forked from gaia-pipeline/gaia
/
User.go
152 lines (126 loc) · 4.13 KB
/
User.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
package handlers
import (
"net/http"
"time"
"github.com/labstack/echo"
jwt "github.com/dgrijalva/jwt-go"
"github.com/gaia-pipeline/gaia"
)
// jwtExpiry defines how long the produced jwt tokens
// are valid. By default 12 hours.
const jwtExpiry = (12 * 60 * 60)
type jwtCustomClaims struct {
Username string `json:"username"`
jwt.StandardClaims
}
// UserLogin authenticates the user with
// the given credentials.
func UserLogin(c echo.Context) error {
u := &gaia.User{}
if err := c.Bind(u); err != nil {
gaia.Cfg.Logger.Debug("error reading json during UserLogin", "error", err.Error())
return c.String(http.StatusBadRequest, err.Error())
}
// Authenticate user
user, err := storeService.UserAuth(u, true)
if err != nil || user == nil {
gaia.Cfg.Logger.Error("invalid credentials provided", "message", err.Error())
return c.String(http.StatusForbidden, "invalid username and/or password")
}
// Setup custom claims
claims := jwtCustomClaims{
user.Username,
jwt.StandardClaims{
ExpiresAt: time.Now().Unix() + jwtExpiry,
IssuedAt: time.Now().Unix(),
Subject: "Gaia Session Token",
},
}
// Generate JWT token
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
// Sign and get encoded token
tokenstring, err := token.SignedString(jwtKey)
if err != nil {
gaia.Cfg.Logger.Error("error signing jwt token", "error", err.Error())
return c.String(http.StatusInternalServerError, err.Error())
}
user.JwtExpiry = claims.ExpiresAt
user.Tokenstring = tokenstring
// Return JWT token and display name
return c.JSON(http.StatusOK, user)
}
// UserGetAll returns all users stored in store.
func UserGetAll(c echo.Context) error {
// Get all users
users, err := storeService.UserGetAll()
if err != nil {
return c.String(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, users)
}
type changePasswordRequest struct {
OldPassword string `json:"oldpassword"`
NewPassword string `json:"newpassword"`
NewPasswordConf string `json:"newpasswordconf"`
Username string `json:"username"`
}
// UserChangePassword changes the password from a user.
func UserChangePassword(c echo.Context) error {
// Get required parameters
r := &changePasswordRequest{}
if err := c.Bind(r); err != nil {
return c.String(http.StatusBadRequest, "Invalid parameters given for password change request")
}
// Compare old password with current password of user by simply calling auth method.
// First get user obj
user, err := storeService.UserGet(r.Username)
if err != nil {
return c.String(http.StatusBadRequest, "Cannot find user with the given username")
}
// Simply call auth by changing password
user.Password = r.OldPassword
u, err := storeService.UserAuth(user, false)
if err != nil {
return c.String(http.StatusPreconditionFailed, "Wrong password given for password change")
}
// Compare new password with new password confirmation
if r.NewPassword != r.NewPasswordConf {
return c.String(http.StatusBadRequest, "New password does not match new password confirmation")
}
// Change password
u.Password = r.NewPassword
err = storeService.UserPut(u, true)
if err != nil {
return c.String(http.StatusInternalServerError, "Cannot update user in store")
}
return c.String(http.StatusOK, "Password has been changed")
}
// UserDelete deletes the given user
func UserDelete(c echo.Context) error {
// Get user which we should delete
u := c.Param("username")
if u == "" {
return c.String(http.StatusBadRequest, "Invalid username given")
}
// Delete user
err := storeService.UserDelete(u)
if err != nil {
return c.String(http.StatusNotFound, err.Error())
}
return c.String(http.StatusOK, "User has been deleted")
}
// UserAdd adds a new user to the store.
func UserAdd(c echo.Context) error {
// Get user information required for add
u := &gaia.User{}
if err := c.Bind(u); err != nil {
return c.String(http.StatusBadRequest, "Invalid parameters given for add user request")
}
// Add user
u.LastLogin = time.Now()
err := storeService.UserPut(u, true)
if err != nil {
return c.String(http.StatusInternalServerError, err.Error())
}
return c.String(http.StatusCreated, "User has been added")
}