Esempio n. 1
0
// CreateUser create a new user. Checks for duplicate users and password-length requirement
func CreateUser(handle tools.Handle, db *mgo.DbQueue) (interface{}, error) {
	var user models.User

	user.Enable = true
	user.Domains = nil
	user.Variables = nil
	err := rest.Parse(handle.R, &user)
	if err != nil {
		return nil, tools.NewError(err, 400, "bad request: couldn't parse body")
	}

	if user.Username == "" {
		return nil, tools.NewError(nil, 400, "bad request: username is missing")
	}
	if user.Password == "" {
		return nil, tools.NewError(nil, 400, "bad request: password is missing")
	}
	if len(user.Password) < handle.C.PasswordMinLength {
		return nil, tools.NewError(nil, 400, "bad request: password is too short")
	}
	if user.Domains == nil || len(user.Domains) == 0 {
		return nil, tools.NewError(nil, 400, "bad request: domains is missing")
	}
	if user.Variables == nil {
		user.Variables = make(map[string]interface{})
	}
	if govalidator.IsEmail(user.Username) == false {
		return nil, tools.NewError(nil, 400, "bad request: username must be a valid email")
	}

	user.Username, err = govalidator.NormalizeEmail(user.Username)
	if err != nil {
		return nil, tools.NewError(nil, 400, "bad request: username must be a valid email")
	}
	uid, err := user.Create(db)
	return CreateResponse{
		Status: "ok",
		UserID: uid.Hex(),
	}, err
}
Esempio n. 2
0
// InfosUser returns informations about the user. It does not lists its sessions, yet (TODO)
func InfosUser(handle tools.Handle, db *mgo.DbQueue) (interface{}, error) {
	var user models.User

	uid := handle.P.ByName("uid")
	if handle.C.Public == true {
		ret, err := CheckSession(CheckRequest{
			Domain: "/io/konek/app/user",
			Token:  handle.Sid,
		}, db)
		if err != nil {
			return nil, err
		}
		sess := ret.(CheckResponse)
		if uid == "" {
			uid = sess.Session.UserID
		}
		if sess.Session.UserID != uid {
			return nil, tools.NewError(nil, 403, "forbiden: this is not your account")
		}
	}
	if tools.CheckID(uid) == false {
		return nil, tools.NewError(nil, 400, "bad request: invalid userID")
	}

	user.IDFromHex(uid)
	err := user.Get(db)
	if err != nil {
		return nil, err
	}
	user.Password = ""
	user.Salt = ""
	return InfosUserResponse{
		Status: "ok",
		Infos:  user,
	}, nil
}
Esempio n. 3
0
// Login a user, creating a new session.
func Login(handle tools.Handle, db *mgo.DbQueue) (interface{}, error) {
	var q LoginRequest
	var user models.User
	var session models.Session
	var resp LoginResponse

	err := rest.Parse(handle.R, &q)
	if err != nil {
		return nil, tools.NewError(err, 400, "bad request: couldn't parse body")
	}

	if q.Domain == "" {
		return nil, tools.NewError(nil, 400, "bad request: domain is missing")
	}
	if q.Domain == "/" {
		return nil, tools.NewError(nil, 400, "bad request: illegal domain")
	}

	if q.Username == "" {
		return nil, tools.NewError(nil, 400, "bad request: username is missing")
	}
	if q.Password == "" {
		return nil, tools.NewError(nil, 400, "bad request: password is missing")
	}

	user.Username = q.Username
	user.Password = q.Password

	if govalidator.IsEmail(user.Username) == false {
		return nil, tools.NewError(nil, 400, "bad request: username must be a valid email")
	}

	user.Username, err = govalidator.NormalizeEmail(user.Username)
	if err != nil {
		return nil, tools.NewError(nil, 400, "bad request: username must be a valid email")
	}

	ok, err := user.Check(db)
	if err != nil {
		return nil, err
	}
	if ok == false {
		return nil, tools.NewError(nil, 403, "forbidden: invalid user or password")
	}
	if user.Enable == false {
		return nil, tools.NewError(nil, 403, "forbidden: user is diabled")
	}
	ok = user.CheckDomain(q.Domain)
	if ok == false {
		return nil, tools.NewError(nil, 403, "forbidden: restricted domain")
	}

	session.UserID = user.ID
	session.Domain = q.Domain
	remaining, err := session.Create(db, handle.C.SessionLifespan)
	if err != nil {
		return nil, err
	}
	resp.Status = "ok"
	resp.Session.Token = session.ID.Hex()
	resp.Session.UserID = session.UserID.Hex()
	resp.Session.Expire = session.Expire
	resp.Session.Remaining = remaining
	return resp, nil
}