/// Authorize make sure the incoming user is allowed to be here.
func Authorize() gin.HandlerFunc {
return func(c *gin.Context) {
var t struct {
Token string `form:"token" json:"token" binding:"required"`
}
t.Token = c.Request.Header.Get("Authorization")
// fmt.Printf("request headers are %v", c.Request.Header)
// if c.Copy().BindJSON(&t) != nil {
// respondWithError(http.StatusForbidden, "Forbidden.", c)
// return
//
// }
if t.Token == "" {
respondWithError(http.StatusForbidden, "Forbidden..", c)
return
}
session, err := GlobalSessions.SessionStart(c.Writer, c.Request)
if err != nil {
fmt.Println("Failed to get session: ", err)
respondWithError(http.StatusForbidden, "Forbidden...", c)
return
}
defer session.SessionRelease(c.Writer)
if t.Token != session.Get("token") {
fmt.Printf("The incoming token %v does not match session token %v\n", t.Token, session.Get("token"))
respondWithError(http.StatusForbidden, "Forbidden...", c)
return
}
createTime := session.Get("createTime")
if createTime == nil {
createTime = time.Now().Unix()
session.Set("createTime", createTime)
} else if (createTime.(int64) + 300) < (time.Now().Unix()) {
session = GlobalSessions.SessionRegenerateId(c.Writer, c.Request)
session.Set("createTime", time.Now().Unix())
defer session.SessionRelease(c.Writer)
fmt.Println("Recycled session. Email: ", session.Get("email"))
}
c.Next()
}
}
// ProcessLogin allow peeps to login
func ProcessLogin(c *gin.Context) {
var login Login
if c.BindJSON(&login) == nil {
pretty.Println(login)
user, err := models.FindUserByEmail(login.Email)
if user.ID.Valid() && err == nil {
goodToGo := false
goodToGo = ComputeHmac256(login.Password, getSecret(user.Salt)) == user.HashedPassword
if !goodToGo {
// if we cannot verify hmac 256 it maybe an old user account using the old style passwords, let us verify and update
if ComputeSHA1(login.Password, user.Salt) == user.HashedPassword {
go user.SetPassword(ComputeHmac256(login.Password, getSecret(user.Salt)))
goodToGo = true
}
}
if goodToGo {
session, err := GlobalSessions.SessionStart(c.Writer, c.Request)
defer session.SessionRelease(c.Writer)
if err != nil {
fmt.Println("error starting session: ", err)
c.JSON(http.StatusForbidden, gin.H{"status": "Forbidden"})
return
}
session.Set("createTime", time.Now().Unix())
session.Set("email", login.Email)
t := Token()
session.Set("token", t)
fmt.Println("set session to ", session.Get("email"), session.Get("token"), session.SessionID())
fmt.Println(user)
if user.Customers == nil {
customer, err := models.FindCustomerByName("eStratEx")
if err != nil {
fmt.Println("Error getting customer", err)
} else {
user.Customers = append(user.Customers, customer.ID)
go func() {
user.Update()
}()
}
}
c.JSON(http.StatusOK, gin.H{"status": "OK", "token": t, "createTime": session.Get("createTime")})
return
}
c.JSON(http.StatusForbidden, gin.H{"status": "Forbidden"})
} else {
c.JSON(http.StatusNotFound, gin.H{"status": "Not Found"})
}
} else {
c.JSON(http.StatusNotFound, gin.H{"status": "Not Found"})
}
}