func CreateUserHandler(w http.ResponseWriter, r *http.Request) {
fields := CreateUserForm{}
cef, err := form.Parse(&fields, w, r)
if err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
if cef.HasError() {
cef.Error.Send(http.StatusBadRequest)
return
}
hash, err := cryptoutils.Hash(fields.Password, conf.PasswordLevel)
if err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
user := model.User{
ID: bson.NewObjectId(),
Name: fields.Name,
Email: strings.TrimSpace(fields.Email),
Hash: hash,
CreatedAt: time.Now(),
}
s := conf.M.Copy()
defer s.Close()
if err := s.DB("").C("users").Insert(&user); err != nil {
if mgo.IsDup(err) {
cef.Error.SendMessage("this email address already exists", http.StatusBadRequest)
return
}
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
token := model.NewToken(user.ID)
if err := s.DB("").C("tokens").Insert(&token); err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
user.AccessToken = token.Token
httpres.Json(w, http.StatusCreated, UserResponse{user})
}
func CreateUserHandler(w http.ResponseWriter, r *http.Request) {
fields := createUserForm{}
if formutils.ParseSend(w, r, &fields) {
return
}
hash, err := cryptoutils.Hash(fields.Password, conf.PasswordLevel)
if err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
user := model.User{
ID: bson.NewObjectId(),
Name: fields.Name,
Email: strings.TrimSpace(fields.Email),
PasswordHash: hash,
CreatedAt: time.Now(),
}
if err := ctx.M(r).DB("").C("users").Insert(&user); err != nil {
if mgo.IsDup(err) {
eres.New(w).AddField("email", "already exists").Send()
return
}
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
token := model.NewToken(user.ID, false)
if err := ctx.M(r).DB("").C("tokens").Insert(&token); err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
rp := userResponse{
User: user,
AccessToken: token.Token,
}
httpres.Json(w, http.StatusCreated, rp)
}
func CreateTokenHandler(w http.ResponseWriter, r *http.Request) {
fields := CreateTokenForm{}
cef, err := form.Parse(&fields, w, r)
if err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
if cef.HasError() {
cef.Error.Send(http.StatusBadRequest)
return
}
var user model.User
s := conf.M.Copy()
defer s.Close()
if err := s.DB("").C("users").Find(bson.M{
"email": strings.TrimSpace(fields.Email),
}).One(&user); err != nil {
if err == mgo.ErrNotFound {
cef.Error.SendMessage("bad credentials", http.StatusBadRequest)
return
}
log.Println(err)
w.WriteHeader(http.StatusBadRequest)
return
}
if err := bcrypt.CompareHashAndPassword([]byte(user.Hash), []byte(fields.Password)); err != nil {
cef.Error.SendMessage("bad credentials", http.StatusBadRequest)
return
}
token := model.NewToken(user.ID)
if err := s.DB("").C("tokens").Insert(&token); err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
httpres.Json(w, http.StatusCreated, TokenResponse{token.Token})
}
func CreateTokenHandler(w http.ResponseWriter, r *http.Request) {
fields := createTokenForm{}
if formutils.ParseSend(w, r, &fields) {
return
}
var user model.User
if err := ctx.M(r).DB("").C("users").Find(bson.M{
"email": strings.TrimSpace(fields.Email),
}).One(&user); err != nil {
if err == mgo.ErrNotFound {
eres.New(w).SetMessage("bad credentials").Send()
return
}
log.Println(err)
w.WriteHeader(http.StatusBadRequest)
return
}
if err := bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(fields.Password)); err != nil {
eres.New(w).SetMessage("bad credentials").Send()
return
}
token := model.NewToken(user.ID, fields.Forever)
if err := ctx.M(r).DB("").C("tokens").Insert(&token); err != nil {
log.Println(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
httpres.Json(w, http.StatusCreated, tokenResponse{token.Token})
}