示例#1
0
文件: login.go 项目: petar/ShelfLife
// RPC/SignInLogin logs in a user, specified by their login (aka username)
// Args:
//   "L" string
//   "P" string = HMAC-hashed password
// Err:
//   ErrApp:  If the sign-in information is incorrect
//   non-nil: If a technical problem occured
//
func (a *API) SignInLogin(args *rpc.Args, r *rpc.Ret) (err os.Error) {

	// Validate and sanitize arguments
	login, _ := args.QueryString("L")
	if login, err = SanitizeLogin(login); err != nil {
		return ErrApp
	}
	hpass, _ := args.QueryString("P")

	// Fetch user for this login
	u, _, err := a.db.FindUserByLogin(login)
	if err != nil {
		return ErrDb
	}
	if u == nil {
		return ErrApp
	}

	// Verify credentials
	if !VerifyPassword(hpass, u.Password) {
		return ErrSec
	}

	r.AddSetCookie(a.newUserAuthCookie(u))
	r.AddSetCookie(a.newUserNameCookie(u))
	r.AddSetCookie(a.newUserNymCookie(u))

	r.SetInt("XPad", 0)
	return nil
}
示例#2
0
文件: msg.go 项目: petar/ShelfLife
func (a *API) FindMsgAttachedTo(args *rpc.Args, r *rpc.Ret) (err os.Error) {
	attachTo, err := args.QueryString("AttachTo")
	if err != nil || attachTo == "" {
		return ErrArg
	}
	joins, err := a.db.FindMsgAttachedTo(attachTo)
	if err != nil {
		return err
	}
	q := make([]msgJoinJSON, len(joins))
	for i, join := range joins {
		author, err := a.whoIsID(join.Author)
		if err != nil {
			log.Printf("Unresolved author ID: %s", join.Author)
			q[i].AuthorNym = "anonymous"
		} else {
			q[i].AuthorNym = author.Login
		}
		q[i].ID = WebStringOfObjectID(join.ID)
		q[i].Body = join.Doc.Body
		q[i].AuthorID = WebStringOfObjectID(join.Author)
		q[i].AttachTo = WebStringOfObjectID(join.AttachTo)
		q[i].ReplyTo = WebStringOfObjectID(join.ReplyTo)
		modtm := time.NanosecondsToLocalTime(int64(join.Modified)).Format(msgFormat)
		q[i].Modified = modtm
	}
	r.SetInterface("Results", q)
	return nil
}
示例#3
0
文件: follow.go 项目: petar/ShelfLife
func (a *API) UnsetFollow(args *rpc.Args, r *rpc.Ret) (err os.Error) {
	_, uid, err := a.whoAmI(args)
	if err != nil {
		return err
	}
	what, _ := args.QueryString("What")
	r.SetInt("XPad", 0)
	return a.db.UnsetFollow(uid, what)
}
示例#4
0
文件: like.go 项目: petar/ShelfLife
func (a *API) Unlike(args *rpc.Args, r *rpc.Ret) (err os.Error) {
	fid, _ := args.QueryString("FID")
	_, uid, err := a.whoAmI(args)
	if err != nil {
		return err
	}
	r.SetInt("XPad", 0)
	return a.db.Unlike(uid, fid)
}
示例#5
0
文件: msg.go 项目: petar/ShelfLife
// RemoveMsg deletes a message
func (a *API) RemoveMsg(args *rpc.Args, r *rpc.Ret) (err os.Error) {
	_, editorID, err := a.whoAmI(args)
	if err != nil {
		return err
	}
	msg, err := args.QueryString("Msg")
	if err != nil {
		return err
	}
	r.SetInt("XPad", 0)
	return a.db.RemoveMsg(editorID, ObjectIDOfWebString(msg))
}
示例#6
0
文件: login.go 项目: petar/ShelfLife
// IsLoginAvailable checks if this login (i.e. username) is already taken
func (a *API) IsLoginAvailable(args *rpc.Args, r *rpc.Ret) os.Error {
	login, err := args.QueryString("L")
	if err != nil {
		return err
	}
	if login, err = SanitizeLogin(login); err != nil {
		return rpc.ErrArg
	}
	u, _, err := a.db.FindUserByLogin(login)
	if err != nil {
		return ErrDb
	}
	r.SetBool("Available", u == nil)
	return nil
}
示例#7
0
文件: msg.go 项目: petar/ShelfLife
// EditMsg changes the body of an existing message
func (a *API) EditMsg(args *rpc.Args, r *rpc.Ret) (err os.Error) {
	_, editorID, err := a.whoAmI(args)
	if err != nil {
		return err
	}
	msg, err := args.QueryString("Msg")
	if err != nil {
		return err
	}
	body, err := args.QueryString("Body")
	if err != nil || body == "" {
		return ErrArg
	}
	r.SetInt("XPad", 0)
	return a.db.EditMsg(editorID, ObjectIDOfWebString(msg), body)
}
示例#8
0
文件: like.go 项目: petar/ShelfLife
func (a *API) LikeInfo(args *rpc.Args, r *rpc.Ret) (err os.Error) {
	fid, _ := args.QueryString("FID")
	_, uid, err := a.whoAmI(args)
	if err != nil {
		return err
	}
	likes, err := a.db.Likes(uid, fid)
	if err != nil {
		likes = false
	}
	n, err := a.db.LikeCount(fid)
	if err != nil {
		return err
	}
	r.SetBool("Likes", likes)
	r.SetInt("Count", n)
	return nil
}
示例#9
0
文件: msg.go 项目: petar/ShelfLife
// AddMsg adds a new message to the database. The author is the currently
// logged in user. The message is attached to the object given by the string
// argument "AttachTo". Optionally, the message is in response to another message
// with message ID "ReplyTo". AddMsg returns the message ID of the newly added
// message, in the return field "ID".
func (a *API) AddMsg(args *rpc.Args, r *rpc.Ret) (err os.Error) {
	authorDoc, authorID, err := a.whoAmI(args)
	if err != nil {
		return err
	}
	attachTo, err := args.QueryString("AttachTo")
	if err != nil || attachTo == "" {
		return ErrArg
	}
	replyTo, _ := args.QueryString("ReplyTo")
	body, err := args.QueryString("Body")
	if err != nil || body == "" {
		return ErrArg
	}
	msgID, err := a.db.AddMsg(authorID, attachTo, ObjectIDOfWebString(replyTo), body)
	if err != nil {
		return err
	}
	j := msgJoinJSON{
		ID:        WebStringOfObjectID(msgID),
		Body:      body,
		AuthorID:  WebStringOfObjectID(authorID),
		AuthorNym: authorDoc.Login,
		AttachTo:  attachTo,
		ReplyTo:   replyTo,
		Modified:  time.NanosecondsToLocalTime(int64(bson.Now())).Format(msgFormat),
	}
	r.SetInterface("Msg", j)
	return nil
}
示例#10
0
文件: follow.go 项目: petar/ShelfLife
// FollowInfo returns true if the logged user follows the given object
func (a *API) FollowInfo(args *rpc.Args, r *rpc.Ret) (err os.Error) {

	_, uid, err := a.whoAmI(args)
	if err != nil {
		return err
	}
	what, _ := args.QueryString("What")

	follows, err := a.db.IsFollow(uid, what)
	if err != nil {
		follows = false
	}

	n, err := a.db.FollowerCount(what)
	if err != nil {
		return err
	}

	r.SetBool("Follows", follows)
	r.SetInt("Count", n)

	return nil
}
示例#11
0
文件: login.go 项目: petar/ShelfLife
// SignUp registers a new user
func (a *API) SignUp(args *rpc.Args, r *rpc.Ret) (err os.Error) {

	// Validate and sanitize arguments
	name, _ := args.QueryString("N")
	if name, err = SanitizeName(name); err != nil {
		return ErrApp
	}
	email, _ := args.QueryString("E")
	if email, err = SanitizeEmail(email); err != nil {
		return ErrApp
	}
	login, _ := args.QueryString("L")
	if login, err = SanitizeLogin(login); err != nil {
		return ErrApp
	}
	hpass, _ := args.QueryString("P")

	// Check that a user like this doesn't already exist
	u, _, err := a.db.FindUserByLogin(login)
	if err != nil {
		return ErrDb
	}
	if u != nil {
		return ErrApp
	}
	u, err = a.db.FindUserByEmail(email)
	if err != nil {
		return ErrDb
	}
	if u != nil {
		return ErrApp
	}

	// Add the user
	u = &db.UserDoc{
		Name:     name,
		Login:    login,
		Email:    email,
		Password: hpass,
	}
	if _, err = a.db.AddUser(u); err != nil {
		return ErrDb
	}

	r.SetInt("XPad", 0)
	return nil
}