// Account creation func (s *Session) acc(msg *ClientComMessage) { if s.ver == 0 { s.queueOut(ErrCommandOutOfSequence(msg.Acc.Id, "", msg.timestamp)) return } if msg.Acc.Auth == nil { s.queueOut(ErrMalformed(msg.Acc.Id, "", msg.timestamp)) return } else if len(msg.Acc.Auth) == 0 { s.queueOut(ErrAuthUnknownScheme(msg.Acc.Id, "", msg.timestamp)) return } if msg.Acc.User == "new" { // Request to create a new account for _, auth := range msg.Acc.Auth { if auth.Scheme == "basic" { var private interface{} var user types.User if msg.Acc.Desc != nil { user.Access.Auth = DEFAULT_AUTH_ACCESS user.Access.Anon = DEFAULT_ANON_ACCESS if msg.Acc.Desc.DefaultAcs != nil { if msg.Acc.Desc.DefaultAcs.Auth != "" { user.Access.Auth.UnmarshalText([]byte(msg.Acc.Desc.DefaultAcs.Auth)) } if msg.Acc.Desc.DefaultAcs.Anon != "" { user.Access.Anon.UnmarshalText([]byte(msg.Acc.Desc.DefaultAcs.Anon)) } } if !isNullValue(msg.Acc.Desc.Public) { user.Public = msg.Acc.Desc.Public } if !isNullValue(msg.Acc.Desc.Private) { private = msg.Acc.Desc.Private } } _, err := store.Users.Create(&user, private) if err != nil { if err.Error() == "duplicate credential" { s.queueOut(ErrDuplicateCredential(msg.Acc.Id, "", msg.timestamp)) } else { s.queueOut(ErrUnknown(msg.Acc.Id, "", msg.timestamp)) } return } reply := NoErrCreated(msg.Acc.Id, "", msg.timestamp) desc := &MsgTopicDesc{ CreatedAt: &user.CreatedAt, UpdatedAt: &user.UpdatedAt, DefaultAcs: &MsgDefaultAcsMode{ Auth: user.Access.Auth.String(), Anon: user.Access.Anon.String()}, Public: user.Public, Private: private} reply.Ctrl.Params = map[string]interface{}{ "uid": user.Uid().UserId(), "desc": desc, } s.queueOut(NoErr(msg.Acc.Id, "", msg.timestamp)) } else { s.queueOut(ErrAuthUnknownScheme(msg.Acc.Id, "", msg.timestamp)) return } } } else if !s.uid.IsZero() { // Request to change auth of an existing account. Only basic auth is currently supported for _, auth := range msg.Acc.Auth { if auth.Scheme == "basic" { if err := store.Users.ChangeAuthCredential(s.uid, auth.Scheme, string(auth.Secret)); err != nil { s.queueOut(ErrUnknown(msg.Acc.Id, "", msg.timestamp)) return } s.queueOut(NoErr(msg.Acc.Id, "", msg.timestamp)) } else { s.queueOut(ErrAuthUnknownScheme(msg.Acc.Id, "", msg.timestamp)) return } } } else { // session is not authenticated and this is not an attempt to create a new account s.queueOut(ErrPermissionDenied(msg.Acc.Id, "", msg.timestamp)) return } }