// RPC/SignInLogin logs in a user, specified by their login (aka username) // Args: // "L" string // "P" string = HMAC-hashed password // Err: // ErrApp: If the sign-in information is incorrect // non-nil: If a technical problem occured // func (a *API) SignInLogin(args *rpc.Args, r *rpc.Ret) (err os.Error) { // Validate and sanitize arguments login, _ := args.QueryString("L") if login, err = SanitizeLogin(login); err != nil { return ErrApp } hpass, _ := args.QueryString("P") // Fetch user for this login u, _, err := a.db.FindUserByLogin(login) if err != nil { return ErrDb } if u == nil { return ErrApp } // Verify credentials if !VerifyPassword(hpass, u.Password) { return ErrSec } r.AddSetCookie(a.newUserAuthCookie(u)) r.AddSetCookie(a.newUserNameCookie(u)) r.AddSetCookie(a.newUserNymCookie(u)) r.SetInt("XPad", 0) return nil }
func (a *API) FindMsgAttachedTo(args *rpc.Args, r *rpc.Ret) (err os.Error) { attachTo, err := args.QueryString("AttachTo") if err != nil || attachTo == "" { return ErrArg } joins, err := a.db.FindMsgAttachedTo(attachTo) if err != nil { return err } q := make([]msgJoinJSON, len(joins)) for i, join := range joins { author, err := a.whoIsID(join.Author) if err != nil { log.Printf("Unresolved author ID: %s", join.Author) q[i].AuthorNym = "anonymous" } else { q[i].AuthorNym = author.Login } q[i].ID = WebStringOfObjectID(join.ID) q[i].Body = join.Doc.Body q[i].AuthorID = WebStringOfObjectID(join.Author) q[i].AttachTo = WebStringOfObjectID(join.AttachTo) q[i].ReplyTo = WebStringOfObjectID(join.ReplyTo) modtm := time.NanosecondsToLocalTime(int64(join.Modified)).Format(msgFormat) q[i].Modified = modtm } r.SetInterface("Results", q) return nil }
func (a *API) UnsetFollow(args *rpc.Args, r *rpc.Ret) (err os.Error) { _, uid, err := a.whoAmI(args) if err != nil { return err } what, _ := args.QueryString("What") r.SetInt("XPad", 0) return a.db.UnsetFollow(uid, what) }
func (a *API) Unlike(args *rpc.Args, r *rpc.Ret) (err os.Error) { fid, _ := args.QueryString("FID") _, uid, err := a.whoAmI(args) if err != nil { return err } r.SetInt("XPad", 0) return a.db.Unlike(uid, fid) }
// RemoveMsg deletes a message func (a *API) RemoveMsg(args *rpc.Args, r *rpc.Ret) (err os.Error) { _, editorID, err := a.whoAmI(args) if err != nil { return err } msg, err := args.QueryString("Msg") if err != nil { return err } r.SetInt("XPad", 0) return a.db.RemoveMsg(editorID, ObjectIDOfWebString(msg)) }
// IsLoginAvailable checks if this login (i.e. username) is already taken func (a *API) IsLoginAvailable(args *rpc.Args, r *rpc.Ret) os.Error { login, err := args.QueryString("L") if err != nil { return err } if login, err = SanitizeLogin(login); err != nil { return rpc.ErrArg } u, _, err := a.db.FindUserByLogin(login) if err != nil { return ErrDb } r.SetBool("Available", u == nil) return nil }
// EditMsg changes the body of an existing message func (a *API) EditMsg(args *rpc.Args, r *rpc.Ret) (err os.Error) { _, editorID, err := a.whoAmI(args) if err != nil { return err } msg, err := args.QueryString("Msg") if err != nil { return err } body, err := args.QueryString("Body") if err != nil || body == "" { return ErrArg } r.SetInt("XPad", 0) return a.db.EditMsg(editorID, ObjectIDOfWebString(msg), body) }
func (a *API) LikeInfo(args *rpc.Args, r *rpc.Ret) (err os.Error) { fid, _ := args.QueryString("FID") _, uid, err := a.whoAmI(args) if err != nil { return err } likes, err := a.db.Likes(uid, fid) if err != nil { likes = false } n, err := a.db.LikeCount(fid) if err != nil { return err } r.SetBool("Likes", likes) r.SetInt("Count", n) return nil }
// AddMsg adds a new message to the database. The author is the currently // logged in user. The message is attached to the object given by the string // argument "AttachTo". Optionally, the message is in response to another message // with message ID "ReplyTo". AddMsg returns the message ID of the newly added // message, in the return field "ID". func (a *API) AddMsg(args *rpc.Args, r *rpc.Ret) (err os.Error) { authorDoc, authorID, err := a.whoAmI(args) if err != nil { return err } attachTo, err := args.QueryString("AttachTo") if err != nil || attachTo == "" { return ErrArg } replyTo, _ := args.QueryString("ReplyTo") body, err := args.QueryString("Body") if err != nil || body == "" { return ErrArg } msgID, err := a.db.AddMsg(authorID, attachTo, ObjectIDOfWebString(replyTo), body) if err != nil { return err } j := msgJoinJSON{ ID: WebStringOfObjectID(msgID), Body: body, AuthorID: WebStringOfObjectID(authorID), AuthorNym: authorDoc.Login, AttachTo: attachTo, ReplyTo: replyTo, Modified: time.NanosecondsToLocalTime(int64(bson.Now())).Format(msgFormat), } r.SetInterface("Msg", j) return nil }
// FollowInfo returns true if the logged user follows the given object func (a *API) FollowInfo(args *rpc.Args, r *rpc.Ret) (err os.Error) { _, uid, err := a.whoAmI(args) if err != nil { return err } what, _ := args.QueryString("What") follows, err := a.db.IsFollow(uid, what) if err != nil { follows = false } n, err := a.db.FollowerCount(what) if err != nil { return err } r.SetBool("Follows", follows) r.SetInt("Count", n) return nil }
// SignUp registers a new user func (a *API) SignUp(args *rpc.Args, r *rpc.Ret) (err os.Error) { // Validate and sanitize arguments name, _ := args.QueryString("N") if name, err = SanitizeName(name); err != nil { return ErrApp } email, _ := args.QueryString("E") if email, err = SanitizeEmail(email); err != nil { return ErrApp } login, _ := args.QueryString("L") if login, err = SanitizeLogin(login); err != nil { return ErrApp } hpass, _ := args.QueryString("P") // Check that a user like this doesn't already exist u, _, err := a.db.FindUserByLogin(login) if err != nil { return ErrDb } if u != nil { return ErrApp } u, err = a.db.FindUserByEmail(email) if err != nil { return ErrDb } if u != nil { return ErrApp } // Add the user u = &db.UserDoc{ Name: name, Login: login, Email: email, Password: hpass, } if _, err = a.db.AddUser(u); err != nil { return ErrDb } r.SetInt("XPad", 0) return nil }