Exemplo n.º 1
0
// Register takes a doc and attempts to create a new user
func Register(registerDoc map[string]interface{}) error {
	// Make sure we have all the properties we need
	err := checkPropsExist(registerDoc)
	if err != nil {
		return err
	}
	// Get the properties we need
	id := registerDoc["username"].(string)
	email := registerDoc["email"].(string)
	password := registerDoc["password"].(string)
	reCAPTCHA := registerDoc["g-recaptcha-response"].(string)
	// Make sure the user does not exist already
	doc, err := api.GetUser(variables.ServiceDBURL, variables.BackendToken, id)
	if doc != nil {
		return errors.New("Username is already taken")
	}
	// Verify with google reCAPTCHA
	err = recaptcha.Verify(variables.RecaptchaSecret, reCAPTCHA)
	if err != nil {
		return errors.New(err.Error())
	}

	// Hashing the password
	hashedPassword, err := bcrypt.GenerateFromPassword(
		[]byte(password),
		variables.BcryptCost,
	)
	if err != nil {
		return err
	}

	// Take only the parts we care about and save them
	saveUser := map[string]interface{}{
		"_id":      id,
		"email":    email,
		"password": string(hashedPassword),
	}

	_, err = api.SaveUser(variables.ServiceDBURL, variables.BackendToken, id, saveUser)
	if err != nil {
		return err
	}

	// Take only the parts we care about and save them
	saveAccount := map[string]interface{}{
		"_id":   id,
		"email": email,
	}

	doc, err = api.SaveAccount(variables.ServiceDBURL, variables.BackendToken, id, saveAccount)
	if err != nil {
		return err
	}
	log.Println("User registered", saveUser)
	return nil
}
Exemplo n.º 2
0
// GetUser returns the accounts for an id
func GetUser(w rest.ResponseWriter, r *rest.Request) {
	id := r.PathParam("id")
	doc, err := api.GetUser(variables.ServiceUserURL, r.Env["JWT_RAW"].(string), id)
	if err != nil {
		rest.Error(w, err.Error(), http.StatusNotFound)
		return
	}
	if doc == nil {
		w.(http.ResponseWriter).Write(variables.BlankResponse)
		return
	}
	w.WriteJson(doc)
}
Exemplo n.º 3
0
// GetUser returns the user for an id
func GetUser(w rest.ResponseWriter, r *rest.Request) {
	id := r.PathParam("id")
	if r.Env["REMOTE_USER"].(string) != id {
		err := errors.New("Can only access your own user account")
		rest.Error(w, err.Error(), http.StatusUnauthorized)
	}
	doc, err := api.GetUser(variables.ServiceDBURL, r.Env["JWT_RAW"].(string), id)
	if err != nil {
		rest.Error(w, err.Error(), http.StatusNotFound)
		return
	}
	if doc == nil {
		w.(http.ResponseWriter).Write(variables.BlankResponse)
		return
	}
	w.WriteJson(doc)
}
Exemplo n.º 4
0
// Login checks a users password for a match an returns a token if it is
func Login(id, password string) error {
	// Get the users account
	doc, err := api.GetUser(variables.ServiceDBURL, variables.BackendToken, id)
	if err != nil || doc == nil {
		return errors.New("Could not find username")
	}
	// Comparing the password with the hash
	realPasswordString, ok := (*doc)["password"].(string)
	if ok != true {
		return errors.New("No password for user")
	}
	realPassword := []byte(realPasswordString)
	err = bcrypt.CompareHashAndPassword(realPassword, []byte(password))
	if err != nil {
		return err
	}
	return nil
}