//NewManager creates and initializes a new Manager func NewManager(r *http.Request) *Manager { session := db.GetDBSession(r) return &Manager{ session: session, collection: db.GetCollection(session, mongoCollectionName), } }
func (manager *Manager) GetByKeyEmailAddressValidationInformation(key string) (info *EmailAddressValidationInformation, err error) { mgoCollection := db.GetCollection(manager.session, mongoOngoingEmailAddressValidationCollectionName) err = mgoCollection.Find(bson.M{"key": key}).One(&info) if err == mgo.ErrNotFound { info = nil err = nil } return }
func (manager *Manager) IsEmailAddressValidated(username string, emailaddress string) (validated bool, err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses) count, err := mgoCollection.Find(bson.M{"username": username, "emailaddress": emailaddress}).Count() validated = false if err != nil { return } if count != 0 { validated = true } return }
func (manager *Manager) IsPhonenumberValidated(username string, phonenumber string) (validated bool, err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers) count, err := mgoCollection.Find(bson.M{"username": username, "phonenumber": phonenumber}).Count() validated = false if err != nil { return } if count != 0 { validated = true } return }
//GetSmsCode returns an sms code for a specified phone label func (service *Service) GetSmsCode(w http.ResponseWriter, request *http.Request) { phoneLabel := mux.Vars(request)["phoneLabel"] loginSession, err := service.GetSession(request, SessionLogin, "loginsession") if err != nil { log.Error("Error getting login session", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } sessionInfo, err := newLoginSessionInformation() if err != nil { log.Error("Error creating login session information", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } username, ok := loginSession.Values["username"].(string) if username == "" || !ok { http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) return } userMgr := user.NewManager(request) userFromDB, err := userMgr.GetByName(username) if err != nil { log.Error("Error getting user", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } phoneNumber, err := userFromDB.GetPhonenumberByLabel(phoneLabel) if err != nil { log.Debug(userFromDB.Phonenumbers) http.Error(w, http.StatusText(http.StatusNotFound), http.StatusNotFound) return } loginSession.Values["sessionkey"] = sessionInfo.SessionKey authClientId := loginSession.Values["auth_client_id"] authenticatingOrganization := "" if authClientId != nil { authenticatingOrganization = authClientId.(string) } mgoCollection := db.GetCollection(db.GetDBSession(request), mongoLoginCollectionName) mgoCollection.Insert(sessionInfo) organizationText := "" if authenticatingOrganization != "" { split := strings.Split(authenticatingOrganization, ".") organizationText = fmt.Sprintf("to authorize the organization %s, ", split[len(split)-1]) } smsmessage := fmt.Sprintf("To continue signing in at itsyou.online %senter the code %s in the form or use this link: https://%s/sc?c=%s&k=%s", organizationText, sessionInfo.SMSCode, request.Host, sessionInfo.SMSCode, url.QueryEscape(sessionInfo.SessionKey)) sessions.Save(request, w) go service.smsService.Send(phoneNumber.Phonenumber, smsmessage) w.WriteHeader(http.StatusNoContent) }
func (service *Service) getLoginSessionInformation(request *http.Request, sessionKey string) (sessionInfo *loginSessionInformation, err error) { if sessionKey == "" { sessionKey, err = service.getSessionKey(request) if err != nil || sessionKey == "" { return } } mgoCollection := db.GetCollection(db.GetDBSession(request), mongoLoginCollectionName) sessionInfo = &loginSessionInformation{} err = mgoCollection.Find(bson.M{"sessionkey": sessionKey}).One(sessionInfo) if err == mgo.ErrNotFound { sessionInfo = nil err = nil } return }
//MobileSMSConfirmation is the page that is linked to in the SMS and is thus accessed on the mobile phone func (service *Service) MobileSMSConfirmation(w http.ResponseWriter, request *http.Request) { err := request.ParseForm() if err != nil { log.Debug("ERROR parsing mobile smsconfirmation form", err) http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) return } values := request.Form sessionKey := values.Get("k") smscode := values.Get("c") var validsmscode bool sessionInfo, err := service.getLoginSessionInformation(request, sessionKey) if err != nil { http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } if sessionInfo == nil { service.renderSMSConfirmationPage(w, request, "Invalid or expired link") return } validsmscode = (smscode == sessionInfo.SMSCode) if !validsmscode { //TODO: limit to 3 failed attempts service.renderSMSConfirmationPage(w, request, "Invalid or expired link") return } mgoCollection := db.GetCollection(db.GetDBSession(request), mongoLoginCollectionName) _, err = mgoCollection.UpdateAll(bson.M{"sessionkey": sessionKey}, bson.M{"$set": bson.M{"confirmed": true}}) if err != nil { log.Error("Error while confirming sms 2fa - ", err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } service.renderSMSConfirmationPage(w, request, "You will be logged in within a few seconds") }
func (manager *Manager) GetByPhoneNumber(searchString string) (validatedPhonenumber ValidatedPhonenumber, err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers) err = mgoCollection.Find(bson.M{"phonenumber": searchString}).One(&validatedPhonenumber) return validatedPhonenumber, err }
func (manager *Manager) HasValidatedPhones(username string) (hasValidatedPhones bool, err error) { count, err := db.GetCollection(manager.session, mongoValidatedPhonenumbers).Find(bson.M{"username": username}).Count() hasValidatedPhones = count > 0 return hasValidatedPhones, err }
func getCollection(session *mgo.Session) *mgo.Collection { return db.GetCollection(session, mongoCollectionName) }
//getAccessTokenCollection returns the mongo collection for the accessTokens func (m *Manager) getAccessTokenCollection() *mgo.Collection { return db.GetCollection(m.session, tokensCollectionName) }
func (m *Manager) getUserCollection() *mgo.Collection { return db.GetCollection(m.session, mongoUsersCollectionName) }
//getClientsCollection returns the mongo collection for the clients func (m *Manager) getClientsCollection() *mgo.Collection { return db.GetCollection(m.session, clientsCollectionName) }
func (manager *Manager) GetByEmailAddress(searchString string) (validatedEmailaddress ValidatedEmailAddress, err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses) err = mgoCollection.Find(bson.M{"emailaddress": searchString}).One(&validatedEmailaddress) return validatedEmailaddress, err }
//SavePhonenumberValidationInformation stores a validated phonenumber. func (manager *Manager) SavePhonenumberValidationInformation(info *PhonenumberValidationInformation) (err error) { mgoCollection := db.GetCollection(manager.session, mongoOngoingPhonenumberValidationCollectionName) _, err = mgoCollection.Upsert(bson.M{"phonenumber": info.Phonenumber}, info) return }
func (manager *Manager) UpdateEmailAddressValidationInformation(key string, confirmed bool) (err error) { mgoCollection := db.GetCollection(manager.session, mongoOngoingEmailAddressValidationCollectionName) err = mgoCollection.Update(bson.M{"key": key}, bson.M{"$set": bson.M{"confirmed": confirmed}}) return }
func (manager *Manager) RemoveEmailAddressValidationInformation(key string) (err error) { mgoCollection := db.GetCollection(manager.session, mongoOngoingEmailAddressValidationCollectionName) _, err = mgoCollection.RemoveAll(bson.M{"key": key}) return }
func (manager *Manager) RemoveValidatedEmailAddress(username string, email string) (err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses) _, err = mgoCollection.RemoveAll(bson.M{"username": username, "emailaddress": email}) return }
func (manager *Manager) RemoveValidatedPhonenumber(username string, phonenumber string) (err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers) _, err = mgoCollection.RemoveAll(bson.M{"username": username, "phonenumber": phonenumber}) return }
//SaveEmailAddressValidationInformation stores a validated emailaddress func (manager *Manager) SaveEmailAddressValidationInformation(info *EmailAddressValidationInformation) (err error) { mgoCollection := db.GetCollection(manager.session, mongoOngoingEmailAddressValidationCollectionName) _, err = mgoCollection.Upsert(bson.M{"emailaddress": info.EmailAddress}, info) return }
func getCompanyCollection(session *mgo.Session) *mgo.Collection { return db.GetCollection(session, COLLECTION_COMPANIES) }
func (manager *Manager) SaveValidatedPhonenumber(validated *ValidatedPhonenumber) (err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers) _, err = mgoCollection.Upsert(bson.M{"phonenumber": validated.Phonenumber}, validated) return }
func (m *Manager) getRegistryCollection() *mgo.Collection { return db.GetCollection(m.session, mongoRegistryCollectionName) }
func (manager *Manager) SaveValidatedEmailAddress(validated *ValidatedEmailAddress) (err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses) _, err = mgoCollection.Upsert(bson.M{"emailaddress": validated.EmailAddress}, validated) return }
func (m *Manager) getAuthorizationCollection() *mgo.Collection { return db.GetCollection(m.session, mongoAuthorizationsCollectionName) }
func (manager *Manager) GetByUsernameValidatedPhonenumbers(username string) (validatednumbers []ValidatedPhonenumber, err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedPhonenumbers) err = mgoCollection.Find(bson.M{"username": username}).All(&validatednumbers) return }
//getAuthorizationRequestCollection returns the mongo collection for the authorizationRequests func (m *Manager) getAuthorizationRequestCollection() *mgo.Collection { return db.GetCollection(m.session, requestsCollectionName) }
func (manager *Manager) GetByEmailAddressValidatedEmailAddress(email string) (validatedemail *ValidatedEmailAddress, err error) { validatedemail = &ValidatedEmailAddress{} mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses) err = mgoCollection.Find(bson.M{"emailaddress": email}).One(validatedemail) return }
func getOrganizationRequestCollection(session *mgo.Session) *mgo.Collection { return db.GetCollection(session, mongoOrganizationRequestCollectionName) }
func (manager *Manager) GetByUsernameValidatedEmailAddress(username string) (validatedemails []ValidatedEmailAddress, err error) { mgoCollection := db.GetCollection(manager.session, mongoValidatedEmailAddresses) err = mgoCollection.Find(bson.M{"username": username}).All(&validatedemails) return }