Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0
Ce dépôt a été archivé le 2022-05-07. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d'ajout, ni soumettre de changements.
nyaa-pantsu/service/user/cookieHelper.go

150 lignes
4,1 Kio
Go
Brut Vue normale Historique

package userService
import (
"errors"
"github.com/ewhal/nyaa/db"
"github.com/ewhal/nyaa/model"
2017-05-09 19:23:21 +02:00
formStruct "github.com/ewhal/nyaa/service/user/form"
"github.com/ewhal/nyaa/util/log"
2017-05-06 21:37:10 +02:00
"github.com/ewhal/nyaa/util/modelHelper"
2017-05-09 19:23:21 +02:00
"github.com/gorilla/securecookie"
"golang.org/x/crypto/bcrypt"
"net/http"
)
var cookieHandler = securecookie.New(
securecookie.GenerateRandomKey(64),
securecookie.GenerateRandomKey(32))
// TODO: Figure out what this is about before I delete it
// // UserName get username from a cookie.
// func UserName(c *gin.Context) (string, error) {
// var userName string
// request := c.Request
// cookie, err := request.Cookie("session")
// if err != nil {
// return userName, err
// }
// cookieValue := make(map[string]string)
// err = cookieHandler.Decode("session", cookie.Value, &cookieValue)
// if err != nil {
// return userName, err
// }
// userName = cookieValue["name"]
// return userName, nil
// }
2017-05-06 22:27:21 +02:00
func Token(r *http.Request) (string, error) {
var token string
2017-05-06 22:14:02 +02:00
cookie, err := r.Cookie("session")
if err != nil {
return token, err
}
cookieValue := make(map[string]string)
err = cookieHandler.Decode("session", cookie.Value, &cookieValue)
if err != nil {
return token, err
}
token = cookieValue["token"]
if len(token) == 0 {
return token, errors.New("token is empty")
}
return token, nil
}
// SetCookie sets a cookie.
func SetCookie(w http.ResponseWriter, token string) (int, error) {
value := map[string]string{
"token": token,
}
encoded, err := cookieHandler.Encode("session", value)
if err != nil {
return http.StatusInternalServerError, err
}
cookie := &http.Cookie{
Name: "session",
Value: encoded,
Path: "/",
}
http.SetCookie(w, cookie)
return http.StatusOK, nil
}
// ClearCookie clears a cookie.
func ClearCookie(w http.ResponseWriter) (int, error) {
cookie := &http.Cookie{
Name: "session",
Value: "",
Path: "/",
MaxAge: -1,
}
http.SetCookie(w, cookie)
return http.StatusOK, nil
}
// SetCookieHandler sets a cookie with email and password.
func SetCookieHandler(w http.ResponseWriter, email string, pass string) (int, error) {
if email != "" && pass != "" {
var user model.User
isValidEmail, _ := formStruct.EmailValidation(email, formStruct.NewErrors())
if isValidEmail {
log.Debug("User entered valid email.")
if db.ORM.Where("email = ?", email).First(&user).RecordNotFound() {
return http.StatusNotFound, errors.New("user not found")
}
} else {
log.Debug("User entered username.")
if db.ORM.Where("username = ?", email).First(&user).RecordNotFound() {
return http.StatusNotFound, errors.New("user not found")
}
}
err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(pass))
if err != nil {
return http.StatusUnauthorized, errors.New("password incorrect")
}
status, err := SetCookie(w, user.Token)
if err != nil {
return status, err
}
w.Header().Set("X-Auth-Token", user.Token)
return http.StatusOK, nil
}
return http.StatusNotFound, errors.New("user not found")
}
// RegisterHanderFromForm sets cookie from a RegistrationForm.
func RegisterHanderFromForm(w http.ResponseWriter, registrationForm formStruct.RegistrationForm) (int, error) {
username := registrationForm.Username // email isn't set at this point
pass := registrationForm.Password
return SetCookieHandler(w, username, pass)
}
// RegisterHandler sets a cookie when user registered.
func RegisterHandler(w http.ResponseWriter, r *http.Request) (int, error) {
var registrationForm formStruct.RegistrationForm
modelHelper.BindValueForm(&registrationForm, r)
return RegisterHanderFromForm(w, registrationForm)
}
// CurrentUser get a current user.
func CurrentUser(r *http.Request) (model.User, error) {
var user model.User
var token string
var err error
token = r.Header.Get("X-Auth-Token")
if len(token) > 0 {
log.Debug("header token exists")
} else {
2017-05-06 22:14:02 +02:00
token, err = Token(r)
log.Debug("header token does not exist")
if err != nil {
return user, err
}
}
2017-05-08 22:33:40 +02:00
if db.ORM.Where("api_token = ?", token).First(&user).RecordNotFound() {
return user, errors.New("user not found")
}
2017-05-09 19:23:21 +02:00
err = db.ORM.Model(&user).Error
return user, err
}