func ChangePassword(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder, dtx *apicontext.DataContext) string { user := customer.CustomerUser{ Email: r.FormValue("email"), } oldPass := r.FormValue("oldPass") newPass := r.FormValue("newPass") if err := user.ChangePass(oldPass, newPass, dtx); err != nil { apierror.GenerateError("Could not change password: "******"" } return encoding.Must(enc.Encode("Success")) }
func ResetPassword(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder) string { var err error email := r.FormValue("email") custID := r.FormValue("customerID") site := r.FormValue("site") if email == "" { err = errors.New("No email address provided") apierror.GenerateError("No email address provided", err, rw, r) return "" } if custID == "" { err = errors.New("Customer ID cannot be blank") apierror.GenerateError("Customer ID cannot be blank", err, rw, r) return "" } var user customer.CustomerUser user.Email = email user.CustID, err = strconv.Atoi(custID) if err != nil { apierror.GenerateError("Trouble parsing cust ID", err, rw, r) return "" } resp, err := user.ResetPass() if err != nil || resp == "" { apierror.GenerateError("Trouble resetting user password", err, rw, r) return "" } //email subject := "Your Password Has Been Reset" body := `<p>Here is your new password for the ` + site + ` site.</p> <p>Password: ` + resp + `</p><p> If you did not request this password, please contact <a href="mailto:[email protected]">Web Support</a></p> <p>Thanks, </p> <p>The Ecommerce Developer Team</P>` err = emailHelper.Send([]string{email}, subject, body, true) if err != nil { apierror.GenerateError("Trouble emailing new user password", err, rw, r) return "" } return encoding.Must(enc.Encode("success")) }
func DeleteCustomerUser(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder, params martini.Params) string { var err error var cu customer.CustomerUser if params["id"] != "" { cu.Id = params["id"] } else if r.FormValue("id") != "" { cu.Id = r.FormValue("id") } else { err = errors.New("Trouble getting customer user ID") apierror.GenerateError("Trouble getting customer user ID", err, rw, r) return "" } if err = cu.Delete(); err != nil { apierror.GenerateError("Trouble deleting customer user", err, rw, r) return "" } return encoding.Must(enc.Encode(cu)) }
func GetUserById(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder, params martini.Params) string { var err error var user customer.CustomerUser qs := r.URL.Query() key := qs.Get("key") if params["id"] != "" { user.Id = params["id"] } else if r.FormValue("id") != "" { user.Id = r.FormValue("id") } else { err = errors.New("Trouble getting customer user ID") apierror.GenerateError("Trouble getting customer user ID", err, rw, r) return "" } if err = user.Get(key); err != nil { apierror.GenerateError("Trouble getting customer user", err, rw, r) return "" } return encoding.Must(enc.Encode(user)) }
func UpdateCustomerUser(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder, params martini.Params) string { var err error var cu customer.CustomerUser qs := r.URL.Query() key := qs.Get("key") if params["id"] != "" { cu.Id = params["id"] } else if r.FormValue("id") != "" { cu.Id = r.FormValue("id") } else { err = errors.New("Trouble getting customer user ID") apierror.GenerateError("Trouble getting customer user ID", err, rw, r) return "" } if err = cu.Get(key); err != nil { apierror.GenerateError("Trouble getting customer user", err, rw, r) return "" } if strings.ToLower(r.Header.Get("Content-Type")) == "application/json" { var data []byte if data, err = ioutil.ReadAll(r.Body); err != nil { apierror.GenerateError("Trouble reading request body while updating customer user", err, rw, r) return "" } if err = json.Unmarshal(data, &cu); err != nil { apierror.GenerateError("Trouble unmarshalling json request body while updating customer user", err, rw, r) return "" } } else { name := r.FormValue("name") email := r.FormValue("email") isActive := r.FormValue("isActive") locationID := r.FormValue("locationID") isSudo := r.FormValue("isSudo") notCustomer := r.FormValue("notCustomer") if name != "" { cu.Name = name } if email != "" { cu.Email = email } if isActive != "" { if cu.Active, err = strconv.ParseBool(isActive); err != nil { cu.Active = false } } if locationID != "" { if cu.Location.Id, err = strconv.Atoi(locationID); err != nil { apierror.GenerateError("Trouble getting location ID", err, rw, r) return "" } } if isSudo != "" { if cu.Sudo, err = strconv.ParseBool(isSudo); err != nil { cu.Sudo = false } } if notCustomer != "" { if cu.NotCustomer, err = strconv.ParseBool(notCustomer); err != nil { cu.NotCustomer = false } } } if err = cu.UpdateCustomerUser(); err != nil { apierror.GenerateError("Trouble updating customer user", err, rw, r) return "" } return encoding.Must(enc.Encode(cu)) }
//registers an inactive user; emails user and webdev that a new inactive user exists - used by dealers site func RegisterUser(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder) string { var err error name := r.FormValue("name") email := r.FormValue("email") pass := r.FormValue("pass") customerID, err := strconv.Atoi(r.FormValue("customerID")) // isActive, err := strconv.ParseBool(r.FormValue("isActive")) locationID, err := strconv.Atoi(r.FormValue("locationID")) // isSudo, err := strconv.ParseBool(r.FormValue("isSudo")) cust_ID, err := strconv.Atoi(r.FormValue("cust_ID")) notCustomer, err := strconv.ParseBool(r.FormValue("notCustomer")) if email == "" || pass == "" { err = errors.New("Email and password are required.") apierror.GenerateError("Email and password are required", err, rw, r) return "" } var user customer.CustomerUser user.Email = email user.Password = pass if name != "" { user.Name = name } if customerID != 0 { user.OldCustomerID = customerID } if locationID != 0 { user.Location.Id = locationID } if cust_ID != 0 { user.CustomerID = cust_ID } user.Active = false user.Sudo = false user.Current = notCustomer //check for existence of user err = user.FindByEmail() if err == nil { apierror.GenerateError("A user with that email address already exists.", err, rw, r) return "" } err = nil user.Brands, err = brand.GetUserBrands(cust_ID) if err != nil { apierror.GenerateError("Trouble getting user brands.", err, rw, r) return "" } var brandIds []int for _, brand := range user.Brands { brandIds = append(brandIds, brand.ID) } if err = user.Create(brandIds); err != nil { apierror.GenerateError("Trouble registering new customer user", err, rw, r) return "" } //email if err = user.SendRegistrationEmail(); err != nil { apierror.GenerateError("Trouble emailing new customer user", err, rw, r) return "" } if err = user.SendRegistrationRequestEmail(); err != nil { apierror.GenerateError("Trouble emailing webdevelopment regarding new customer user", err, rw, r) return "" } return encoding.Must(enc.Encode(user)) }
//Post - Form Authentication func AuthenticateUser(rw http.ResponseWriter, r *http.Request, enc encoding.Encoder) string { var err error user := customer.CustomerUser{ Email: r.FormValue("email"), Password: r.FormValue("password"), } if err = user.AuthenticateUser(); err != nil { apierror.GenerateError("Trouble authenticating customer user", err, rw, r) return "" } if err = user.GetLocation(); err != nil { apierror.GenerateError("Trouble getting customer user location", err, rw, r) return "" } if err = user.GetKeys(); err != nil { apierror.GenerateError("Trouble getting customer user API keys", err, rw, r) return "" } user.GetComnetAccounts() var key string if len(user.Keys) != 0 { key = user.Keys[0].Key } cust, err := user.GetCustomer(key) if err != nil { apierror.GenerateError("Trouble getting customer user", err, rw, r) return "" } return encoding.Must(enc.Encode(cust)) }
func TestCustomer(t *testing.T) { var err error var c customer.Customer var cu customer.CustomerUser once.Do(initDtx) defer apicontextmock.DeMock(dtx) cu.Id = dtx.UserID err = cu.Get(dtx.APIKey) if err != nil { t.Log(err) } c.Users = append(c.Users, cu) Convey("Testing customer/Customer", t, func() { //test create customer c.Name = "Jason Voorhees" c.Email = "*****@*****.**" bodyBytes, _ := json.Marshal(c) bodyJson := bytes.NewReader(bodyBytes) thyme := time.Now() testThatHttp.Request("put", "/customer", "", "?key=", SaveCustomer, bodyJson, "application/json") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c) So(err, ShouldBeNil) So(c, ShouldHaveSameTypeAs, customer.Customer{}) So(c.Id, ShouldBeGreaterThan, 0) //test update customer c.Fax = "666-1313" c.State.Id = 1 bodyBytes, _ = json.Marshal(c) bodyJson = bytes.NewReader(bodyBytes) thyme = time.Now() testThatHttp.Request("put", "/customer/", ":id", strconv.Itoa(c.Id)+"?key=", SaveCustomer, bodyJson, "application/json") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c) So(err, ShouldBeNil) So(c, ShouldHaveSameTypeAs, customer.Customer{}) So(c.Id, ShouldBeGreaterThan, 0) thyme = time.Now() testThatHttp.RequestWithDtx("post", "/customer", "", "?key=", GetCustomer, nil, "", dtx) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c) So(err, ShouldBeNil) So(c, ShouldHaveSameTypeAs, customer.Customer{}) So(c.Id, ShouldBeGreaterThan, 0) // get customer locations thyme = time.Now() testThatHttp.RequestWithDtx("get", "/customer/locations", "", "?key=", GetLocations, nil, "", dtx) So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()*6) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c.Locations) So(err, ShouldBeNil) So(c.Locations, ShouldHaveSameTypeAs, []customer.CustomerLocation{}) // //get user thyme = time.Now() testThatHttp.RequestWithDtx("post", "/customer/user", "", "?key="+dtx.APIKey, GetUser, nil, "", nil) So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu) So(err, ShouldBeNil) So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{}) //get users thyme = time.Now() testThatHttp.RequestWithDtx("get", "/customer/users", "", "?key=", GetUsers, nil, "", dtx) So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()*5) So(testThatHttp.Response.Code, ShouldEqual, 200) var cus []customer.CustomerUser err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cus) So(err, ShouldBeNil) So(cus, ShouldHaveSameTypeAs, []customer.CustomerUser{}) // get customer price // price.CustID = c.Id // price.Create() // thyme = time.Now() // testThatHttp.Request("get", "/new/customer/price/", ":id", strconv.Itoa(p.ID)+"?key="+apiKey, GetCustomerPrice, nil, "") // So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) // So(testThatHttp.Response.Code, ShouldEqual, 200) // var price float64 // err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &price) // So(err, ShouldBeNil) // So(price, ShouldHaveSameTypeAs, 7.1) // //get customer cart reference // ci.CustID = c.Id // ci.Create() // thyme = time.Now() // testThatHttp.Request("get", "/new/customer/cartRef/", ":id", strconv.Itoa(p.ID)+"?key="+apiKey, GetCustomerCartReference, nil, "") // So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) // So(testThatHttp.Response.Code, ShouldEqual, 200) // var reference int // err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &reference) // So(err, ShouldBeNil) // So(reference, ShouldHaveSameTypeAs, 7) //test delete customer thyme = time.Now() testThatHttp.Request("delete", "/customer/", ":id", strconv.Itoa(c.Id)+"?key=", DeleteCustomer, nil, "") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c) So(err, ShouldBeNil) So(c, ShouldHaveSameTypeAs, customer.Customer{}) So(c.Id, ShouldBeGreaterThan, 0) }) //cleanup err = cu.Delete() err = c.Delete() }
func BenchmarkCRUDCustomerUser(b *testing.B) { dtx, err := apicontextmock.Mock() if err != nil { b.Log(err) } var cu customer.CustomerUser cu.Id = dtx.UserID qs := make(url.Values, 0) qs.Add("key", dtx.APIKey) Convey("CustomerUser", b, func() { form := url.Values{"name": {"Mitt Romney"}, "email": {"*****@*****.**"}, "pass": {"robthepoor"}, "customerID": {strconv.Itoa(dtx.CustomerID)}, "isActive": {"true"}, "locationID": {"1"}, "isSudo": {"true"}, "cust_ID": {"1"}} //create (&httprunner.BenchmarkOptions{ Method: "POST", Route: "/customer/user/register", ParameterizedRoute: "/customer/user/register", Handler: RegisterUser, QueryString: &qs, JsonBody: cu, FormBody: form, Runs: b.N, }).RequestBenchmark() //authenticate user form = url.Values{"email": {"*****@*****.**"}, "password": {"robthepoor"}} (&httprunner.BenchmarkOptions{ Method: "POST", Route: "/customer/auth", ParameterizedRoute: "/customer/auth", Handler: AuthenticateUser, QueryString: &qs, JsonBody: nil, FormBody: nil, Runs: b.N, }).RequestBenchmark() //authenticate user by key (&httprunner.BenchmarkOptions{ Method: "GET", Route: "/customer/auth", ParameterizedRoute: "/customer/auth", Handler: KeyedUserAuthentication, QueryString: &qs, JsonBody: nil, FormBody: nil, Runs: b.N, }).RequestBenchmark() //delete (&httprunner.BenchmarkOptions{ Method: "DELETE", Route: "/customer/user/register", ParameterizedRoute: "/customer/user/register/" + cu.Id, Handler: DeleteCustomerUser, QueryString: &qs, JsonBody: cu, FormBody: nil, Runs: b.N, }).RequestBenchmark() form = url.Values{"email": {"*****@*****.**"}, "password": {"robthepoor"}} }) cu.Delete() err = apicontextmock.DeMock(dtx) if err != nil { b.Log(err) } }
func TestCustomerUser(t *testing.T) { var err error var cu customer.CustomerUser var c customer.Customer c.Name = "Dog Bountyhunter" c.BrandIDs = append(c.BrandIDs, 1) c.Create() var pub, pri, auth apiKeyType.ApiKeyType if database.GetCleanDBFlag() != "" { t.Log(database.GetCleanDBFlag()) //setup apiKeyTypes pub.Type = "Public" pri.Type = "Private" auth.Type = "Authentication" pub.Create() pri.Create() auth.Create() } Convey("Testing customer/User", t, func() { //test create customer user form := url.Values{"name": {"Mitt Romney"}, "email": {"*****@*****.**"}, "pass": {"robthepoor"}, "customerID": {strconv.Itoa(c.Id)}, "isActive": {"true"}, "locationID": {"1"}, "isSudo": {"true"}, "cust_ID": {strconv.Itoa(c.Id)}} v := form.Encode() body := strings.NewReader(v) thyme := time.Now() testThatHttp.Request("post", "/customer/user/register", "", "", RegisterUser, body, "application/x-www-form-urlencoded") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu) So(err, ShouldBeNil) So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{}) So(cu.Id, ShouldNotBeEmpty) //key stuff - get apiKey var apiKey string for _, k := range cu.Keys { if strings.ToLower(k.Type) == "public" { apiKey = k.Key } } //test update customer user form = url.Values{"name": {"Michelle Bachman"}} v = form.Encode() body = strings.NewReader(v) thyme = time.Now() testThatHttp.Request("post", "/customer/user/", ":id", cu.Id, UpdateCustomerUser, body, "application/x-www-form-urlencoded") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu) So(err, ShouldBeNil) So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{}) So(cu.Name, ShouldNotEqual, "Mitt Romney") //test authenticateUser err = c.JoinUser(cu) So(err, ShouldBeNil) form = url.Values{"email": {"*****@*****.**"}, "password": {"robthepoor"}} v = form.Encode() body = strings.NewReader(v) thyme = time.Now() testThatHttp.Request("post", "/customer/auth", "", "", AuthenticateUser, body, "application/x-www-form-urlencoded") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c) So(err, ShouldBeNil) So(c, ShouldHaveSameTypeAs, customer.Customer{}) //test keyed user authentication thyme = time.Now() testThatHttp.Request("get", "/customer/auth", "", "?key="+apiKey, KeyedUserAuthentication, nil, "") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &c) So(err, ShouldBeNil) So(c, ShouldHaveSameTypeAs, customer.Customer{}) //test get user by id thyme = time.Now() testThatHttp.Request("get", "/customer/", ":id", cu.Id+"?key="+apiKey, GetUserById, nil, "") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu) So(err, ShouldBeNil) So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{}) //test change user password form = url.Values{"email": {"*****@*****.**"}, "oldPass": {"robthepoor"}, "newPass": {"prolife"}} v = form.Encode() body = strings.NewReader(v) thyme = time.Now() testThatHttp.Request("post", "/customer/user/changePassword", "", "?key="+apiKey, ChangePassword, body, "application/x-www-form-urlencoded") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()*2) So(testThatHttp.Response.Code, ShouldEqual, 200) var result string err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &result) So(err, ShouldBeNil) So(result, ShouldHaveSameTypeAs, "Success") //test reset user password form = url.Values{"email": {"*****@*****.**"}, "customerID": {strconv.Itoa(c.CustomerId)}} v = form.Encode() body = strings.NewReader(v) thyme = time.Now() testThatHttp.Request("post", "/customer/user/resetPassword", "", "?key="+apiKey, ResetPassword, body, "application/x-www-form-urlencoded") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &result) So(err, ShouldBeNil) So(result, ShouldHaveSameTypeAs, "Success") //test generate api key thyme = time.Now() testThatHttp.Request("post", "/customer/user/", ":id/key/:type", cu.Id+"/key/PRIVATE?key="+apiKey, GenerateApiKey, nil, "") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) var newKey customer.ApiCredentials err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &newKey) So(err, ShouldBeNil) So(newKey.Key, ShouldHaveSameTypeAs, "string") //test delete customer users by customerId var cu2 customer.CustomerUser cu2.Create([]int{1}) c.JoinUser(cu2) thyme = time.Now() testThatHttp.Request("delete", "/customer/allUsersByCustomerID/", ":id", strconv.Itoa(c.Id), DeleteCustomerUsersByCustomerID, nil, "") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) var response string err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &response) So(err, ShouldBeNil) So(response, ShouldHaveSameTypeAs, "this is a string") //test delete customer user thyme = time.Now() testThatHttp.Request("delete", "/customer/user/", ":id", cu.Id, DeleteCustomerUser, nil, "") So(time.Since(thyme).Nanoseconds(), ShouldBeLessThan, time.Second.Nanoseconds()/2) So(testThatHttp.Response.Code, ShouldEqual, 200) err = json.Unmarshal(testThatHttp.Response.Body.Bytes(), &cu) So(err, ShouldBeNil) So(cu, ShouldHaveSameTypeAs, customer.CustomerUser{}) So(cu.Id, ShouldNotBeEmpty) cu2.Delete() }) //teardown err = c.Delete() if err != nil { t.Log(err) } if database.EmptyDb != nil { err = pub.Delete() if err != nil { t.Log(err) } err = pri.Delete() if err != nil { t.Log(err) } err = auth.Delete() if err != nil { t.Log(err) } } err = cu.Delete() if err != nil { t.Log(err) } }