Exemplo n.º 1
0
func (this *Users) Verify(res http.ResponseWriter, req *http.Request, authUser models.AuthUser, render render.Render) {
	if authUser.EmailVerified {
		utils.HttpError(res, 422)
		return
	}

	var data struct{ VerificationCode string }
	if decode(req, render, &data) != nil {
		return
	}

	if authUser.VerificationCode != data.VerificationCode {
		utils.HttpError(res, http.StatusBadRequest)
		return
	}

	query := this.db.Model(&authUser.User).Updates(map[string]interface{}{
		"email_verified":    true,
		"verification_code": "",
	})

	if query.Error != nil {
		utils.HttpError(res, http.StatusInternalServerError)
	}
}
Exemplo n.º 2
0
// Makes sure an authUser is authenticated and optionally verified
func NeedsAuth(checkVerified bool) martini.Handler {
	return func(res http.ResponseWriter, authUser models.AuthUser) {
		if !authUser.IsAuthenticated() || (checkVerified && !authUser.EmailVerified) {
			utils.HttpError(res, http.StatusUnauthorized)
		}
	}
}
Exemplo n.º 3
0
func (this *Users) Search(res http.ResponseWriter, authUser models.AuthUser, render render.Render) {
	users, err := collections.FindMatches(this.db, authUser.User)
	if err != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}
	render.JSON(http.StatusOK, map[string]interface{}{"results": users})
}
Exemplo n.º 4
0
func (this *Users) Register(res http.ResponseWriter, req *http.Request, render render.Render) {
	var user models.RegisterUser
	if decode(req, render, &user) != nil {
		return
	}

	errors := models.NewErrors()
	if err := user.Validate(this.db, errors); err != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}

	if errors.Count() > 0 {
		render.JSON(http.StatusBadRequest, map[string]*models.Errors{"errors": errors})
		return
	}

	if err := user.Geocode(); err != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}

	if err := user.Register(this.db); err != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}

	token, err := models.GenerateApiToken(this.db)
	if err != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}

	user.Token = token
	if this.db.Model(user.User).UpdateColumn("token", token).Error != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}

	user.Password = ""
	render.JSON(http.StatusOK, user)

	go this.sendVerificationCode(user.User)
}
Exemplo n.º 5
0
func (this *Users) RegisterGcm(res http.ResponseWriter, req *http.Request, authUser models.AuthUser, render render.Render) {
	var data struct{ GcmRegid string }
	if decode(req, render, &data) != nil {
		return
	}

	if this.db.Model(&authUser.User).Update("gcm_regid", data.GcmRegid).Error != nil {
		utils.HttpError(res, http.StatusInternalServerError)
	}
}
Exemplo n.º 6
0
func (this *Users) Login(res http.ResponseWriter, req *http.Request, render render.Render) {
	var data struct{ Username, Password string }

	if decode(req, render, &data) != nil {
		return
	}

	user, err := models.GetUserByUsername(this.db, data.Username)
	if err != nil {
		switch err {
		case gorm.RecordNotFound:
			utils.HttpError(res, http.StatusUnauthorized)
		default:
			utils.HttpError(res, http.StatusInternalServerError)
		}
		return
	}

	if auth.NewBcryptHasher().Check(user.Password, data.Password) != nil {
		utils.HttpError(res, http.StatusUnauthorized)
		return
	}

	token, err := models.GenerateApiToken(this.db)
	if err != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}

	user.Token = token
	if this.db.Model(user).UpdateColumn("token", token).Error != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}

	user.Password = ""

	if user.FetchSchedules(this.db) != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}

	if user.FetchSyncs(this.db) != nil {
		utils.HttpError(res, http.StatusInternalServerError)
		return
	}

	render.JSON(http.StatusOK, user)
}
Exemplo n.º 7
0
func AuthenticateUser(db *gorm.DB) martini.Handler {
	return func(res http.ResponseWriter, req *http.Request, c martini.Context) {
		token := req.Header.Get(ApiTokenHeaderKey)
		var authUser models.AuthUser
		if token != "" {
			var err error
			authUser.User, err = models.GetUserByToken(db, token)

			if err == nil {
				authUser.SetAuthenticated(true)
			} else if err != gorm.RecordNotFound {
				utils.HttpError(res, http.StatusInternalServerError)
			}
		}
		c.Map(authUser)
	}
}