func RegisterUser(c *gin.Context) { var login Login if c.BindJSON(&login) == nil { user, err := models.FindUserByEmail(login.Email) if err != nil && err.Error() != "not found" { fmt.Printf("Error looking up user %v", err) c.JSON(http.StatusInternalServerError, gin.H{"status": "Error Looking Up User."}) return } if user.ID.Valid() { fmt.Printf("User already exists %v ", user) c.JSON(http.StatusConflict, gin.H{"status": "User Already Exists."}) return } salt := makeSalt() user = models.User{Email: login.Email, Salt: salt, UserName: login.Email, HashedPassword: ComputeHmac256(login.Password, getSecret(salt))} newUser, err := models.CreateUser(user) if err != nil || !newUser.ID.Valid() { fmt.Printf("Error creating user account %v %v ", newUser, err) c.JSON(http.StatusInternalServerError, gin.H{"status": "Error Creating New User Record."}) } c.JSON(http.StatusOK, gin.H{"status": "New Subscription Successful"}) return } else { c.JSON(http.StatusNotFound, gin.H{"status": "Invalid Registration Information"}) } }
// ProcessLogin allow peeps to login func ProcessLogin(c *gin.Context) { var login Login if c.BindJSON(&login) == nil { pretty.Println(login) user, err := models.FindUserByEmail(login.Email) if user.ID.Valid() && err == nil { goodToGo := false goodToGo = ComputeHmac256(login.Password, getSecret(user.Salt)) == user.HashedPassword if !goodToGo { // if we cannot verify hmac 256 it maybe an old user account using the old style passwords, let us verify and update if ComputeSHA1(login.Password, user.Salt) == user.HashedPassword { go user.SetPassword(ComputeHmac256(login.Password, getSecret(user.Salt))) goodToGo = true } } if goodToGo { session, err := GlobalSessions.SessionStart(c.Writer, c.Request) defer session.SessionRelease(c.Writer) if err != nil { fmt.Println("error starting session: ", err) c.JSON(http.StatusForbidden, gin.H{"status": "Forbidden"}) return } session.Set("createTime", time.Now().Unix()) session.Set("email", login.Email) t := Token() session.Set("token", t) fmt.Println("set session to ", session.Get("email"), session.Get("token"), session.SessionID()) fmt.Println(user) if user.Customers == nil { customer, err := models.FindCustomerByName("eStratEx") if err != nil { fmt.Println("Error getting customer", err) } else { user.Customers = append(user.Customers, customer.ID) go func() { user.Update() }() } } c.JSON(http.StatusOK, gin.H{"status": "OK", "token": t, "createTime": session.Get("createTime")}) return } c.JSON(http.StatusForbidden, gin.H{"status": "Forbidden"}) } else { c.JSON(http.StatusNotFound, gin.H{"status": "Not Found"}) } } else { c.JSON(http.StatusNotFound, gin.H{"status": "Not Found"}) } }