Exemplo n.º 1
1
func (r *Resource) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	reader, err := req.MultipartReader()
	if err != nil {
		return ctx.BadRequest(rw, c.T("media.uploadresource.could_not_upload_file"))
	}
	var tempFile *os.File
	for {
		part, err := reader.NextPart()
		if err == io.EOF {
			break
		}

		tempFile, err = ioutil.TempFile(os.TempDir(), "spa")
		if err != nil {
			return ctx.InternalServerError(rw, c.T("media.uploadresource.could_not_create_temp_file"))
		}
		defer tempFile.Close()

		_, err = io.Copy(tempFile, part)
		if err != nil {
			break
		}
	}
	return ctx.Created(rw, tempFile.Name())
}
Exemplo n.º 2
0
func (r *Complete) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	db := c.Vars["db"].(*pg.Session)

	// decode request data
	var form struct {
		Password      string   `json:"password"`
		PasswordAgain string   `json:"passwordAgain"`
		ValidKey      ValidKey `json:"validKey"`
	}
	err := json.NewDecoder(req.Body).Decode(&form)
	if err != nil {
		return ctx.BadRequest(rw, c.T("reset.complete.unable_to_change"))
	}

	// validate the passwords
	if form.Password != form.PasswordAgain {
		return ctx.BadRequest(rw, c.T("reset.complete.mismatch"))
	}

	// validate the key again
	resetToken, err := getToken(db, form.ValidKey.Key)
	if err != nil || !resetToken.Valid() {
		return ctx.BadRequest(rw, c.T("reset.token.invalid_key"))
	}

	// get user from db
	u, err := user.GetById(db, resetToken.UserId)
	if err != nil {
		return ctx.InternalServerError(rw, c.T("reset.complete.user_not_found"))
	}

	// encode user password
	err = u.Password.Encode(form.Password)
	if err != nil {
		return ctx.InternalServerError(rw, c.T("reset.complete.could_not_change_password"))
	}

	// change user data in database
	err = user.Update(db, u)
	if err != nil {
		return ctx.InternalServerError(rw, c.T("reset.complete.could_not_change_password"))
	}

	// invalidate token
	err = updateToken(db, resetToken)
	if err != nil {
		log.Errorf("Unable to invalidate token: %s", err)
	}

	return ctx.OK(rw, u)
}
Exemplo n.º 3
0
func (r *SignUp) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	db := c.Vars["db"].(*pg.Session)

	// decode request data
	var form struct {
		FirstName     string `json:"firstName"`
		LastName      string `json:"lastName"`
		Email         string `json:"email"`
		Password      string `json:"password"`
		PasswordAgain string `json:"passwordAgain"`
	}
	err := json.NewDecoder(req.Body).Decode(&form)
	if err != nil {
		log.Errorf("Could not parse request data: %s", err)
		return ctx.BadRequest(rw, c.T("user.signup.could_not_parse_request_data"))
	}

	// check whether the email address is already taken
	_, err = user.GetByEmail(db, form.Email)
	if err == nil {
		return ctx.BadRequest(rw, c.T("user.signup.email_taken"))
	} else if err != pg.ERecordNotFound {
		log.Errorf("Could not query user: %s", err)
		return ctx.InternalServerError(rw, c.T("user.signup.could_not_query_user"))
	}

	// password validation
	if form.Password != form.PasswordAgain {
		return ctx.BadRequest(rw, c.T("user.signup.passwords_mismatch"))
	}

	// create new user
	u, err := user.Create(
		db,
		form.Email,
		form.Password,
		&user.UserJsonData{
			FirstName: form.FirstName,
			LastName:  form.LastName,
		},
	)
	if err != nil {
		return ctx.InternalServerError(rw, c.T("user.signup.could_not_create_user"))
	}

	// return created user data
	return ctx.Created(rw, u)
}
Exemplo n.º 4
0
func Response(c *ctx.Context, rw http.ResponseWriter, token *jwt.Token) error {
	tokenString, err := ctx.SignToken(token)
	if err != nil {
		return ctx.InternalServerError(rw, c.T("user.token.problem_signing_token"))
	}
	return ctx.OK(rw, map[string]string{"token": tokenString})
}
Exemplo n.º 5
0
func (r *Resource) PUT(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	db := c.Vars["db"].(*pg.Session)
	vars := mux.Vars(req)
	id := vars["id"]

	// decode request data
	var form = &MediaForm{}
	err := json.NewDecoder(req.Body).Decode(form)
	if err != nil {
		log.Errorf("Could not parse request data: %s", err)
		return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_parse_request_data"))
	}

	// get location from database
	loc, err := location.GetById(db, form.LocationId)
	if err != nil {
		log.Errorf("Could not locate the requested location: %s", err)
		return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_locate_requested_location"))
	}

	// get media type from database
	mediatype, err := mediatype.GetById(db, form.MediatypeId)
	if err != nil {
		log.Errorf("Could not locate the requested media type: %s", err)
		return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_locate_requested_media_type"))
	}

	// move the uploaded file to the right place
	var dstPath string
	dstPath, err = mediaupload.MoveFile(loc, mediatype, form.Path)
	if err != nil {
		log.Errorf("Could not process the uploaded file: %s", err)
		return ctx.InternalServerError(rw, c.T("media.mediaitemresource.could_not_process_uploaded_file"))
	}

	// get media from database
	entity, err := db.FindOne(&Model{}, "id = $1", id)
	if err != nil {
		log.Errorf("Could not query media id %s: %v", id, err)
		return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_query_media"))
	}
	media := entity.(*Model)

	// update the media
	media.Name = form.Name
	media.LocationId = form.LocationId
	media.MediatypeId = form.MediatypeId
	media.Path = dstPath
	media.EncodeData(loc, mediatype)
	err = db.Update(media)
	if err != nil {
		log.Errorf("Could not edit media %s: %v", form.Name, err)
		return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_edit_media"))
	}

	return ctx.OK(rw, media)
}
Exemplo n.º 6
0
func (r *Collection) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	db := c.Vars["db"].(*pg.Session)

	// decode request data
	var form = &MediaForm{}
	err := json.NewDecoder(req.Body).Decode(form)
	if err != nil {
		log.Errorf("Could not parse request data: %s", err)
		return ctx.BadRequest(rw, c.T("media.mediaresource.could_not_parse_request_data"))
	}

	// get location from database
	loc, err := location.GetById(db, form.LocationId)
	if err != nil {
		log.Errorf("Could not locate the requested location: %s", err)
		return ctx.BadRequest(rw, c.T("media.mediaresource.could_not_locate_the_requested_location"))
	}

	// get media type from database
	mt, err := mediatype.GetById(db, form.MediatypeId)
	if err != nil {
		log.Errorf("Could not locate the requested media type: %s", err)
		return ctx.BadRequest(rw, c.T("media.mediaresource.could_not_locate_the_requested_media_type"))
	}

	// move the uploaded file to the right place
	var dstPath string
	dstPath, err = mediaupload.MoveFile(loc, mt, form.Path)
	if err != nil {
		log.Errorf("Could not process the uploaded file: %s", err)
		return ctx.InternalServerError(rw, c.T("media.mediaresource.could_not_process_uploaded_file"))
	}

	// create new media
	media := &Model{
		Name:        form.Name,
		MediatypeId: form.MediatypeId,
		LocationId:  form.LocationId,
		Path:        dstPath,
	}
	err = db.Create(media)
	if err != nil {
		log.Errorf("Could not create media %s: %v", form.Name, err)
		return ctx.BadRequest(rw, c.T("media.mediaresource.could_not_create_media"))
	}
	return ctx.Created(rw, media)
}
Exemplo n.º 7
0
func (r *Resource) DELETE(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	db := c.Vars["db"].(*pg.Session)
	vars := mux.Vars(req)
	id := vars["id"]

	media, err := db.FindOne(&Model{}, "id = $1", id)
	if err != nil {
		log.Errorf("Could not query media id %s: %v", id, err)
		return ctx.BadRequest(rw, c.T("media.mediaitemresource.could_not_query_media"))
	}
	err = db.Delete(media)
	if err != nil {
		log.Errorf("Could not delete media %s: %v", id, err)
		return ctx.InternalServerError(rw, c.T("media.mediaitemresource.could_not_delete_media"))
	}
	return ctx.NoContent(rw)
}
Exemplo n.º 8
0
func (r *Resource) DELETE(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	vars := mux.Vars(req)
	id := vars["id"]

	db := c.Vars["db"].(*pg.Session)

	grp, err := db.FindOne(&Model{}, "id = $1", id)
	if err != nil {
		log.Errorf("Could not query group id %s: %v", id, err)
		return ctx.BadRequest(rw, c.T("group.api.could_not_query_group"))
	}
	err = db.Delete(grp)
	if err != nil {
		log.Errorf("Could not delete group %s: %v", id, err)
		return ctx.InternalServerError(rw, c.T("group.api.could_not_delete_group"))
	}
	return ctx.NoContent(rw)
}
Exemplo n.º 9
0
func (r *Profile) GET(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	db := c.Vars["db"].(*pg.Session)

	// get user id from current token
	userId, found := c.Token.Claims["uid"]
	if !found {
		return ctx.BadRequest(rw, c.T("user.me.could_not_extract"))
	}

	// query user data
	user, err := GetById(db, int64(userId.(float64)))
	if err != nil {
		log.Errorf("Could not query user: %v", err)
		return ctx.InternalServerError(rw, c.T("user.me.could_not_query"))
	}

	// return user data
	return ctx.OK(rw, user)
}
Exemplo n.º 10
0
func (r *Renew) POST(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	db := c.Vars["db"].(*pg.Session)

	// get user id from the current token
	userId, found := c.Token.Claims["uid"]
	if !found {
		return ctx.BadRequest(rw, c.T("user.token.could_not_extract"))
	}

	// check if user is still valid
	user, err := user.GetById(db, int64(userId.(float64)))
	if err != nil {
		log.Errorf("Could not query user: %v", err)
		return ctx.InternalServerError(rw, c.T("user.token.could_not_query"))
	}

	// generate new token
	return Response(c, rw, New(user))

}
Exemplo n.º 11
0
func (r *Profile) PUT(c *ctx.Context, rw http.ResponseWriter, req *http.Request) error {
	db := c.Vars["db"].(*pg.Session)

	// decode request data
	var form struct {
		Id       null.Int     `json:"id"`
		Email    string       `json:"email"`
		JsonData UserJsonData `json:"jsonData,omitempty"`
	}
	err := json.NewDecoder(req.Body).Decode(&form)
	if err != nil {
		return ctx.BadRequest(rw, c.T("user.me.could_not_decode_profile_data"))
	}

	// query user data
	u, err := GetById(db, form.Id.Int64)
	if err != nil {
		log.Errorf("Could not query user: %v", err)
		return ctx.InternalServerError(rw, c.T("user.me.could_not_query"))
	}

	// get the json data from user
	jsonData, err := u.DecodeJsonData()
	if err != nil {
		return ctx.BadRequest(rw, c.T("user.me.could_not_decode_json_data"))
	}

	// update the user
	u.Email = form.Email
	jsonData.FirstName = form.JsonData.FirstName
	jsonData.LastName = form.JsonData.LastName
	u.JsonData.Encode(jsonData)
	Update(db, u)

	// return user data
	return ctx.OK(rw, u)
}