func wsAuthenticateUser(w http.ResponseWriter, r *http.Request) {
c := appengine.NewContext(r)
q := r.FormValue("q")
if q == "" {
fmt.Fprintf(w, "ERROR: Error in parameters")
return
}
var cert Cert
json.Unmarshal([]byte(q), &cert)
tok3nInstance := tok3nsdkgo.GetAppEngineTok3nInstance(c, tok3nConfig)
resp, err := tok3nInstance.ValidateAuth(cert.UserKey, q, cert.TransactionId)
if err != nil {
fmt.Fprintf(w, "Error: Error in authentication")
return
}
if resp == "VALID USER" {
user, key, err := getUserAndKey(r)
if err != nil {
fmt.Fprintf(w, "Error: Error in authentication")
return
}
user.Tok3nKey = cert.UserKey
datastore.Put(c, key, user)
}
fmt.Fprintf(w, "%s", resp)
}
func tok3nverify(w http.ResponseWriter, r *http.Request) {
usr := secureWebAccess(w, r)
otp := r.FormValue("tok3n_otp_field")
session := r.FormValue("tok3n_sesion")
sqr := r.FormValue("tok3n_sqr")
if session == "" || (otp == "" && sqr == "") {
fmt.Fprintf(w, "Error: invalid parameters")
return
}
c := appengine.NewContext(r)
tok3nInstance := tok3nsdkgo.GetAppEngineTok3nInstance(c, tok3nConfig)
if otp != "" {
response, err := tok3nInstance.ValidateOTP(usr.Tok3nKey, otp, session)
if err != nil {
fmt.Fprintf(w, "%s", err)
return
}
fmt.Fprintf(w, response)
} else if sqr != "" {
response, err := tok3nInstance.ValidateSqr(usr.Tok3nKey, sqr, session)
if err != nil {
fmt.Fprintf(w, "%s", err)
return
}
fmt.Fprintf(w, response)
}
}
func rootWS(w http.ResponseWriter, r *http.Request) {
usr := secureWebAccess(w, r)
validateSecureAccessWithTok3n(w, r, usr)
c := appengine.NewContext(r)
tok3nInstance := tok3nsdkgo.GetAppEngineTok3nInstance(c, tok3nConfig)
c.Infof("aver: %v\n", tok3nInstance)
fmt.Fprintf(w, "<html>")
if usr.Tok3nKey == "" {
accessurl, err := tok3nInstance.GetAccessUrl(fmt.Sprintf("%s/tok3nreturn", mydomain), usr.Username)
c.Infof("tok3n access url %s. user %v", accessurl, usr)
if err != nil {
c.Infof("Error getting the Tok3n Access Url: '%v'", err)
} else {
s := []string{"<div>Did you want to add more security to your account. <a href='", accessurl, "'>YES PLEAE!!!!</a></div>"}
//addedtext = strings.Join(s,"")
fmt.Fprint(w, strings.Join(s, ""))
}
}
/*
addedtext := ""
/*if usr.Tok3nKey == ""{
accessurl, err := tok3nInstance.GetAccessUrl(fmt.Sprintf("%s/tok3ncallback",mydomain),usr.Username)
if err != nil{
c.Infof("Error getting the Tok3n Access Url: '%v'",err)
}else{
addedtext = fmt.Sprintf("<div>Did you want to add more security to your account. <a href='%s'>YES PLEAE!!!!</a></div>",accessurl)
}
}*/
resp := fmt.Sprintf("<br />Here comes the service</html>")
fmt.Fprintf(w, resp)
}
func askForTok3n(w http.ResponseWriter, r *http.Request) {
//fmt.Fprintf(w,"hello")
usr := secureWebAccess(w, r)
if usr.Tok3nKey == "" {
fmt.Fprintf(w, "There are session errors reset your cookies or wait an hour")
return
}
c := appengine.NewContext(r)
tok3nInstance := tok3nsdkgo.GetAppEngineTok3nInstance(c, tok3nConfig)
s := []string{"<html><form action=\"/login.tok3nverify\"><div id=\"tok3n_placeholder\"></div><script language=\"javascript\" src='", tok3nInstance.GetJsClientUrl__v1_5("Login", usr.Tok3nKey), "' ></script></form></html>"}
fmt.Fprint(w, strings.Join(s, ""))
}