// Creating a session is equivalent to logging in.
func (hooks SessionResourceHooks) ApiCreate(res kit.Resource, obj kit.Model, r kit.Request) kit.Response {
userService := res.Registry().UserService()
meta := r.GetMeta()
isAnonymous, _ := meta.Bool("anonymous")
// Find user.
userIdentifier := meta.String("user")
adaptor := meta.String("adaptor")
data, _ := meta.Map("authData")
var user kit.User
if !isAnonymous {
if adaptor == "" {
return kit.NewErrorResponse("adaptor_missing", "Expected 'adaptor' in metadata.", true)
}
if data == nil {
kit.NewErrorResponse("no_or_invalid_auth_data", "Expected 'authData' dictionary in metadata.")
}
var err apperror.Error
user, err = userService.AuthenticateUser(userIdentifier, adaptor, data)
if err != nil {
return kit.NewErrorResponse(err)
}
}
session, err := userService.StartSession(user, r.GetFrontend())
if err != nil {
return kit.NewErrorResponse(err)
}
responseMeta := make(map[string]interface{})
if !isAnonymous {
userData, err := res.Backend().ModelToMap(user, true, false)
if err != nil {
return kit.NewErrorResponse("marshal_error", err)
}
responseMeta["user"] = userData
if user.GetProfile() != nil {
profileData, err := res.Backend().ModelToMap(user.GetProfile(), true, false)
if err != nil {
return kit.NewErrorResponse("marshal_error", err)
}
responseMeta["profile"] = profileData
}
}
return &kit.AppResponse{
Data: session,
Meta: responseMeta,
}
}
func (s *Service) CreateUser(user kit.User, adaptorName string, authData map[string]interface{}) apperror.Error {
adaptor := s.AuthAdaptor(adaptorName)
if adaptor == nil {
return &apperror.Err{
Code: "unknown_auth_adaptor",
Message: fmt.Sprintf("Auth adaptor %v was not registered with user service", adaptorName),
Public: true,
}
}
authItem, err := adaptor.RegisterUser(user, authData)
if err != nil {
return apperror.Wrap(err, "adaptor_error", "")
}
if user.GetUsername() == "" {
user.SetUsername(user.GetEmail())
}
// Check if user with same username or email exists.
oldUser, err2 := s.Users.Q().
Filter("email", user.GetEmail()).Or("username", user.GetUsername()).First()
if err2 != nil {
return err2
} else if oldUser != nil {
return &apperror.Err{
Code: "user_exists",
Message: "A user with the username or email already exists",
Public: true,
}
}
user.SetIsActive(true)
profile := user.GetProfile()
// If a profile is configured, and the user does not have a profile yet,
// create a new one.
if s.Profiles != nil && profile == nil {
profile = s.Profiles.CreateModel().(kit.UserProfile)
user.SetProfile(profile)
}
if err := s.Users.Create(user, nil); err != nil {
return err
}
// Create profile if one exists.
if profile != nil {
profile.SetUser(user)
if err := s.Profiles.Create(profile, user); err != nil {
s.Users.Backend().Delete(user)
return apperror.Wrap(err, "user_profile_create_error", "Could not create the user profile")
}
}
// Persist auth item.
if authItemUserId, ok := authItem.(kit.UserModel); ok {
authItemUserId.SetUserId(user.GetId())
}
if err := s.Users.Backend().Create(authItem); err != nil {
s.Users.Backend().Delete(user)
if profile != nil {
s.Profiles.Backend().Delete(profile)
}
return apperror.Wrap(err, "auth_item_create_error", "")
}
if err := s.SendConfirmationEmail(user); err != nil {
s.registry.Logger().Errorf("Could not send confirmation email: %v", err)
}
return nil
}