2019-05-18 18:06:10 -04:00
|
|
|
package handlers
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
2019-08-03 15:01:17 -08:00
|
|
|
"fmt"
|
2019-08-02 15:03:32 -08:00
|
|
|
"geeks-accelerator/oss/saas-starter-kit/internal/platform/notify"
|
|
|
|
|
project_routes "geeks-accelerator/oss/saas-starter-kit/internal/project-routes"
|
2019-05-18 18:06:10 -04:00
|
|
|
"net/http"
|
2019-07-31 18:34:27 -08:00
|
|
|
"time"
|
2019-05-18 18:06:10 -04:00
|
|
|
|
2019-07-31 18:34:27 -08:00
|
|
|
"geeks-accelerator/oss/saas-starter-kit/internal/account"
|
|
|
|
|
"geeks-accelerator/oss/saas-starter-kit/internal/platform/auth"
|
2019-07-13 12:16:28 -08:00
|
|
|
"geeks-accelerator/oss/saas-starter-kit/internal/platform/web"
|
2019-07-31 18:34:27 -08:00
|
|
|
"geeks-accelerator/oss/saas-starter-kit/internal/platform/web/webcontext"
|
|
|
|
|
"geeks-accelerator/oss/saas-starter-kit/internal/platform/web/weberror"
|
|
|
|
|
"geeks-accelerator/oss/saas-starter-kit/internal/user"
|
|
|
|
|
"github.com/gorilla/schema"
|
|
|
|
|
"github.com/gorilla/sessions"
|
2019-05-23 14:32:24 -05:00
|
|
|
"github.com/jmoiron/sqlx"
|
2019-07-31 18:34:27 -08:00
|
|
|
"github.com/pborman/uuid"
|
|
|
|
|
"github.com/pkg/errors"
|
2019-05-18 18:06:10 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// User represents the User API method handler set.
|
|
|
|
|
type User struct {
|
2019-07-31 13:47:30 -08:00
|
|
|
MasterDB *sqlx.DB
|
|
|
|
|
Renderer web.Renderer
|
|
|
|
|
Authenticator *auth.Authenticator
|
2019-08-02 15:03:32 -08:00
|
|
|
ProjectRoutes project_routes.ProjectRoutes
|
|
|
|
|
NotifyEmail notify.Email
|
|
|
|
|
SecretKey string
|
2019-05-18 18:06:10 -04:00
|
|
|
}
|
|
|
|
|
|
2019-07-31 18:34:27 -08:00
|
|
|
type UserLoginRequest struct {
|
|
|
|
|
user.AuthenticateRequest
|
|
|
|
|
RememberMe bool
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-18 18:06:10 -04:00
|
|
|
// List returns all the existing users in the system.
|
2019-07-31 18:34:27 -08:00
|
|
|
func (h *User) Login(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
|
|
|
|
|
|
|
|
|
|
ctxValues, err := webcontext.ContextValues(ctx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
req := new(UserLoginRequest)
|
|
|
|
|
data := make(map[string]interface{})
|
|
|
|
|
f := func() error {
|
|
|
|
|
|
|
|
|
|
if r.Method == http.MethodPost {
|
|
|
|
|
err := r.ParseForm()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
decoder := schema.NewDecoder()
|
|
|
|
|
if err := decoder.Decode(req, r.PostForm); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := webcontext.Validator().Struct(req); err != nil {
|
|
|
|
|
if ne, ok := weberror.NewValidationError(ctx, err); ok {
|
|
|
|
|
data["validationErrors"] = ne.(*weberror.Error)
|
|
|
|
|
return nil
|
|
|
|
|
} else {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sessionTTL := time.Hour
|
|
|
|
|
if req.RememberMe {
|
|
|
|
|
sessionTTL = time.Hour * 36
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Authenticated the user.
|
|
|
|
|
token, err := user.Authenticate(ctx, h.MasterDB, h.Authenticator, req.Email, req.Password, sessionTTL, ctxValues.Now)
|
|
|
|
|
if err != nil {
|
|
|
|
|
switch errors.Cause(err) {
|
2019-08-03 16:35:57 -08:00
|
|
|
case user.ErrForbidden:
|
2019-07-31 18:34:27 -08:00
|
|
|
return web.RespondError(ctx, w, weberror.NewError(ctx, err, http.StatusForbidden))
|
|
|
|
|
default:
|
|
|
|
|
if verr, ok := weberror.NewValidationError(ctx, err); ok {
|
|
|
|
|
data["validationErrors"] = verr.(*weberror.Error)
|
|
|
|
|
return nil
|
|
|
|
|
} else {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Add the token to the users session.
|
2019-08-03 16:35:57 -08:00
|
|
|
err = handleSessionToken(ctx, h.MasterDB, w, r, token)
|
2019-07-31 18:34:27 -08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Redirect the user to the dashboard.
|
|
|
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := f(); err != nil {
|
|
|
|
|
return web.RenderError(ctx, w, r, err, h.Renderer, tmplLayoutBase, tmplContentErrorGeneric, web.MIMETextHTMLCharsetUTF8)
|
|
|
|
|
}
|
2019-05-18 18:06:10 -04:00
|
|
|
|
2019-07-31 18:34:27 -08:00
|
|
|
data["form"] = req
|
|
|
|
|
|
|
|
|
|
if verr, ok := weberror.NewValidationError(ctx, webcontext.Validator().Struct(UserLoginRequest{})); ok {
|
|
|
|
|
data["validationDefaults"] = verr.(*weberror.Error)
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-01 16:17:47 -08:00
|
|
|
return h.Renderer.Render(ctx, w, r, tmplLayoutBase, "user-login.gohtml", web.MIMETextHTMLCharsetUTF8, http.StatusOK, data)
|
2019-07-31 13:47:30 -08:00
|
|
|
}
|
|
|
|
|
|
2019-07-31 18:34:27 -08:00
|
|
|
// handleSessionToken persists the access token to the session for request authentication.
|
2019-08-03 16:35:57 -08:00
|
|
|
func handleSessionToken(ctx context.Context, db *sqlx.DB, w http.ResponseWriter, r *http.Request, token user.Token) error {
|
2019-07-31 18:34:27 -08:00
|
|
|
if token.AccessToken == "" {
|
|
|
|
|
return errors.New("accessToken is required.")
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-03 16:35:57 -08:00
|
|
|
usr, err := user.Read(ctx, auth.Claims{}, db, token.UserID, false )
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
acc, err := account.Read(ctx, auth.Claims{},db, token.AccountID, false )
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-31 18:34:27 -08:00
|
|
|
sess := webcontext.ContextSession(ctx)
|
|
|
|
|
|
|
|
|
|
if sess.IsNew {
|
|
|
|
|
sess.ID = uuid.NewRandom().String()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sess.Options = &sessions.Options{
|
|
|
|
|
Path: "/",
|
|
|
|
|
MaxAge: int(token.TTL.Seconds()),
|
|
|
|
|
HttpOnly: false,
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-03 16:35:57 -08:00
|
|
|
sess = webcontext.SessionInit(sess, token.AccessToken, usr.Response(ctx), acc.Response(ctx))
|
2019-07-31 18:34:27 -08:00
|
|
|
|
|
|
|
|
if err := sess.Save(r, w); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Logout handles removing authentication for the user.
|
|
|
|
|
func (h *User) Logout(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
|
|
|
|
|
|
|
|
|
|
sess := webcontext.ContextSession(ctx)
|
|
|
|
|
|
|
|
|
|
// Set the access token to empty to logout the user.
|
2019-08-03 16:35:57 -08:00
|
|
|
sess = webcontext.SessionDestroy(sess)
|
2019-07-31 18:34:27 -08:00
|
|
|
|
|
|
|
|
if err := sess.Save(r, w); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Redirect the user to the root page.
|
|
|
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
2019-07-31 13:47:30 -08:00
|
|
|
|
2019-07-31 18:34:27 -08:00
|
|
|
return nil
|
2019-07-31 13:47:30 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// List returns all the existing users in the system.
|
2019-08-02 15:03:32 -08:00
|
|
|
func (h *User) ResetPassword(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
|
2019-07-31 13:47:30 -08:00
|
|
|
|
2019-08-02 15:03:32 -08:00
|
|
|
ctxValues, err := webcontext.ContextValues(ctx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
req := new(user.UserResetPasswordRequest)
|
|
|
|
|
data := make(map[string]interface{})
|
|
|
|
|
f := func() error {
|
|
|
|
|
|
|
|
|
|
if r.Method == http.MethodPost {
|
|
|
|
|
err := r.ParseForm()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
decoder := schema.NewDecoder()
|
|
|
|
|
if err := decoder.Decode(req, r.PostForm); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := webcontext.Validator().Struct(req); err != nil {
|
|
|
|
|
if ne, ok := weberror.NewValidationError(ctx, err); ok {
|
|
|
|
|
data["validationErrors"] = ne.(*weberror.Error)
|
|
|
|
|
return nil
|
|
|
|
|
} else {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_, err = user.ResetPassword(ctx, h.MasterDB, h.ProjectRoutes.UserResetPassword, h.NotifyEmail, *req, h.SecretKey, ctxValues.Now)
|
|
|
|
|
if err != nil {
|
|
|
|
|
switch errors.Cause(err) {
|
|
|
|
|
default:
|
|
|
|
|
if verr, ok := weberror.NewValidationError(ctx, err); ok {
|
|
|
|
|
data["validationErrors"] = verr.(*weberror.Error)
|
|
|
|
|
return nil
|
|
|
|
|
} else {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-03 15:01:17 -08:00
|
|
|
// Display a success message to the user to check their email.
|
|
|
|
|
webcontext.SessionFlashSuccess(ctx,
|
|
|
|
|
"Check your email",
|
|
|
|
|
fmt.Sprintf("An email was sent to '%s'. Click on the link in the email to finish resetting your password.", req.Email))
|
|
|
|
|
|
2019-08-02 15:03:32 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := f(); err != nil {
|
|
|
|
|
return web.RenderError(ctx, w, r, err, h.Renderer, tmplLayoutBase, tmplContentErrorGeneric, web.MIMETextHTMLCharsetUTF8)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
data["form"] = req
|
|
|
|
|
|
|
|
|
|
if verr, ok := weberror.NewValidationError(ctx, webcontext.Validator().Struct(user.UserResetPasswordRequest{})); ok {
|
|
|
|
|
data["validationDefaults"] = verr.(*weberror.Error)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return h.Renderer.Render(ctx, w, r, tmplLayoutBase, "user-reset-password.gohtml", web.MIMETextHTMLCharsetUTF8, http.StatusOK, data)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// List returns all the existing users in the system.
|
|
|
|
|
func (h *User) ResetConfirm(ctx context.Context, w http.ResponseWriter, r *http.Request, params map[string]string) error {
|
|
|
|
|
|
|
|
|
|
ctxValues, err := webcontext.ContextValues(ctx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
req := new(user.UserResetConfirmRequest)
|
|
|
|
|
data := make(map[string]interface{})
|
|
|
|
|
f := func() error {
|
|
|
|
|
|
|
|
|
|
if r.Method == http.MethodPost {
|
|
|
|
|
err := r.ParseForm()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
decoder := schema.NewDecoder()
|
|
|
|
|
if err := decoder.Decode(req, r.PostForm); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := webcontext.Validator().Struct(req); err != nil {
|
|
|
|
|
if ne, ok := weberror.NewValidationError(ctx, err); ok {
|
|
|
|
|
data["validationErrors"] = ne.(*weberror.Error)
|
|
|
|
|
return nil
|
|
|
|
|
} else {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
u, err := user.ResetConfirm(ctx, h.MasterDB, *req, h.SecretKey, ctxValues.Now)
|
|
|
|
|
if err != nil {
|
|
|
|
|
switch errors.Cause(err) {
|
|
|
|
|
default:
|
|
|
|
|
if verr, ok := weberror.NewValidationError(ctx, err); ok {
|
|
|
|
|
data["validationErrors"] = verr.(*weberror.Error)
|
|
|
|
|
return nil
|
|
|
|
|
} else {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Authenticated the user. Probably should use the default session TTL from UserLogin.
|
|
|
|
|
token, err := user.Authenticate(ctx, h.MasterDB, h.Authenticator, u.Email, req.Password, time.Hour, ctxValues.Now)
|
|
|
|
|
if err != nil {
|
|
|
|
|
switch errors.Cause(err) {
|
|
|
|
|
case account.ErrForbidden:
|
|
|
|
|
return web.RespondError(ctx, w, weberror.NewError(ctx, err, http.StatusForbidden))
|
|
|
|
|
default:
|
|
|
|
|
if verr, ok := weberror.NewValidationError(ctx, err); ok {
|
|
|
|
|
data["validationErrors"] = verr.(*weberror.Error)
|
|
|
|
|
return nil
|
|
|
|
|
} else {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Add the token to the users session.
|
2019-08-03 16:35:57 -08:00
|
|
|
err = handleSessionToken(ctx, h.MasterDB, w, r, token)
|
2019-08-02 15:03:32 -08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Redirect the user to the dashboard.
|
|
|
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
|
|
|
} else {
|
|
|
|
|
req.ResetHash = params["hash"]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := f(); err != nil {
|
|
|
|
|
return web.RenderError(ctx, w, r, err, h.Renderer, tmplLayoutBase, tmplContentErrorGeneric, web.MIMETextHTMLCharsetUTF8)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
data["form"] = req
|
|
|
|
|
|
|
|
|
|
if verr, ok := weberror.NewValidationError(ctx, webcontext.Validator().Struct(user.UserResetConfirmRequest{})); ok {
|
|
|
|
|
data["validationDefaults"] = verr.(*weberror.Error)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return h.Renderer.Render(ctx, w, r, tmplLayoutBase, "user-reset-confirm.gohtml", web.MIMETextHTMLCharsetUTF8, http.StatusOK, data)
|
2019-05-18 18:06:10 -04:00
|
|
|
}
|
