func RefreshToken(w http.ResponseWriter, r *http.Request) {
userID := context.Get(r, "user_id").(uint64)
token := context.Get(r, "user_token").(string)
var reqBody authorizePutBody
if appErr := decode(r, &reqBody); appErr != nil {
reply.Err(w, appErr)
return
}
userToken := model.UserToken{UserID: userID, Token: token, RefreshToken: reqBody.RefreshToken}
if valid, err := userToken.RefreshTokenValid(); !valid || err != nil {
if !valid {
reply.Err(w, ae.TokenInvalid("", err, "refresh_token"))
} else {
reply.Err(w, ae.DB("", err))
}
return
}
if err := userToken.Delete(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
newToken := model.UserToken{UserID: userID}
if err := newToken.Add(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
reply.OK(w, newToken)
}
func SaveUser(w http.ResponseWriter, r *http.Request) {
reqBody := userReqPostBody{}
appErr := decode(r, &reqBody)
if appErr != nil {
reply.Err(w, appErr)
return
}
user := model.User{}
user.Email = reqBody.Email
user.Password = reqBody.Password
exists, err := user.EmailExists()
if exists {
reply.Err(w, ae.UserNameExists("", "email"))
return
} else if err != nil {
reply.Err(w, ae.DB("", err))
return
}
user.HashPassword("")
err = user.Save()
if err != nil {
reply.Err(w, ae.DB("", err))
return
}
reply.OK(w, user)
}
func SignOut(w http.ResponseWriter, r *http.Request) {
userToken := model.UserToken{}
userToken.Token = context.Get(r, "user_token").(string)
if err := userToken.GetUserIdFromToken(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
if err := userToken.Delete(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
reply.OK(w, userToken)
}
func DeleteUser(w http.ResponseWriter, r *http.Request) {
user := model.User{}
user.UserID = context.Get(r, "user_id").(uint64)
err := user.Get()
if err != nil {
reply.Err(w, ae.DB("", err))
}
err = user.Delete()
if err != nil {
reply.Err(w, ae.DB("", err))
}
reply.OK(w, user)
}
func TruncateDB(w http.ResponseWriter, r *http.Request) {
if err := model.TruncateDB(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
reply.OK(w, "DB Truncated successfully.")
}
func CheckOnlyToken() Adapter {
return func(h http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("X-TOKEN")
if token == "" {
reply.Err(w, ae.Forbidden(""))
return
}
userToken := model.UserToken{Token: token}
if err := userToken.GetUserIdFromToken(); err != nil || userToken.UserID == 0 {
reply.Err(w, ae.Forbidden(""))
return
}
context.Set(r, "user_id", userToken.UserID)
context.Set(r, "user_token", userToken.Token)
h.ServeHTTP(w, r)
})
}
}
func EmailExists(w http.ResponseWriter, r *http.Request) {
urlParams := context.Get(r, "params").(httprouter.Params)
email := urlParams.ByName("email")
if len(email) == 0 {
reply.Err(w, ae.Required("", "email"))
return
}
user := model.User{}
user.Email = email
exists, err := user.EmailExists()
if err != nil {
reply.Err(w, ae.DB("", err))
return
}
result := make(map[string]interface{})
result["exists"] = exists
reply.OK(w, result)
}
func UpdateUser(w http.ResponseWriter, r *http.Request) {
userID := context.Get(r, "user_id").(uint64)
reqBody := userReqPutBody{}
appErr := decode(r, &reqBody)
if appErr != nil {
reply.Err(w, appErr)
return
}
user := model.User{UserID: userID}
if err := user.Get(); err != nil {
if err == sql.ErrNoRows {
reply.Err(w, ae.ResourceNotFound(""))
return
}
reply.Err(w, ae.DB("", err))
return
}
user.FirstName = reqBody.FirstName
user.LastName = reqBody.LastName
user.ProfilePicURL = reqBody.ProfilePicURL
user.MetricSystem = reqBody.MetricSystem
if err := user.Save(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
if err := user.Get(); err != nil {
reply.Err(w, ae.DB("", err))
return
}
reply.OK(w, user)
return
}
func GetUser(w http.ResponseWriter, r *http.Request) {
userID := context.Get(r, "user_id").(uint64)
var err error
urlParams := context.Get(r, "params").(httprouter.Params)
id := urlParams.ByName("id")
if len(id) != 0 {
userID, err = strconv.ParseUint(id, 10, 64)
if err != nil {
reply.Err(w, ae.InvalidInput("id is not a number", "id"))
}
}
user := model.User{}
user.UserID = userID
err = user.Get()
if err != nil {
reply.Err(w, ae.DB("", err))
return
}
reply.OK(w, user)
}
func SignIn(w http.ResponseWriter, r *http.Request) {
reqBody := userReqPostBody{}
appErr := decode(r, &reqBody)
if appErr != nil {
reply.Err(w, appErr)
return
}
var userToken *model.UserToken
if len(reqBody.GoogleKey) != 0 {
userToken, appErr = signinWithGoogle(reqBody)
if appErr != nil {
reply.Err(w, appErr)
return
}
} else {
userToken, appErr = signinWithUserName(reqBody)
if appErr != nil {
reply.Err(w, appErr)
return
}
}
reply.OK(w, userToken)
}
