// CreateTransaction endpoint creates a new transaction with the valid transfer tokens and data
func (t *TransactionsAPI) CreateTransaction(params *api.Request) api.Response {
transaction := &models.Transaction{}
err := util.DeserializeJSON(params.Body, transaction)
if err != nil || !apifilter.CheckTransactionIntegrity(transaction) {
return api.BadRequest(api.ErrEntityFormat)
}
return bll.CreateTransaction(transaction)
}
// ResendAccountActivationEmail resends the email with the details for activating their user account
func (a *AuthAPI) ResendAccountActivationEmail(params *api.Request) api.Response {
var model = ResendActivationEmailModel{}
var err = util.DeserializeJSON(params.Body, &model)
if err != nil {
return api.BadRequest(api.ErrEntityFormat)
}
err = auth.ResendAccountActivationEmail(model.Email, model.ActivateAccountServiceLink)
if err != nil {
return api.InternalServerError(err)
}
return api.StatusResponse(http.StatusOK)
}
// RequestResetPassword sends an email with a special token that will be used for resetting the password
func (a *AuthAPI) RequestResetPassword(params *api.Request) api.Response {
var model = RequestResetPasswordModel{}
var err = util.DeserializeJSON(params.Body, &model)
if err != nil {
return api.BadRequest(api.ErrEntityFormat)
}
err = auth.RequestResetPassword(model.Email, model.PasswordResetServiceLink)
if err != nil {
return api.InternalServerError(err)
}
return api.StatusResponse(http.StatusOK)
}
// ActivateAccount activates an account using the activation token sent through email
func (a *AuthAPI) ActivateAccount(params *api.Request) api.Response {
var model = ActivateAccountModel{}
var err = util.DeserializeJSON(params.Body, &model)
if err != nil {
return api.BadRequest(api.ErrEntityFormat)
}
err = auth.ActivateAppUser(model.Token)
if err != nil {
return api.BadRequest(err)
}
return api.StatusResponse(http.StatusOK)
}
// InitCipherModule initializes the components used for server-side encryption
func InitCipherModule() {
key, err := util.Decode(encodedPrivateKey)
if err != nil {
panic(err)
}
err = util.DeserializeJSON(key, privateKey)
if err != nil {
panic(err)
}
encrypter, err = jose.NewEncrypter(jose.RSA_OAEP, jose.A128GCM, &privateKey.PublicKey)
if err != nil {
panic(err)
}
}
func getUserTokens(storeLocation string, userID bson.ObjectId) ([]string, error) {
userIndexFile := fileLocation(storeLocation, userID.Hex())
fileContent, err := ioutil.ReadFile(userIndexFile)
if err != nil {
return nil, err
}
var userTokens []string
err = util.DeserializeJSON(fileContent, userTokens)
if err != nil {
return nil, err
}
return userTokens, nil
}
// CreateAppUser is an endpoint used for creating application users
func (v *DevAPI) CreateAppUser(params *api.Request) api.Response {
model := &AppUserModel{}
err := util.DeserializeJSON(params.Body, model)
if err != nil {
return api.BadRequest(api.ErrEntityFormat)
}
var activationServiceLink = config.HTTPServerAddress + config.APIInstance + "dev/ActivateAppUser?token=%s"
user, err := auth.CreateAppUser(model.Email, model.Password, model.AccountType, activationServiceLink)
if err != nil {
return api.InternalServerError(err)
}
return api.JSONResponse(http.StatusOK, user)
}
// ReadCookie fetches a cookie from the cookie store
func (store *FileCookieStore) ReadCookie(key string) (*Session, error) {
fileName := fileLocation(store.location, key)
encryptedData, err := ioutil.ReadFile(fileName)
if err != nil {
return nil, err
}
jsonData, err := security.Decrypt(encryptedData)
if err != nil {
return nil, err
}
var session *Session
err = util.DeserializeJSON(jsonData, session)
return session, err
}
// Authorize tries to authorize an existing gostToken
func Authorize(httpHeader http.Header) (*identity.Identity, error) {
ghostToken, err := extractGhostToken(httpHeader)
if err != nil {
if err == errAnonymousUser {
return identity.NewAnonymous(), nil
}
return nil, err
}
encryptedToken, err := util.Decode([]byte(ghostToken))
if err != nil {
return nil, err
}
jsonToken, err := security.Decrypt(encryptedToken)
if err != nil {
return nil, err
}
cookie := new(cookies.Session)
err = util.DeserializeJSON(jsonToken, cookie)
if err != nil {
return nil, err
}
dbCookie, err := cookies.GetSession(cookie.Token)
if err != nil || dbCookie == nil {
return nil, ErrDeactivatedUser
}
if !identity.IsUserActivated(dbCookie.UserID) {
return nil, ErrDeactivatedUser
}
go dbCookie.ResetToken()
return identity.New(dbCookie), nil
}
// CreateSession creates a new session for an existing user account
func (a *AuthAPI) CreateSession(params *api.Request) api.Response {
model := &AuthModel{}
err := util.DeserializeJSON(params.Body, model)
if err != nil {
return api.BadRequest(err)
}
if model.Password != model.PasswordConfirmation {
return api.BadRequest(ErrPasswordMatch)
}
if !bson.IsObjectIdHex(model.AppUserID) {
return api.BadRequest(api.ErrInvalidIDParam)
}
token, err := auth.GenerateUserAuth(bson.ObjectIdHex(model.AppUserID), model.ClientDetails)
if err != nil {
return api.BadRequest(err)
}
return api.PlainTextResponse(http.StatusOK, token)
}
// ResetPassword resets an user account's password
func (a *AuthAPI) ResetPassword(params *api.Request) api.Response {
var model = ResetPasswordModel{}
var err = util.DeserializeJSON(params.Body, &model)
if err != nil {
return api.BadRequest(api.ErrEntityFormat)
}
if model.Password != model.PasswordConfirmation {
return api.BadRequest(errPasswordsDoNotMatch)
}
err = auth.ResetPassword(model.Token, model.Password)
if err != nil {
if err == auth.ErrResetPasswordTokenExpired {
return api.BadRequest(err)
}
return api.InternalServerError(err)
}
return api.StatusResponse(http.StatusOK)
}
