// RPC/SignInLogin logs in a user, specified by their login (aka username)
// Args:
// "L" string
// "P" string = HMAC-hashed password
// Err:
// ErrApp: If the sign-in information is incorrect
// non-nil: If a technical problem occured
//
func (a *API) SignInLogin(args *rpc.Args, r *rpc.Ret) (err os.Error) {
// Validate and sanitize arguments
login, _ := args.QueryString("L")
if login, err = SanitizeLogin(login); err != nil {
return ErrApp
}
hpass, _ := args.QueryString("P")
// Fetch user for this login
u, _, err := a.db.FindUserByLogin(login)
if err != nil {
return ErrDb
}
if u == nil {
return ErrApp
}
// Verify credentials
if !VerifyPassword(hpass, u.Password) {
return ErrSec
}
r.AddSetCookie(a.newUserAuthCookie(u))
r.AddSetCookie(a.newUserNameCookie(u))
r.AddSetCookie(a.newUserNymCookie(u))
r.SetInt("XPad", 0)
return nil
}
func (a *API) UnsetFollow(args *rpc.Args, r *rpc.Ret) (err os.Error) {
_, uid, err := a.whoAmI(args)
if err != nil {
return err
}
what, _ := args.QueryString("What")
r.SetInt("XPad", 0)
return a.db.UnsetFollow(uid, what)
}
func (a *API) Unlike(args *rpc.Args, r *rpc.Ret) (err os.Error) {
fid, _ := args.QueryString("FID")
_, uid, err := a.whoAmI(args)
if err != nil {
return err
}
r.SetInt("XPad", 0)
return a.db.Unlike(uid, fid)
}
// RemoveMsg deletes a message
func (a *API) RemoveMsg(args *rpc.Args, r *rpc.Ret) (err os.Error) {
_, editorID, err := a.whoAmI(args)
if err != nil {
return err
}
msg, err := args.QueryString("Msg")
if err != nil {
return err
}
r.SetInt("XPad", 0)
return a.db.RemoveMsg(editorID, ObjectIDOfWebString(msg))
}
// EditMsg changes the body of an existing message
func (a *API) EditMsg(args *rpc.Args, r *rpc.Ret) (err os.Error) {
_, editorID, err := a.whoAmI(args)
if err != nil {
return err
}
msg, err := args.QueryString("Msg")
if err != nil {
return err
}
body, err := args.QueryString("Body")
if err != nil || body == "" {
return ErrArg
}
r.SetInt("XPad", 0)
return a.db.EditMsg(editorID, ObjectIDOfWebString(msg), body)
}
// SignUp registers a new user
func (a *API) SignUp(args *rpc.Args, r *rpc.Ret) (err os.Error) {
// Validate and sanitize arguments
name, _ := args.QueryString("N")
if name, err = SanitizeName(name); err != nil {
return ErrApp
}
email, _ := args.QueryString("E")
if email, err = SanitizeEmail(email); err != nil {
return ErrApp
}
login, _ := args.QueryString("L")
if login, err = SanitizeLogin(login); err != nil {
return ErrApp
}
hpass, _ := args.QueryString("P")
// Check that a user like this doesn't already exist
u, _, err := a.db.FindUserByLogin(login)
if err != nil {
return ErrDb
}
if u != nil {
return ErrApp
}
u, err = a.db.FindUserByEmail(email)
if err != nil {
return ErrDb
}
if u != nil {
return ErrApp
}
// Add the user
u = &db.UserDoc{
Name: name,
Login: login,
Email: email,
Password: hpass,
}
if _, err = a.db.AddUser(u); err != nil {
return ErrDb
}
r.SetInt("XPad", 0)
return nil
}
func (a *API) LikeInfo(args *rpc.Args, r *rpc.Ret) (err os.Error) {
fid, _ := args.QueryString("FID")
_, uid, err := a.whoAmI(args)
if err != nil {
return err
}
likes, err := a.db.Likes(uid, fid)
if err != nil {
likes = false
}
n, err := a.db.LikeCount(fid)
if err != nil {
return err
}
r.SetBool("Likes", likes)
r.SetInt("Count", n)
return nil
}
// FollowInfo returns true if the logged user follows the given object
func (a *API) FollowInfo(args *rpc.Args, r *rpc.Ret) (err os.Error) {
_, uid, err := a.whoAmI(args)
if err != nil {
return err
}
what, _ := args.QueryString("What")
follows, err := a.db.IsFollow(uid, what)
if err != nil {
follows = false
}
n, err := a.db.FollowerCount(what)
if err != nil {
return err
}
r.SetBool("Follows", follows)
r.SetInt("Count", n)
return nil
}
func (a *API) Ping(args *rpc.Args, r *rpc.Ret) os.Error {
r.SetInt("XPad", 0)
return nil
}
