func changePasswordOfCurrentUser(c *bitmonster.Context) error {
// Obtain the data from the context.
data := struct {
OldPassword string `json:"oldPassword"`
NewPassword string `json:"newPassword"`
}{}
err := c.Decode(&data)
if err != nil {
return err
}
// Obtain the current user.
user, err := CurrentUser(c.Socket())
if err != nil {
return err
}
// Check if the old password is valid.
if match := user.ComparePasswords(data.OldPassword); !match {
c.Error("wrong_password")
return nil
}
// Change the user's password.
err = user.ChangePassword(data.NewPassword)
if err != nil {
return err
}
// Update the user in the database.
err = UpdateUser(user)
if err != nil {
return err
}
return nil
}
func getUsers(c *bitmonster.Context) error {
println("getUsers")
v := struct {
Foo string
Bar string
}{}
err := c.Decode(&v)
if err != nil {
return err
}
fmt.Printf("%+v\n", v)
// Get the event.
e, err := c.Module().Event("onNew")
if err != nil {
return err
}
// Trigger the event.
err = e.Trigger(v)
if err != nil {
return err
}
// Only this socket.
err = e.TriggerSocket(c.Socket(), v)
if err != nil {
return err
}
c.Data(&v)
c.Error("error message")
return nil
}
func getUser(c *bitmonster.Context) error {
// Obtain the data from the context.
data := struct {
// Either pass an ID or an Username.
ID string `json:"id"`
Username string `json:"username"`
}{}
err := c.Decode(&data)
if err != nil {
return err
}
// Obtain the user.
var user *User
if len(data.ID) > 0 {
user, err = GetUser(data.ID)
if err != nil {
return err
}
} else if len(data.Username) > 0 {
user, err = GetUserByUsername(data.Username)
if err != nil {
return err
}
} else {
c.Error("invalid method data passed")
return nil
}
// Set the user as return data.
c.Data(user)
return nil
}
func login(c *bitmonster.Context) error {
// Obtain the authentication data from the context.
loginData := struct {
Username string `json:"username"`
Password string `json:"password"`
Fingerprint string `json:"fingerprint"`
}{}
err := c.Decode(&loginData)
if err != nil {
return err
}
if len(loginData.Username) == 0 || len(loginData.Password) == 0 || len(loginData.Fingerprint) == 0 {
c.Error("invalid login credentials")
return nil
}
// Get the user by the username.
user, err := GetUserByUsername(loginData.Username)
if err != nil {
c.Error("invalid login credentials")
return nil
}
// Compare the password.
if match := user.ComparePasswords(loginData.Password); !match {
c.Error("invalid login credentials")
return nil
}
// Update the last login timestamp.
timeNow := time.Now()
user.LastLogin = timeNow
// Handle the fingerprint like a password.
fingerprint, err := hashPassword(loginData.Fingerprint)
if err != nil {
return err
}
// Create the map if nil.
if user.AuthSessions == nil {
user.AuthSessions = make(AuthSessions)
}
// Remove the oldest sessions if the maximum count of sessions is reached.
// Included endless-loop prevention. Just to be sure.
for i := 0; i < 100 && len(user.AuthSessions) >= maxAuthSessions; i++ {
minTime := timeNow
var minKey string
for key, as := range user.AuthSessions {
if as.LastAuth.Before(minTime) {
minTime = as.LastAuth
minKey = key
}
}
delete(user.AuthSessions, minKey)
}
// Create a new authenticated session.
as := &AuthSession{
Fingerprint: fingerprint,
Token: utils.RandomString(authSessionTokenLength),
TokenCreated: timeNow,
Created: timeNow,
LastAuth: timeNow,
}
// Create a new unique key for it.
key := utils.RandomString(authSessionKeyLength)
for {
if _, ok := user.AuthSessions[key]; !ok {
break
}
key = utils.RandomString(authSessionKeyLength)
}
// Add it to the map with the key.
user.AuthSessions[key] = as
// Create a new encrypted authentication token.
authToken, err := newAuthToken(user.ID, key, as.Token)
if err != nil {
return err
}
// Update the user in the database.
err = UpdateUser(user)
if err != nil {
return err
}
// Create the respond data.
data := struct {
Token string `json:"token"`
}{
Token: authToken,
}
// Set it.
c.Data(data)
return nil
}
