Пример #1
0
func InviteHandler() httperr.Handler {
	return func(w http.ResponseWriter, r *http.Request) error {
		type inviteReq struct {
			MemberID int64
			Email    string
		}

		req := &inviteReq{}
		if err := json.NewDecoder(r.Body).Decode(req); err != nil {
			return httperr.New(http.StatusBadRequest, err.Error(), err)
		}

		dbmap, err := getDB()
		defer dbmap.Db.Close()
		if err != nil {
			return err
		}

		member := &model.Member{}
		if err := sqlutil.SelectOneRelation(dbmap, model.TableNameMember, req.MemberID, member); err != nil {
			return httperr.New(http.StatusBadRequest, "member not found", err)
		}
		member.SetPassword(model.NewAutoPassword())
		member.Email = req.Email
		if _, err := dbmap.Update(member); err != nil {
			return err
		}
		if err := member.Invite(req.Email); err != nil {
			return err
		}
		return json.NewEncoder(w).Encode(member)
	}
}
Пример #2
0
func UpdateByID(m CrudResource) httperr.Handler {
	return func(w http.ResponseWriter, r *http.Request) error {
		dbmap, err := getDB()
		defer dbmap.Db.Close()
		if err != nil {
			return err
		}

		id := r.URL.Query().Get(":id")
		mCopy := copyResource(m)
		if err := GetID(dbmap, mCopy, id); err != nil {
			return err
		}

		updateCopy := copyResource(m)
		if err := json.NewDecoder(r.Body).Decode(updateCopy); err != nil {
			message := fmt.Sprintf("%s's json could not parsed.", m.TableName())
			return httperr.New(http.StatusBadRequest, message, err)
		}

		merge.TagWl(updateCopy, mCopy)

		if _, err := dbmap.Update(mCopy); err != nil {
			message := fmt.Sprintf("%s did not pass validation.", m.TableName())
			return httperr.New(http.StatusBadRequest, message, err)
		}

		return json.NewEncoder(w).Encode(mCopy)
	}
}
Пример #3
0
func Create(m CrudResource) httperr.Handler {
	return func(w http.ResponseWriter, r *http.Request) error {
		dbmap, err := getDB()
		defer dbmap.Db.Close()
		if err != nil {
			return err
		}

		trans, err := dbmap.Begin()
		if err != nil {
			return err
		}

		mCopy := copyResource(m)
		if err := json.NewDecoder(r.Body).Decode(mCopy); err != nil {
			return clientError(err)
		}

		if err := trans.Insert(mCopy); err != nil {
			message := fmt.Sprintf("%s did not pass validation.", m.TableName())
			return httperr.New(http.StatusBadRequest, message, err)
		}

		if err := trans.Commit(); err != nil {
			return err
		}
		return json.NewEncoder(w).Encode(mCopy)
	}
}
Пример #4
0
func LoginHandler() httperr.Handler {
	return func(w http.ResponseWriter, r *http.Request) error {

		type loginReq struct {
			Email    string
			Password string
		}

		req := &loginReq{}
		if err := json.NewDecoder(r.Body).Decode(req); err != nil {
			return httperr.New(http.StatusBadRequest, err.Error(), err)
		}

		dbmap, err := getDB()
		defer dbmap.Db.Close()
		if err != nil {
			return err
		}

		member, err := model.AuthenticateMember(dbmap, req.Email, req.Password)
		if err != nil {
			return err
		}

		token := &model.Token{
			MemberID: member.ID,
		}
		if err := dbmap.Insert(token); err != nil {
			return err
		}

		member.Token = token.Value
		return json.NewEncoder(w).Encode(member)
	}
}
Пример #5
0
func ResetPasswordHandler() httperr.Handler {
	return func(w http.ResponseWriter, r *http.Request) error {

		type resetPasswordReq struct {
			Email string
		}

		req := &resetPasswordReq{}
		if err := json.NewDecoder(r.Body).Decode(req); err != nil {
			return httperr.New(http.StatusBadRequest, err.Error(), err)
		}

		dbmap, err := getDB()
		defer dbmap.Db.Close()
		if err != nil {
			return err
		}

		member, err := model.FindMember(dbmap, req.Email)
		// if member not found return 200 anyway
		if err != nil {
			return nil
		}
		if err := member.ResetPassword(); err != nil {
			return err
		}
		if _, err := dbmap.Update(member); err != nil {
			return err
		}
		return nil
	}
}
Пример #6
0
func (c *Community) updateLatLng() error {
	if len(c.Location) != 2 {
		err := errors.New("Location should be [lat, lon]")
		return httperr.New(http.StatusBadRequest, err.Error(), err)
	}
	c.Latitude = c.Location[0]
	c.Longitude = c.Location[1]
	return nil
}
Пример #7
0
func GetID(dbmap *gorp.DbMap, m CrudResource, id interface{}) error {
	query := squirrel.Select("*").
		From(m.TableName()).
		Where(squirrel.Eq{"ID": id})
	if err := sqlutil.SelectOne(dbmap, query, m); err != nil {
		message := fmt.Sprintf("Could not find %s.", m.TableName())
		return httperr.New(http.StatusNotFound, message, err)
	}
	return nil
}
Пример #8
0
func AuthenticateMember(s gorp.SqlExecutor, email, password string) (*Member, error) {
	err := fmt.Errorf("email / password invalid")
	respErr := httperr.New(http.StatusUnauthorized, err.Error(), err)

	member, err := FindMember(s, email)
	if err != nil || !member.HasPassword(password) {
		return nil, respErr
	}

	return member, nil
}
Пример #9
0
func ChangePasswordHandler() httperr.Handler {
	return func(w http.ResponseWriter, r *http.Request) error {

		type changePasswordReq struct {
			OldPassword string
			NewPassword string
		}

		req := &changePasswordReq{}
		if err := json.NewDecoder(r.Body).Decode(req); err != nil {
			return httperr.New(http.StatusBadRequest, err.Error(), err)
		}

		dbmap, err := getDB()
		defer dbmap.Db.Close()
		if err != nil {
			return err
		}

		email := r.URL.Query().Get(authEmailKey)
		member, err := model.FindMember(dbmap, email)
		if err != nil {
			return err
		}

		if !member.HasPassword(req.OldPassword) {
			err := errors.New("password invalid")
			return httperr.New(http.StatusBadRequest, err.Error(), err)
		}

		pword, err := model.NewPassword(req.NewPassword)
		if err != nil {
			return httperr.New(http.StatusBadRequest, "password must be between 7 and 32 characters", err)
		}
		member.SetPassword(pword)
		if _, err := dbmap.Update(member); err != nil {
			return err
		}
		return nil
	}
}
Пример #10
0
func (f *Feed) PreInsert(s gorp.SqlExecutor) error {
	f.Created = milli.Timestamp(time.Now())
	f.Updated = milli.Timestamp(time.Now())

	icon := ""
	switch FeedType(f.Type) {
	case FeedTypeFacebook:
		// get user from facebook api
		session := facebookSession()
		route := fmt.Sprintf("/%s", f.Identifier)
		result, err := session.Api(route, facebook.GET, nil)
		if err != nil {
			return httperr.New(http.StatusBadRequest, "invalid facebook id", err)
		}
		// decode response
		user := &fbookUser{}
		if err := result.Decode(user); err != nil {
			return err
		}
		icon = user.Cover.Source
	case FeedTypeTwitter:
		api := twitterAPI()
		user, err := api.GetUsersShow(f.Identifier, url.Values{})
		if err != nil {
			return err
		}
		icon = user.ProfileImageURL
	}

	if icon != "" {
		member := &Member{}
		if err := sqlutil.SelectOneRelation(s, TableNameMember, f.MemberID, member); err != nil {
			return err
		}
		member.Icon = icon

		if _, err := s.Update(member); err != nil {
			return err
		}
	}

	return f.Validate()
}
Пример #11
0
func Auth(h httperr.Handler) httperr.Handler {
	return func(w http.ResponseWriter, r *http.Request) error {
		dbmap, err := getDB()
		defer dbmap.Db.Close()
		if err != nil {
			return err
		}

		v := r.URL.Query()
		email := v.Get(authEmailKey)
		token := v.Get(authTokenKey)

		errResp := httperr.New(http.StatusUnauthorized, "not authorized", errors.New("not authorized"))
		member, err := model.FindMember(dbmap, email)
		if err != nil {
			return errResp
		} else if err := model.ValidateToken(dbmap, member.ID, token); err != nil {
			return errResp
		}
		return h(w, r)
	}
}
Пример #12
0
func clientError(err error) error {
	message := "Problem performing request.  Please alert the Account owner if the problem continues."
	return httperr.New(http.StatusBadRequest, message, err)
}
Пример #13
0
func SignupHandler() httperr.Handler {
	return func(w http.ResponseWriter, r *http.Request) error {
		dbmap, err := getDB()
		defer dbmap.Db.Close()
		if err != nil {
			return err
		}

		// check if the community already exits, if so prevent signup
		coms := []*model.Community{}
		dbmap.Select(&coms, "select * from communities")
		if len(coms) > 0 {
			err := errors.New("community already created")
			return httperr.New(http.StatusBadRequest, err.Error(), err)
		}

		type signupReq struct {
			Email              string
			Password           string
			Name               string
			CommunityName      string
			RegistrationPolicy string
			Location           []float64
			Description        string
		}

		req := &signupReq{}
		if err := json.NewDecoder(r.Body).Decode(req); err != nil {
			return httperr.New(http.StatusBadRequest, err.Error(), err)
		}

		trans, err := dbmap.Begin()
		if err != nil {
			return err
		}

		member := &model.Member{
			Email:     req.Email,
			Organizer: true,
			Name:      req.Name,
		}
		pword, err := model.NewPassword(req.Password)
		if err != nil {
			return httperr.New(http.StatusBadRequest, "password must be between 7 and 32 characters", err)
		}
		member.SetPassword(pword)

		if err := trans.Insert(member); err != nil {
			return err
		}

		com := &model.Community{
			Name:               req.CommunityName,
			Location:           req.Location,
			Description:        req.Description,
			RegistrationPolicy: req.RegistrationPolicy,
		}
		if err := trans.Insert(com); err != nil {
			return err
		}

		categories := []*model.Category{
			{Name: "Play Local"},
			{Name: "Be Local"},
			{Name: "Eat Local"},
			{Name: "Shop Local"},
		}
		for _, cat := range categories {
			if err := trans.Insert(cat); err != nil {
				return err
			}
		}
		if err := trans.Commit(); err != nil {
			return err
		}
		return json.NewEncoder(w).Encode(member)
	}
}