// createProfile receives a hash and an optional username.
// If there is a username, it must be unique.
func createProfile(u *url.URL, h http.Header, r *Auth) (int, http.Header, Response, error) {
var err error
p := new(profile.Profile)
a := profile.NewAuth(r.Hash, r.Username)
// if Getting an Auth succeeds, there was an existing row
err = a.Get()
if err == nil {
return error400("auth exists", "hash:", *r.Hash)
}
a.Name = r.Name
err = p.Create()
if err != nil {
return error500("db failure: p56", err.Error())
}
a.Profile = p.Id
err = a.Create()
if err != nil {
return error500("db failure: p62", err.Error())
}
// if all is well...
oh := http.Header{}
oh.Add(ChuteToken, *a.Token)
response := Profile{Id: p.Id, Created: p.Created}
return http.StatusCreated, oh, response, nil
}
func connectAuth(u *url.URL, h http.Header, r *AuthConnect, c *Context) (int, http.Header, Response, error) {
a := profile.NewAuth(&r.Hash, nil)
err := a.Get()
if err != nil {
return error400("couldn't find that auth", err.Error())
}
if a.Username != nil {
return error400("can't connect a username and password to another account")
}
// this is the only change we make at this endpoint
a.Profile = c.Profile.Id
err = a.Save()
if err != nil {
return error500("db failure: p520", err.Error())
}
return getAuths(u, h, nil, c)
}
func createAuth(u *url.URL, h http.Header, r *AuthCreate, c *Context) (int, http.Header, Response, error) {
a := profile.NewAuth(&r.Hash, r.Username)
err := a.Get()
if err != nil {
// this auth doesn't already exist
a.Name = r.Name
a.Authorized = true
a.Profile = c.Profile.Id
a.InHash = []byte(r.Hash)
a.Username = r.Username
err = a.Create()
if err != nil {
return error500("db failure: p560", err.Error())
}
return getAuths(u, h, nil, c)
}
return error400("unauthorized access")
}
func login(u *url.URL, h http.Header, r *Auth) (int, http.Header, Response, error) {
if r == nil {
return error400("no authorization provided")
}
auth := profile.NewAuth(r.Hash, r.Username)
err := auth.Get()
log.Println("got auth:", auth)
if err != nil {
return error401("login failure", "no such auth!")
} else if !auth.Authenticated() {
return error401("login failure", "hash:", *r.Hash)
}
token, err := auth.Login()
if err != nil {
return error500("db failure: p137", err.Error())
}
oh := http.Header{}
oh.Add(ChuteToken, token)
return http.StatusOK, oh, struct{}{}, nil
}