func login(w http.ResponseWriter, req *http.Request, ctx *Context) error { uid, password := req.FormValue("username"), req.FormValue("password") // log.Printf("accept: %v (%d)", req.Header["Accept"], len(req.Header["Accept"])) res := make(osin.ResponseData) if !backends.Authenticate(uid, password) { // ctx.Session.AddFlash("Invalid Username/Password") res["ok"] = false res["error"] = map[string]string{"message": "Invalid Username/Password", "field": "password"} return outputJson(res, w) } staff, err := backends.GetStaff(uid) if err != nil { res["ok"] = false res["error"] = map[string]string{"message": "Load user failed"} return outputJson(res, w) } //store the user id in the values and redirect to welcome user := UserFromStaff(staff) user.Refresh() ctx.Session.Values[kUserOL] = user ctx.Session.Values[kLastUid] = staff.Uid res["ok"] = true res["referer"] = ctx.Referer return outputJson(res, w) // http.Redirect(w, req, reverse("welcome"), http.StatusSeeOther) }
func profileForm(w http.ResponseWriter, req *http.Request, ctx *Context) error { if ctx.User == nil || ctx.User.IsExpired() { http.Redirect(w, req, reverse("login"), http.StatusTemporaryRedirect) return nil } staff, err := backends.GetStaff(ctx.User.Uid) if err != nil { return err } return T("profile.html").Execute(w, map[string]interface{}{ "ctx": ctx, "staff": staff, }) }
// Information endpoint func oauthInfo(w http.ResponseWriter, r *http.Request, ctx *Context) (err error) { resp := server.NewResponse() defer resp.Close() if ir := server.HandleInfoRequest(resp, r); ir != nil { debugf("ir Code %s Token %s", ir.Code, ir.AccessData.AccessToken) var ( uid string topic = ctx.Vars["topic"] ) uid = ir.AccessData.UserData.(string) staff, err := backends.GetStaff(uid) if err != nil { resp.SetError("get_user_error", "staff not found") resp.InternalError = err } else { resp.Output["uid"] = uid if strings.HasPrefix(topic, "me") { resp.Output["me"] = staff if len(topic) > 2 && strings.Index(topic, "+") == 2 { // TODO: search group topic[2:] } } else if topic == "staff" { resp.Output["staff"] = staff } } server.FinishInfoRequest(resp, r, ir) } if resp.IsError && resp.InternalError != nil { log.Printf("info ERROR: %s\n", resp.InternalError) } osin.OutputJSON(resp, w, r) return resp.InternalError }
// Access token endpoint func oauthToken(w http.ResponseWriter, r *http.Request, ctx *Context) (err error) { resp := server.NewResponse() defer resp.Close() var ( uid string = "" user *User ) if ar := server.HandleAccessRequest(resp, r); ar != nil { debugf("ar Code %s Scope %s", ar.Code, ar.Scope) switch ar.Type { case osin.AUTHORIZATION_CODE: uid = ar.UserData.(string) staff, err := backends.GetStaff(uid) if err != nil { resp.SetError("get_user_error", "staff not found") resp.InternalError = err } else { user = UserFromStaff(staff) } ar.Authorized = true case osin.REFRESH_TOKEN: ar.Authorized = true case osin.PASSWORD: if Settings.HttpListen == "localhost:3000" && ar.Username == "test" && ar.Password == "test" { ar.UserData = "test" ar.Authorized = true break } if !backends.Authenticate(ar.Username, ar.Password) { resp.SetError("authentication_failed", err.Error()) break } staff, err := backends.GetStaff(ar.Username) if err != nil { // resp.InternalError = err resp.SetError("get_user_failed", err.Error()) break } ar.Authorized = true ar.UserData = staff.Uid user = UserFromStaff(staff) case osin.CLIENT_CREDENTIALS: ar.Authorized = true case osin.ASSERTION: if ar.AssertionType == "urn:osin.example.complete" && ar.Assertion == "osin.data" { ar.Authorized = true } } server.FinishAccessRequest(resp, r, ar) } if resp.IsError && resp.InternalError != nil { log.Printf("token ERROR: %s\n", resp.InternalError) } if !resp.IsError { if uid != "" { resp.Output["uid"] = uid resp.Output["is_keeper"] = IsKeeper(uid) } if user != nil { resp.Output["user"] = user } } debugf("oauthToken resp: %v", resp) osin.OutputJSON(resp, w, r) return resp.InternalError }