This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
package cookies
2017-07-01 23:09:35 +02:00
import (
2017-07-02 18:00:12 +02:00
"errors"
2017-07-01 23:09:35 +02:00
"fmt"
2017-07-02 18:00:12 +02:00
"net/http"
2017-07-01 23:09:35 +02:00
"strconv"
"time"
2017-07-02 18:00:12 +02:00
"github.com/NyaaPantsu/nyaa/config"
2017-07-01 23:09:35 +02:00
"github.com/NyaaPantsu/nyaa/models"
"github.com/NyaaPantsu/nyaa/models/users"
2017-07-28 05:46:40 +02:00
"github.com/NyaaPantsu/nyaa/utils/log"
2017-07-02 18:00:12 +02:00
"github.com/NyaaPantsu/nyaa/utils/timeHelper"
"github.com/NyaaPantsu/nyaa/utils/validator/user"
"github.com/gin-gonic/gin"
"github.com/gorilla/securecookie"
2017-07-01 23:09:35 +02:00
)
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
const (
// CookieName : Name of cookie
CookieName = "session"
// UserContextKey : key for user context
UserContextKey = "nyaapantsu.user"
)
2017-07-02 18:00:12 +02:00
2017-07-02 23:53:23 +02:00
// NewCurrentUserRetriever create CurrentUserRetriever Struct for languages
func NewCurrentUserRetriever ( ) * CurrentUserRetriever {
return & CurrentUserRetriever { }
}
// CurrentUserRetriever struct for languages
type CurrentUserRetriever struct { }
// RetrieveCurrentUser retrieve current user for languages
2017-07-03 00:59:59 +02:00
func ( * CurrentUserRetriever ) RetrieveCurrentUser ( c * gin . Context ) ( * models . User , error ) {
2017-07-02 23:53:23 +02:00
user , _ , err := CurrentUser ( c )
2017-07-03 01:22:54 +02:00
if user == nil {
return & models . User { } , err
}
2017-07-03 00:59:59 +02:00
return user , err
2017-07-02 23:53:23 +02:00
}
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
// CreateUserAuthentication creates user authentication.
2017-07-02 18:00:12 +02:00
func CreateUserAuthentication ( c * gin . Context , form * userValidator . LoginForm ) ( * models . User , int , error ) {
2017-07-01 23:09:35 +02:00
username := form . Username
pass := form . Password
user , status , err := users . Exists ( username , pass )
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
if err != nil {
2017-07-02 18:00:12 +02:00
return user , status , err
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
}
2017-07-02 23:53:23 +02:00
status , err = SetLogin ( c , user )
2017-07-02 18:00:12 +02:00
return user , status , err
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
}
// If you want to keep login cookies between restarts you need to make these permanent
var cookieHandler = securecookie . New (
2017-07-10 14:11:05 +02:00
getOrGenerateKey ( config . Get ( ) . Cookies . HashKey , 64 ) ,
getOrGenerateKey ( config . Get ( ) . Cookies . EncryptionKey , 32 ) )
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
func getOrGenerateKey ( key string , requiredLen int ) [ ] byte {
data := [ ] byte ( key )
if len ( data ) == 0 {
2017-07-28 05:46:40 +02:00
log . Infof ( "No cookie key '%s' is set in config files. The users won't be kept logged in during restart and accross websites." , key )
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
data = securecookie . GenerateRandomKey ( requiredLen )
} else if len ( data ) != requiredLen {
panic ( fmt . Sprintf ( "failed to load cookie key. required key length is %d bytes and the provided key length is %d bytes." , requiredLen , len ( data ) ) )
}
return data
}
// Decode : Encoding & Decoding of the cookie value
func Decode ( cookieValue string ) ( uint , error ) {
value := make ( map [ string ] string )
err := cookieHandler . Decode ( CookieName , cookieValue , & value )
if err != nil {
return 0 , err
}
timeInt , _ := strconv . ParseInt ( value [ "t" ] , 10 , 0 )
if timeHelper . IsExpired ( time . Unix ( timeInt , 0 ) ) {
return 0 , errors . New ( "Cookie is expired" )
}
ret , err := strconv . ParseUint ( value [ "u" ] , 10 , 0 )
return uint ( ret ) , err
}
// Encode : Encoding of the cookie value
func Encode ( userID uint , validUntil time . Time ) ( string , error ) {
value := map [ string ] string {
"u" : strconv . FormatUint ( uint64 ( userID ) , 10 ) ,
"t" : strconv . FormatInt ( validUntil . Unix ( ) , 10 ) ,
}
return cookieHandler . Encode ( CookieName , value )
}
// Clear : Erase cookie session
func Clear ( c * gin . Context ) {
c . SetCookie ( CookieName , "" , - 1 , "/" , getDomainName ( ) , false , true )
}
// SetLogin sets the authentication cookie
2017-07-02 23:53:23 +02:00
func SetLogin ( c * gin . Context , user * models . User ) ( int , error ) {
2017-08-26 04:57:02 +02:00
maxAge := getMaxAge ( false )
if c . PostForm ( "remember_me" ) == "remember" {
maxAge = getMaxAge ( true )
}
This is a prelimenary work
Showing how we can remove services, preventing cyclic imports and lessing the number of imports.
Now db is in models. Db and models are highly tightened, according to go standards, you should put them in the same package.
In models, there are folders separating the different methods used to modify the models. For example, if you want to create a user, you have to use /models (for the user struct) and /models/user (for creating a user.
However, if you want to delete a torrent, you just have to import /models and do torrent.Delete(definitely bool).
By the way packages in models are the plural name of a model. For example, you have torrent.go for a torrent model and its package torrents for db stuff related functions (Find, Create, Some helpers)
2017-06-29 00:44:07 +02:00
validUntil := timeHelper . FewDurationLater ( time . Duration ( maxAge ) * time . Second )
encoded , err := Encode ( user . ID , validUntil )
if err != nil {
return http . StatusInternalServerError , err
}
c . SetCookie ( CookieName , encoded , maxAge , "/" , getDomainName ( ) , false , true )
// also set response header for convenience
c . Header ( "X-Auth-Token" , encoded )
return http . StatusOK , nil
}
2017-07-02 23:53:23 +02:00
// CurrentUser retrieves a current user.
2017-07-03 02:03:57 +02:00
func CurrentUser ( c * gin . Context ) ( * models . User , int , error ) {
2017-07-02 23:53:23 +02:00
encoded := c . Request . Header . Get ( "X-Auth-Token" )
2017-07-03 02:03:57 +02:00
var user = & models . User { }
2017-07-02 23:53:23 +02:00
if len ( encoded ) == 0 {
// check cookie instead
2017-07-03 02:03:57 +02:00
cookie , err := c . Cookie ( CookieName )
if err != nil {
return user , http . StatusInternalServerError , err
2017-07-02 23:53:23 +02:00
}
encoded = cookie
}
userID , err := Decode ( encoded )
if err != nil {
2017-07-03 02:03:57 +02:00
return user , http . StatusInternalServerError , err
2017-07-02 23:53:23 +02:00
}
userFromContext := getUserFromContext ( c )
if userFromContext . ID > 0 && userID == userFromContext . ID {
2017-07-03 02:03:57 +02:00
user = userFromContext
2017-07-02 23:53:23 +02:00
} else {
2017-07-03 02:03:57 +02:00
user , _ , _ = users . SessionByID ( userID )
setUserToContext ( c , user )
2017-07-02 23:53:23 +02:00
}
if user . IsBanned ( ) {
// recheck as user might've been banned in the meantime
2017-07-03 02:03:57 +02:00
return user , http . StatusUnauthorized , errors . New ( "account_banned" )
2017-07-02 23:53:23 +02:00
}
if err != nil {
2017-07-03 02:03:57 +02:00
return user , http . StatusInternalServerError , err
2017-07-02 23:53:23 +02:00
}
2017-07-03 02:03:57 +02:00
return user , http . StatusOK , nil
2017-07-02 23:53:23 +02:00
}
2017-07-03 02:03:57 +02:00
func getUserFromContext ( c * gin . Context ) * models . User {
2017-08-02 22:15:59 +02:00
if rv , ok := c . Get ( UserContextKey ) ; ok {
2017-07-03 02:03:57 +02:00
return rv . ( * models . User )
2017-07-02 23:53:23 +02:00
}
2017-07-03 02:03:57 +02:00
return & models . User { }
2017-07-02 23:53:23 +02:00
}
2017-07-03 02:03:57 +02:00
func setUserToContext ( c * gin . Context , val * models . User ) {
2017-08-02 22:15:59 +02:00
c . Set ( UserContextKey , val )
2017-07-02 23:53:23 +02:00
}
2017-07-23 07:46:29 +02:00
// RetrieveUserFromRequest retrieves a user.
2017-07-02 23:53:23 +02:00
func RetrieveUserFromRequest ( c * gin . Context , id uint ) ( * models . User , bool , uint , int , error ) {
var user models . User
var currentUserID uint
var isAuthor bool
if models . ORM . First ( & user , id ) . RecordNotFound ( ) {
return nil , isAuthor , currentUserID , http . StatusNotFound , errors . New ( "user_not_found" )
}
currentUser , _ , err := CurrentUser ( c )
if err == nil {
currentUserID = currentUser . ID
isAuthor = currentUser . ID == user . ID
}
return & user , isAuthor , currentUserID , http . StatusOK , nil
}