func (h *Service) AuthenticateUser(userIdentifier string, authAdaptorName string, data map[string]interface{}) (kit.User, apperror.Error) {
authAdaptor := h.AuthAdaptor(authAdaptorName)
if authAdaptor == nil {
return nil, &apperror.Err{
Public: true,
Code: "unknown_auth_adaptor",
Message: "Unknown auth adaptor: " + authAdaptorName}
}
var user kit.User
var err apperror.Error
if userIdentifier != "" {
user, err = h.FindUser(userIdentifier)
if err != nil {
return nil, err
} else if user == nil {
return nil, apperror.New("user_not_found", "Username/Email does not exist ", true)
}
}
userId := ""
if user != nil {
userId = user.GetStrId()
}
userId, err = authAdaptor.Authenticate(userId, data)
if err != nil {
if err.IsPublic() {
return nil, err
} else {
return nil, apperror.Wrap(err, "adaptor_error", true)
}
}
if user == nil {
// Query user to get a full user with permissions and profile.
user, err = h.FindUser(userId)
if err != nil {
return nil, err
} else if user == nil {
return nil, &apperror.Err{
Code: "user_not_found",
Message: fmt.Sprintf("User with id %v could not be found", userId),
Public: true,
}
}
}
if !user.IsActive() {
return nil, apperror.New("user_inactive", true)
}
return user, nil
}
func (h *Service) VerifySession(token string) (kit.User, kit.Session, apperror.Error) {
rawSession, err := h.Sessions.FindOne(token)
if err != nil {
return nil, nil, err
} else if rawSession == nil {
return nil, nil, apperror.New("session_not_found", true)
}
session := rawSession.(kit.Session)
if session.GetValidUntil().Sub(time.Now()) < 1 {
return nil, nil, apperror.New("session_expired", true)
}
var user kit.User
if !session.IsAnonymous() {
// Load user.
rawUser, err := h.FindUser(session.GetUserId())
if err != nil {
return nil, nil, err
}
user = rawUser.(kit.User)
if !user.IsActive() {
return nil, nil, apperror.New("user_inactive", true)
}
}
// Prolong session.
session.SetValidUntil(time.Now().Add(time.Hour * 12))
if err := h.Sessions.Update(session, nil); err != nil {
return nil, nil, err
}
return user, session, nil
}