func InviteHandler() httperr.Handler {
return func(w http.ResponseWriter, r *http.Request) error {
type inviteReq struct {
MemberID int64
Email string
}
req := &inviteReq{}
if err := json.NewDecoder(r.Body).Decode(req); err != nil {
return httperr.New(http.StatusBadRequest, err.Error(), err)
}
dbmap, err := getDB()
defer dbmap.Db.Close()
if err != nil {
return err
}
member := &model.Member{}
if err := sqlutil.SelectOneRelation(dbmap, model.TableNameMember, req.MemberID, member); err != nil {
return httperr.New(http.StatusBadRequest, "member not found", err)
}
member.SetPassword(model.NewAutoPassword())
member.Email = req.Email
if _, err := dbmap.Update(member); err != nil {
return err
}
if err := member.Invite(req.Email); err != nil {
return err
}
return json.NewEncoder(w).Encode(member)
}
}
func UpdateByID(m CrudResource) httperr.Handler {
return func(w http.ResponseWriter, r *http.Request) error {
dbmap, err := getDB()
defer dbmap.Db.Close()
if err != nil {
return err
}
id := r.URL.Query().Get(":id")
mCopy := copyResource(m)
if err := GetID(dbmap, mCopy, id); err != nil {
return err
}
updateCopy := copyResource(m)
if err := json.NewDecoder(r.Body).Decode(updateCopy); err != nil {
message := fmt.Sprintf("%s's json could not parsed.", m.TableName())
return httperr.New(http.StatusBadRequest, message, err)
}
merge.TagWl(updateCopy, mCopy)
if _, err := dbmap.Update(mCopy); err != nil {
message := fmt.Sprintf("%s did not pass validation.", m.TableName())
return httperr.New(http.StatusBadRequest, message, err)
}
return json.NewEncoder(w).Encode(mCopy)
}
}
func Create(m CrudResource) httperr.Handler {
return func(w http.ResponseWriter, r *http.Request) error {
dbmap, err := getDB()
defer dbmap.Db.Close()
if err != nil {
return err
}
trans, err := dbmap.Begin()
if err != nil {
return err
}
mCopy := copyResource(m)
if err := json.NewDecoder(r.Body).Decode(mCopy); err != nil {
return clientError(err)
}
if err := trans.Insert(mCopy); err != nil {
message := fmt.Sprintf("%s did not pass validation.", m.TableName())
return httperr.New(http.StatusBadRequest, message, err)
}
if err := trans.Commit(); err != nil {
return err
}
return json.NewEncoder(w).Encode(mCopy)
}
}
func LoginHandler() httperr.Handler {
return func(w http.ResponseWriter, r *http.Request) error {
type loginReq struct {
Email string
Password string
}
req := &loginReq{}
if err := json.NewDecoder(r.Body).Decode(req); err != nil {
return httperr.New(http.StatusBadRequest, err.Error(), err)
}
dbmap, err := getDB()
defer dbmap.Db.Close()
if err != nil {
return err
}
member, err := model.AuthenticateMember(dbmap, req.Email, req.Password)
if err != nil {
return err
}
token := &model.Token{
MemberID: member.ID,
}
if err := dbmap.Insert(token); err != nil {
return err
}
member.Token = token.Value
return json.NewEncoder(w).Encode(member)
}
}
func ResetPasswordHandler() httperr.Handler {
return func(w http.ResponseWriter, r *http.Request) error {
type resetPasswordReq struct {
Email string
}
req := &resetPasswordReq{}
if err := json.NewDecoder(r.Body).Decode(req); err != nil {
return httperr.New(http.StatusBadRequest, err.Error(), err)
}
dbmap, err := getDB()
defer dbmap.Db.Close()
if err != nil {
return err
}
member, err := model.FindMember(dbmap, req.Email)
// if member not found return 200 anyway
if err != nil {
return nil
}
if err := member.ResetPassword(); err != nil {
return err
}
if _, err := dbmap.Update(member); err != nil {
return err
}
return nil
}
}
func (c *Community) updateLatLng() error {
if len(c.Location) != 2 {
err := errors.New("Location should be [lat, lon]")
return httperr.New(http.StatusBadRequest, err.Error(), err)
}
c.Latitude = c.Location[0]
c.Longitude = c.Location[1]
return nil
}
func GetID(dbmap *gorp.DbMap, m CrudResource, id interface{}) error {
query := squirrel.Select("*").
From(m.TableName()).
Where(squirrel.Eq{"ID": id})
if err := sqlutil.SelectOne(dbmap, query, m); err != nil {
message := fmt.Sprintf("Could not find %s.", m.TableName())
return httperr.New(http.StatusNotFound, message, err)
}
return nil
}
func AuthenticateMember(s gorp.SqlExecutor, email, password string) (*Member, error) {
err := fmt.Errorf("email / password invalid")
respErr := httperr.New(http.StatusUnauthorized, err.Error(), err)
member, err := FindMember(s, email)
if err != nil || !member.HasPassword(password) {
return nil, respErr
}
return member, nil
}
func ChangePasswordHandler() httperr.Handler {
return func(w http.ResponseWriter, r *http.Request) error {
type changePasswordReq struct {
OldPassword string
NewPassword string
}
req := &changePasswordReq{}
if err := json.NewDecoder(r.Body).Decode(req); err != nil {
return httperr.New(http.StatusBadRequest, err.Error(), err)
}
dbmap, err := getDB()
defer dbmap.Db.Close()
if err != nil {
return err
}
email := r.URL.Query().Get(authEmailKey)
member, err := model.FindMember(dbmap, email)
if err != nil {
return err
}
if !member.HasPassword(req.OldPassword) {
err := errors.New("password invalid")
return httperr.New(http.StatusBadRequest, err.Error(), err)
}
pword, err := model.NewPassword(req.NewPassword)
if err != nil {
return httperr.New(http.StatusBadRequest, "password must be between 7 and 32 characters", err)
}
member.SetPassword(pword)
if _, err := dbmap.Update(member); err != nil {
return err
}
return nil
}
}
func (f *Feed) PreInsert(s gorp.SqlExecutor) error {
f.Created = milli.Timestamp(time.Now())
f.Updated = milli.Timestamp(time.Now())
icon := ""
switch FeedType(f.Type) {
case FeedTypeFacebook:
// get user from facebook api
session := facebookSession()
route := fmt.Sprintf("/%s", f.Identifier)
result, err := session.Api(route, facebook.GET, nil)
if err != nil {
return httperr.New(http.StatusBadRequest, "invalid facebook id", err)
}
// decode response
user := &fbookUser{}
if err := result.Decode(user); err != nil {
return err
}
icon = user.Cover.Source
case FeedTypeTwitter:
api := twitterAPI()
user, err := api.GetUsersShow(f.Identifier, url.Values{})
if err != nil {
return err
}
icon = user.ProfileImageURL
}
if icon != "" {
member := &Member{}
if err := sqlutil.SelectOneRelation(s, TableNameMember, f.MemberID, member); err != nil {
return err
}
member.Icon = icon
if _, err := s.Update(member); err != nil {
return err
}
}
return f.Validate()
}
func Auth(h httperr.Handler) httperr.Handler {
return func(w http.ResponseWriter, r *http.Request) error {
dbmap, err := getDB()
defer dbmap.Db.Close()
if err != nil {
return err
}
v := r.URL.Query()
email := v.Get(authEmailKey)
token := v.Get(authTokenKey)
errResp := httperr.New(http.StatusUnauthorized, "not authorized", errors.New("not authorized"))
member, err := model.FindMember(dbmap, email)
if err != nil {
return errResp
} else if err := model.ValidateToken(dbmap, member.ID, token); err != nil {
return errResp
}
return h(w, r)
}
}
func clientError(err error) error {
message := "Problem performing request. Please alert the Account owner if the problem continues."
return httperr.New(http.StatusBadRequest, message, err)
}
func SignupHandler() httperr.Handler {
return func(w http.ResponseWriter, r *http.Request) error {
dbmap, err := getDB()
defer dbmap.Db.Close()
if err != nil {
return err
}
// check if the community already exits, if so prevent signup
coms := []*model.Community{}
dbmap.Select(&coms, "select * from communities")
if len(coms) > 0 {
err := errors.New("community already created")
return httperr.New(http.StatusBadRequest, err.Error(), err)
}
type signupReq struct {
Email string
Password string
Name string
CommunityName string
RegistrationPolicy string
Location []float64
Description string
}
req := &signupReq{}
if err := json.NewDecoder(r.Body).Decode(req); err != nil {
return httperr.New(http.StatusBadRequest, err.Error(), err)
}
trans, err := dbmap.Begin()
if err != nil {
return err
}
member := &model.Member{
Email: req.Email,
Organizer: true,
Name: req.Name,
}
pword, err := model.NewPassword(req.Password)
if err != nil {
return httperr.New(http.StatusBadRequest, "password must be between 7 and 32 characters", err)
}
member.SetPassword(pword)
if err := trans.Insert(member); err != nil {
return err
}
com := &model.Community{
Name: req.CommunityName,
Location: req.Location,
Description: req.Description,
RegistrationPolicy: req.RegistrationPolicy,
}
if err := trans.Insert(com); err != nil {
return err
}
categories := []*model.Category{
{Name: "Play Local"},
{Name: "Be Local"},
{Name: "Eat Local"},
{Name: "Shop Local"},
}
for _, cat := range categories {
if err := trans.Insert(cat); err != nil {
return err
}
}
if err := trans.Commit(); err != nil {
return err
}
return json.NewEncoder(w).Encode(member)
}
}