(http.StatusForbidden)
return
}
session.Set(w, r, email)
w.WriteHeader(http.StatusOK)
}
}