// ValidateClaim validate the JWT token and return the user model
// decoded from the claim
func ValidateClaim(certs *Certs, token string) (*models.User, error) {
usr := new(models.User)
w, err := jws.ParseJWT([]byte(token))
if err != nil {
return nil, err
}
if err := w.Validate(certs.PublicKey, crypto.SigningMethodRS512); err != nil {
return nil, err
}
_, isExpired := w.Claims().Expiration()
if !isExpired {
return nil, ErrTokenExpired
}
usr.Email = extractKey("email", w.Claims())
usr.Login = extractKey("login", w.Claims())
usr.ID = extractKey("user_id", w.Claims())
return usr, nil
}
func (ur UserResource) createUser(req *restful.Request, resp *restful.Response) {
usr := new(models.User)
err := req.ReadEntity(usr)
if err != nil {
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
return
}
allErrs := validation.ValidateUserRegister(usr)
if len(allErrs) != 0 {
resp.WriteHeaderAndEntity(http.StatusBadRequest, validationErrors("validation failed", allErrs))
return
}
exists, err := ur.store.Exists(models.StringValue(usr.Login))
if err != nil {
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
return
}
if exists {
resp.WriteHeaderAndEntity(http.StatusConflict, errorMsg("User already exists."))
return
}
// hash the password
pass := models.StringValue(usr.Password)
pass, err = util.HashPassword(pass)
if err != nil {
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
return
}
usr.Password = models.String(pass)
nusr, err := ur.store.Create(usr)
if err != nil {
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
return
}
nusr.Password = nil
resp.WriteHeaderAndEntity(http.StatusCreated, nusr)
}
func (ur UserResource) updateUser(req *restful.Request, resp *restful.Response) {
userid, ok := req.Attribute("user_id").(string)
if !ok {
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
return
}
cusr, err := ur.store.GetByID(userid)
if err != nil {
resp.WriteHeaderAndEntity(http.StatusNotFound, errorMsg("User not found."))
return
}
usr := new(models.User)
err = req.ReadEntity(usr)
if err != nil {
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
return
}
// ensure the userid is trusted
usr.ID = models.String(userid)
allErrs := validation.ValidateUserUpdate(usr, cusr)
if len(allErrs) != 0 {
resp.WriteHeaderAndEntity(http.StatusBadRequest, validationErrors("validation failed", allErrs))
return
}
err = ur.store.Update(usr)
if err != nil {
resp.WriteHeaderAndEntity(http.StatusInternalServerError, errorMsg("Server error."))
return
}
usr.Password = nil
resp.WriteEntity(usr)
}
// Create create the user in RethinkDB
func (us *UserStoreRethinkDB) Create(user *models.User) (*models.User, error) {
resp, err := r.DB(DBName).Table(TableName).Insert(user).RunWrite(us.session)
if err != nil {
return nil, err
}
user.ID = models.String(resp.GeneratedKeys[0])
return user, nil
}
// Create create a new user in the system with the given information
func (usl *UserStoreLocal) Create(user *models.User) (*models.User, error) {
var id string
// check for unique login
if usl.loginExists(models.StringValue(user.Login)) {
return nil, ErrUserAlreadyExists
}
if user.ID == nil {
id = newID()
user.ID = models.String(id)
} else {
id = models.StringValue(user.ID)
}
usl.users[id] = user
return user, nil
}
