// InfosSession get infos about the session (including remaining time)
func InfosSession(handle tools.Handle, db *mgo.DbQueue) (interface{}, error) {
var resp InfosSessionResponse
var session models.Session
sid := handle.P.ByName("token")
if sid == "" {
return nil, tools.NewError(nil, 400, "bad request: missing token")
}
if tools.CheckID(sid) == false {
return nil, tools.NewError(nil, 400, "bad request: invalid token")
}
session.IDFromHex(sid)
err := session.Get(db)
if err != nil {
return nil, err
}
remaining := int(session.Expire - time.Now().Unix())
if remaining <= 0 {
return nil, tools.NewError(nil, 404, "not found: session is expired")
}
resp.Status = "ok"
resp.Session.UserID = session.UserID.Hex()
resp.Session.Domain = session.Domain
resp.Session.Expire = session.Expire
resp.Session.Remaining = remaining
return resp, nil
}
// Logoff deletes a session (expired or not)
func Logoff(handle tools.Handle, db *mgo.DbQueue) (interface{}, error) {
var session models.Session
sid := handle.P.ByName("token")
if sid == "" {
return nil, tools.NewError(nil, 400, "bad request: missing token")
}
if tools.CheckID(sid) == false {
return nil, tools.NewError(nil, 400, "bad request: invalid token")
}
session.IDFromHex(sid)
err := session.Delete(db)
if err != nil {
return nil, err
}
return LogoffResponse{"ok"}, nil
}
func CheckSession(q CheckRequest, db *mgo.DbQueue) (interface{}, error) {
var resp CheckResponse
var session models.Session
if q.Token == "" {
return nil, tools.NewError(nil, 400, "bad request: token is missing")
}
if tools.CheckID(q.Token) == false {
return nil, tools.NewError(nil, 400, "bad request: invalid token")
}
if q.Domain == "" {
return nil, tools.NewError(nil, 400, "bad request: domain is missing")
}
if q.Domain == "/" {
return nil, tools.NewError(nil, 400, "bad request: illegal domain")
}
session.IDFromHex(q.Token)
err := session.Get(db)
if err != nil {
return nil, err
}
if session.Expire < time.Now().Unix() {
return nil, tools.NewError(nil, 404, "not found: session is expired")
}
if tools.CheckDomain(q.Domain, session.Domain) == false {
return nil, tools.NewError(nil, 403, "forbidden: restricted domain")
}
resp.Status = "ok"
resp.Session.UserID = session.UserID.Hex()
resp.Session.Expire = session.Expire
resp.Session.Remaining = int(session.Expire - time.Now().Unix())
return resp, nil
}
// Login a user, creating a new session.
func Login(handle tools.Handle, db *mgo.DbQueue) (interface{}, error) {
var q LoginRequest
var user models.User
var session models.Session
var resp LoginResponse
err := rest.Parse(handle.R, &q)
if err != nil {
return nil, tools.NewError(err, 400, "bad request: couldn't parse body")
}
if q.Domain == "" {
return nil, tools.NewError(nil, 400, "bad request: domain is missing")
}
if q.Domain == "/" {
return nil, tools.NewError(nil, 400, "bad request: illegal domain")
}
if q.Username == "" {
return nil, tools.NewError(nil, 400, "bad request: username is missing")
}
if q.Password == "" {
return nil, tools.NewError(nil, 400, "bad request: password is missing")
}
user.Username = q.Username
user.Password = q.Password
if govalidator.IsEmail(user.Username) == false {
return nil, tools.NewError(nil, 400, "bad request: username must be a valid email")
}
user.Username, err = govalidator.NormalizeEmail(user.Username)
if err != nil {
return nil, tools.NewError(nil, 400, "bad request: username must be a valid email")
}
ok, err := user.Check(db)
if err != nil {
return nil, err
}
if ok == false {
return nil, tools.NewError(nil, 403, "forbidden: invalid user or password")
}
if user.Enable == false {
return nil, tools.NewError(nil, 403, "forbidden: user is diabled")
}
ok = user.CheckDomain(q.Domain)
if ok == false {
return nil, tools.NewError(nil, 403, "forbidden: restricted domain")
}
session.UserID = user.ID
session.Domain = q.Domain
remaining, err := session.Create(db, handle.C.SessionLifespan)
if err != nil {
return nil, err
}
resp.Status = "ok"
resp.Session.Token = session.ID.Hex()
resp.Session.UserID = session.UserID.Hex()
resp.Session.Expire = session.Expire
resp.Session.Remaining = remaining
return resp, nil
}