// GetAllSessions retrieves all the sessions for a certain user account
func (a *AuthAPI) GetAllSessions(params *api.Request) api.Response {
userID, found, err := filter.GetIDParameter("token", params.Form)
if !found {
return api.BadRequest(api.ErrIDParamNotSpecified)
}
if err != nil {
return api.InternalServerError(err)
}
userSessions, err := cookies.GetUserSessions(userID)
if err != nil {
return api.InternalServerError(err)
}
return api.JSONResponse(http.StatusOK, userSessions)
}
// KillSession deletes a session for an existing user account based on
// the session token
func (a *AuthAPI) KillSession(params *api.Request) api.Response {
sessionToken, found := filter.GetStringParameter("token", params.Form)
if !found || len(sessionToken) == 0 {
return api.BadRequest(ErrTokenNotSpecified)
}
session, err := cookies.GetSession(sessionToken)
if err != nil {
return api.InternalServerError(err)
}
err = session.Delete()
if err != nil {
return api.InternalServerError(err)
}
return api.StatusResponse(http.StatusOK)
}
// CreateTransaction creates a new Transaction
func CreateTransaction(transaction *models.Transaction) api.Response {
if !apifilter.CheckTransactionIntegrity(transaction) {
return api.BadRequest(api.ErrEntityIntegrity)
}
dbTransaction := transaction.Collapse()
if dbTransaction == nil {
return api.InternalServerError(api.ErrEntityProcessing)
}
err := transactionservice.CreateTransaction(dbTransaction)
if err != nil {
return api.InternalServerError(api.ErrEntityProcessing)
}
transaction.ID = dbTransaction.ID
return api.JSONResponse(http.StatusCreated, transaction)
}
// RequestResetPassword sends an email with a special token that will be used for resetting the password
func (a *AuthAPI) RequestResetPassword(params *api.Request) api.Response {
var model = RequestResetPasswordModel{}
var err = util.DeserializeJSON(params.Body, &model)
if err != nil {
return api.BadRequest(api.ErrEntityFormat)
}
err = auth.RequestResetPassword(model.Email, model.PasswordResetServiceLink)
if err != nil {
return api.InternalServerError(err)
}
return api.StatusResponse(http.StatusOK)
}
// ResendAccountActivationEmail resends the email with the details for activating their user account
func (a *AuthAPI) ResendAccountActivationEmail(params *api.Request) api.Response {
var model = ResendActivationEmailModel{}
var err = util.DeserializeJSON(params.Body, &model)
if err != nil {
return api.BadRequest(api.ErrEntityFormat)
}
err = auth.ResendAccountActivationEmail(model.Email, model.ActivateAccountServiceLink)
if err != nil {
return api.InternalServerError(err)
}
return api.StatusResponse(http.StatusOK)
}
// CreateAppUser is an endpoint used for creating application users
func (v *DevAPI) CreateAppUser(params *api.Request) api.Response {
model := &AppUserModel{}
err := util.DeserializeJSON(params.Body, model)
if err != nil {
return api.BadRequest(api.ErrEntityFormat)
}
var activationServiceLink = config.HTTPServerAddress + config.APIInstance + "dev/ActivateAppUser?token=%s"
user, err := auth.CreateAppUser(model.Email, model.Password, model.AccountType, activationServiceLink)
if err != nil {
return api.InternalServerError(err)
}
return api.JSONResponse(http.StatusOK, user)
}
// ResetPassword resets an user account's password
func (a *AuthAPI) ResetPassword(params *api.Request) api.Response {
var model = ResetPasswordModel{}
var err = util.DeserializeJSON(params.Body, &model)
if err != nil {
return api.BadRequest(api.ErrEntityFormat)
}
if model.Password != model.PasswordConfirmation {
return api.BadRequest(errPasswordsDoNotMatch)
}
err = auth.ResetPassword(model.Token, model.Password)
if err != nil {
if err == auth.ErrResetPasswordTokenExpired {
return api.BadRequest(err)
}
return api.InternalServerError(err)
}
return api.StatusResponse(http.StatusOK)
}
