Esempio n. 1
0
func extractKeyIDAndLoadKeyFromDB(token *jwt.Token) (interface{}, error) {
	// Check whether the right signing algorithm was used.
	if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {
		return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
	}

	// Get the user ID
	userID := (token.Header["user"].(float64))

	user, err := models.FindUserByID(int(userID))

	if err != nil {
		return nil, err
	}

	privateKey, err := StringToPrivateKey(user.PrivateKey)

	return privateKey.Public(), err
}
Esempio n. 2
0
// ValidateJWTToken validates a JWT token and returns the user from the DB
func ValidateJWTToken(input string) (*models.User, error) {
	if redis.TokenIsInBlacklist(input) {
		return nil, errors.New("Token is in blacklist.")
	}

	token, err := jwt.Parse(input, extractKeyIDAndLoadKeyFromDB)

	if err != nil || !token.Valid {
		return nil, err
	}

	if token.Claims["user"] != token.Header["user"] {
		return nil, errors.New("The token has been tampered with...inside.")
	}

	userID := (token.Claims["user"].(float64))

	user, err := models.FindUserByID(int(userID))

	return &user, err
}
Esempio n. 3
0
// GetFencesHandler GET /fences
func GetFencesHandler(w http.ResponseWriter, r *http.Request) {
	lat, err1 := strconv.ParseFloat(r.URL.Query().Get("latitude"), 64)
	lon, err2 := strconv.ParseFloat(r.URL.Query().Get("longitude"), 64)
	radius, err3 := strconv.ParseInt(r.URL.Query().Get("radius"), 10, 64)
	userID, err4 := strconv.ParseInt(r.URL.Query().Get("user"), 10, 8)
	excludeOwn, _ := strconv.ParseBool(r.URL.Query().Get("excludeOwn"))

	if err1 == nil && err2 == nil && err3 == nil {
		user, err := auth.ValidateSession(r)

		var result []models.Fence

		if err == nil && excludeOwn {
			result, err = search.FindGeoFencesExceptByUser(lat, lon, radius, user.ID)
		} else {
			result, err = search.FindGeoFences(lat, lon, radius)
		}

		if err != nil {
			InternalServerError(err, w)
			return
		}

		fences := make([]fenceResponse, len(result))
		for i := range result {
			f := result[i]
			fences[i].ID = f.ID
			fences[i].Lat = f.Lat
			fences[i].Lon = f.Lon
			fences[i].Name = f.Name
			fences[i].Radius = f.Radius
			fences[i].Owner = f.UserID
			fences[i].DiesAt = util.Timestamp(f.DiesAt)
			fences[i].RentMultiplier = f.RentMultiplier
			fences[i].OwnerName = f.User.Name
			if user != nil && f.UserID == user.ID {
				fences[i].Cost = f.Cost
				fences[i].TotalEarnings = f.TotalEarnings
				fences[i].TotalVisitors = f.TotalVisitors
			}
		}

		bytes, err := json.Marshal(&fences)

		if err != nil {
			InternalServerError(err, w)
			return
		}

		if user != nil {
			user.LastKnownGeoHash = geomodel.GeoCell(lat, lon, models.LastKnownGeoHashResolution)
			err = user.Save()
			if err != nil {
				InternalServerError(err, w)
				return
			}
		}

		w.Write(bytes)
		return
	}

	if err4 == nil {
		user, _ := auth.ValidateSession(r)

		fenceUser, errA := models.FindUserByID(int(userID))

		if errA != nil {
			InternalServerError(errA, w)
			return
		}

		result, errA := fenceUser.GetFences()
		if errA != nil {
			InternalServerError(errA, w)
			return
		}

		fences := make([]fenceResponse, len(result))
		for i := range result {
			f := result[i]
			fences[i].ID = f.ID
			fences[i].Lat = f.Lat
			fences[i].Lon = f.Lon
			fences[i].Name = f.Name
			fences[i].Radius = f.Radius
			fences[i].Owner = f.UserID
			fences[i].DiesAt = util.Timestamp(f.DiesAt)
			fences[i].RentMultiplier = f.RentMultiplier
			fences[i].OwnerName = fenceUser.Name
			if user != nil && f.UserID == user.ID {
				fences[i].Cost = f.Cost
				fences[i].TotalEarnings = f.TotalEarnings
				fences[i].TotalVisitors = f.TotalVisitors
			}
		}

		bytes, err := json.Marshal(&fences)

		if err != nil {
			InternalServerError(err, w)
			return
		}

		w.Write(bytes)
		return
	}

	err := err1
	if err == nil {
		err = err2
	}
	if err == nil {
		err = err3
	}
	if err == nil {
		err = err4
	}
	if err == nil {
		err = errors.New("Please specify valid query options.")
	}

	InternalServerError(err, w)
}