// Error is an error/panic handler middleware.
// Any error/panic is recovered and logged and the error response is returned to the user (auto-generated if none was set).
func Error(ctx *neptulon.ReqCtx) error {
errored := false
if err := ctx.Next(); err != nil {
errored = true
log.Printf("mw: error: error handling response: %v", err)
}
if err := recover(); err != nil {
errored = true
const size = 64 << 10
buf := make([]byte, size)
buf = buf[:runtime.Stack(buf, false)]
log.Printf("mw: error: panic handling response: %v\nstack trace: %s", err, buf)
}
if errored {
if ctx.Err == nil {
ctx.Err = &neptulon.ResError{
Code: 500,
Message: "Internal server error.",
}
}
return ctx.Next()
}
return nil
}
// googleAuth authenticates a user with Google+ using provided OAuth 2.0 access token.
// If authenticated successfully, user profile is retrieved from Google+ and user is given a JWT token in return.
func googleAuth(ctx *neptulon.ReqCtx, db DB, pass string) error {
var r tokenContainer
if err := ctx.Params(&r); err != nil || r.Token == "" {
ctx.Err = &neptulon.ResError{Code: 666, Message: "Malformed or null Google oauth access token was provided."}
return fmt.Errorf("auth: google: malformed or null Google oauth token '%v' was provided: %v", r.Token, err)
}
p, err := getTokenInfo(r.Token)
if err != nil {
ctx.Err = &neptulon.ResError{Code: 666, Message: "Failed to authenticated with the given Google oauth access token."}
return fmt.Errorf("auth: google: error during Google API call using provided token: %v with error: %v", r.Token, err)
}
// retrieve user information
user, ok := db.GetByMail(p.Email)
if !ok {
// this is a first-time registration so create user profile via Google+ profile info
user = &User{Email: p.Email, Name: p.Name, Picture: p.Picture, Registered: time.Now()}
// save the user information for user ID to be generated by the database
if err := db.SaveUser(user); err != nil {
return fmt.Errorf("auth: google: failed to persist user information: %v", err)
}
// create the JWT token
token := jwt.New(jwt.SigningMethodHS256)
token.Claims["userid"] = user.ID
token.Claims["created"] = user.Registered.Unix()
user.JWTToken, err = token.SignedString([]byte(pass))
if err != nil {
return fmt.Errorf("auth: google: jwt signing error: %v", err)
}
// now save the full user info
if err := db.SaveUser(user); err != nil {
return fmt.Errorf("auth: google: failed to persist user information: %v", err)
}
// store user ID in session so user can make authenticated call after this
ctx.Conn.Session.Set("userid", user.ID)
}
ctx.Res = gAuthRes{ID: user.ID, Token: user.JWTToken, Name: user.Name, Email: user.Email, Picture: user.Picture}
ctx.Session.Set(middleware.CustResLogDataKey, gAuthRes{ID: user.ID, Token: user.JWTToken, Name: user.Name, Email: user.Email})
log.Printf("auth: google: logged in: %v, %v", p.Name, p.Email)
return nil
}
