// Register takes a doc and attempts to create a new user
func Register(registerDoc map[string]interface{}) error {
// Make sure we have all the properties we need
err := checkPropsExist(registerDoc)
if err != nil {
return err
}
// Get the properties we need
id := registerDoc["username"].(string)
email := registerDoc["email"].(string)
password := registerDoc["password"].(string)
reCAPTCHA := registerDoc["g-recaptcha-response"].(string)
// Make sure the user does not exist already
doc, err := api.GetUser(variables.ServiceDBURL, variables.BackendToken, id)
if doc != nil {
return errors.New("Username is already taken")
}
// Verify with google reCAPTCHA
err = recaptcha.Verify(variables.RecaptchaSecret, reCAPTCHA)
if err != nil {
return errors.New(err.Error())
}
// Hashing the password
hashedPassword, err := bcrypt.GenerateFromPassword(
[]byte(password),
variables.BcryptCost,
)
if err != nil {
return err
}
// Take only the parts we care about and save them
saveUser := map[string]interface{}{
"_id": id,
"email": email,
"password": string(hashedPassword),
}
_, err = api.SaveUser(variables.ServiceDBURL, variables.BackendToken, id, saveUser)
if err != nil {
return err
}
// Take only the parts we care about and save them
saveAccount := map[string]interface{}{
"_id": id,
"email": email,
}
doc, err = api.SaveAccount(variables.ServiceDBURL, variables.BackendToken, id, saveAccount)
if err != nil {
return err
}
log.Println("User registered", saveUser)
return nil
}
// GetUser returns the accounts for an id
func GetUser(w rest.ResponseWriter, r *rest.Request) {
id := r.PathParam("id")
doc, err := api.GetUser(variables.ServiceUserURL, r.Env["JWT_RAW"].(string), id)
if err != nil {
rest.Error(w, err.Error(), http.StatusNotFound)
return
}
if doc == nil {
w.(http.ResponseWriter).Write(variables.BlankResponse)
return
}
w.WriteJson(doc)
}
// GetUser returns the user for an id
func GetUser(w rest.ResponseWriter, r *rest.Request) {
id := r.PathParam("id")
if r.Env["REMOTE_USER"].(string) != id {
err := errors.New("Can only access your own user account")
rest.Error(w, err.Error(), http.StatusUnauthorized)
}
doc, err := api.GetUser(variables.ServiceDBURL, r.Env["JWT_RAW"].(string), id)
if err != nil {
rest.Error(w, err.Error(), http.StatusNotFound)
return
}
if doc == nil {
w.(http.ResponseWriter).Write(variables.BlankResponse)
return
}
w.WriteJson(doc)
}
// Login checks a users password for a match an returns a token if it is
func Login(id, password string) error {
// Get the users account
doc, err := api.GetUser(variables.ServiceDBURL, variables.BackendToken, id)
if err != nil || doc == nil {
return errors.New("Could not find username")
}
// Comparing the password with the hash
realPasswordString, ok := (*doc)["password"].(string)
if ok != true {
return errors.New("No password for user")
}
realPassword := []byte(realPasswordString)
err = bcrypt.CompareHashAndPassword(realPassword, []byte(password))
if err != nil {
return err
}
return nil
}