Nathan Coad
dbc2276d68
All checks were successful
continuous-integration/drone/push Build is passing
282 lines
7.0 KiB
Go
282 lines
7.0 KiB
Go
package controllers
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"html"
|
|
"log"
|
|
"net/http"
|
|
"strings"
|
|
|
|
"smt/models"
|
|
"smt/utils/token"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
type RegisterInput struct {
|
|
UserName string `json:"userName" binding:"required"`
|
|
Password string `json:"password" binding:"required"`
|
|
GroupId int `json:"groupId"`
|
|
GroupName string `json:"groupName"`
|
|
//RoleId int `json:"roleid"`
|
|
}
|
|
|
|
type LoginInput struct {
|
|
UserName string `json:"userName" binding:"required"`
|
|
Password string `json:"password" binding:"required"`
|
|
}
|
|
|
|
type DeleteInput struct {
|
|
UserName string `json:"userName" binding:"required"`
|
|
}
|
|
|
|
type AddRoleInput struct {
|
|
RoleName string `json:"roleName" binding:"required"`
|
|
LdapGroup string `json:"ldapGroup"`
|
|
ReadOnly bool `json:"readOnly"`
|
|
Admin bool `json:"admin"`
|
|
}
|
|
|
|
func DeleteUser(c *gin.Context) {
|
|
var input DeleteInput
|
|
|
|
if err := c.ShouldBindJSON(&input); err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
u := models.User{}
|
|
u.UserName = input.UserName
|
|
|
|
//remove spaces in username
|
|
u.UserName = html.EscapeString(strings.TrimSpace(u.UserName))
|
|
|
|
// Confirm user account exists
|
|
testUser, _ := models.UserGetByName(u.UserName)
|
|
log.Printf("DeleteUser confirming user '%s' account exists\n", u.UserName)
|
|
if (models.User{} == testUser) {
|
|
err := errors.New("attempt to delete non-existing username '" + u.UserName + "'")
|
|
log.Printf("Delete User error : '%s'\n", err)
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
} else {
|
|
err := u.DeleteUser()
|
|
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"Error deleting user": err.Error()})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{"message": "user deletion success"})
|
|
}
|
|
}
|
|
|
|
func RegisterUser(c *gin.Context) {
|
|
var input RegisterInput
|
|
|
|
if err := c.ShouldBindJSON(&input); err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
if len(input.UserName) == 0 {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": "no username specified"})
|
|
return
|
|
}
|
|
|
|
if len(input.Password) == 0 {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": "no password specified"})
|
|
return
|
|
}
|
|
|
|
u := models.User{}
|
|
u.UserName = input.UserName
|
|
u.Password = input.Password
|
|
|
|
// Determine which GroupId to save
|
|
// Can be specified either by GroupName or GroupId in the request
|
|
if len(input.GroupName) > 0 {
|
|
g, err := models.GroupGetByName(input.GroupName)
|
|
if err != nil {
|
|
errString := fmt.Sprintf("RegisterUser error looking up group by name : '%s'", err)
|
|
log.Println(errString)
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
|
|
return
|
|
}
|
|
if g == (models.Group{}) {
|
|
errString := fmt.Sprintf("RegisterUser specified group '%s' not found\n", input.GroupName)
|
|
log.Println(errString)
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
|
|
return
|
|
} else {
|
|
u.GroupId = g.GroupId
|
|
}
|
|
} else if input.GroupId > 0 {
|
|
u.GroupId = input.GroupId
|
|
} else {
|
|
|
|
// Default to group Id 2 which is users
|
|
log.Println("RegisterUser no group id or group name specified, defaulting to built-in group 'Users' ")
|
|
u.GroupId = 2
|
|
}
|
|
|
|
/*
|
|
// Default to regular user role if not specified
|
|
if input.RoleId == 0 {
|
|
log.Printf("Register no role specified, defaulting to builtin role UserRole with id 2.\n")
|
|
u.RoleId = 2
|
|
} else {
|
|
u.RoleId = input.RoleId
|
|
}
|
|
*/
|
|
|
|
//remove spaces in username
|
|
u.UserName = html.EscapeString(strings.TrimSpace(u.UserName))
|
|
|
|
// Check if user already exists
|
|
testUser, _ := models.UserGetByName(u.UserName)
|
|
log.Printf("Register checking if user '%s' already exists\n", u.UserName)
|
|
if (models.User{} == testUser) {
|
|
log.Printf("Register confirmed no existing username\n")
|
|
} else {
|
|
err := errors.New("attempt to register conflicting username '" + u.UserName + "'")
|
|
log.Printf("Register error : '%s'\n", err)
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
//turn password into hash
|
|
hashedPassword, err := bcrypt.GenerateFromPassword([]byte(u.Password), bcrypt.DefaultCost)
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"Error hashing password": err.Error()})
|
|
return
|
|
} else {
|
|
//log.Printf("Register generated hashed password value '%s' from '%s'\n", string(hashedPassword), input.Password)
|
|
log.Printf("Register generated hashed password value '%s'\n", string(hashedPassword))
|
|
}
|
|
u.Password = string(hashedPassword)
|
|
|
|
_, err = u.SaveUser()
|
|
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"Error saving user": err.Error()})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{"message": "user registration success"})
|
|
}
|
|
|
|
/*
|
|
func AddRole(c *gin.Context) {
|
|
var input AddRoleInput
|
|
|
|
if err := c.ShouldBindJSON(&input); err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
// define the new role properties
|
|
r := models.Role{}
|
|
r.RoleName = input.RoleName
|
|
r.ReadOnly = input.ReadOnly
|
|
r.Admin = input.Admin
|
|
r.LdapGroup = input.LdapGroup
|
|
|
|
// Check if role already exists
|
|
testRole, _ := models.GetRoleByName(r.RoleName)
|
|
log.Printf("AddRole checking if role '%s' already exists\n", r.RoleName)
|
|
|
|
if (models.Role{} == testRole) {
|
|
log.Printf("AddRole confirmed no existing rolename\n")
|
|
} else {
|
|
errorString := fmt.Sprintf("attempt to register conflicting rolename '%s'", r.RoleName)
|
|
log.Printf("Register error : '%s'\n", errorString)
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": errorString})
|
|
return
|
|
}
|
|
|
|
_, err := r.AddRole()
|
|
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"Error creating role": err.Error()})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{"message": "role creation success"})
|
|
}
|
|
*/
|
|
func Login(c *gin.Context) {
|
|
|
|
var input LoginInput
|
|
|
|
if err := c.ShouldBindJSON(&input); err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
u := models.User{}
|
|
|
|
u.UserName = input.UserName
|
|
u.Password = input.Password
|
|
|
|
log.Printf("Login checking username '%s' and password length '%d'\n", u.UserName, len(u.Password))
|
|
|
|
token, err := models.LoginCheck(u.UserName, u.Password)
|
|
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": "username or password is incorrect."})
|
|
return
|
|
} else {
|
|
log.Printf("Login verified, returning token '%s'\n", token)
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{"access_token": token})
|
|
|
|
}
|
|
|
|
func CurrentUser(c *gin.Context) {
|
|
|
|
user_id, err := token.ExtractTokenID(c)
|
|
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
u, err := models.UserGetByID(user_id)
|
|
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{"message": "success", "data": u})
|
|
}
|
|
|
|
/*
|
|
func GetRoles(c *gin.Context) {
|
|
roles, err := models.QueryRoles()
|
|
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{"message": "success", "data": roles})
|
|
}
|
|
*/
|
|
|
|
func GetUsers(c *gin.Context) {
|
|
users, err := models.UserList()
|
|
|
|
if err != nil {
|
|
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
|
return
|
|
}
|
|
|
|
c.JSON(http.StatusOK, gin.H{"message": "success", "data": users})
|
|
|
|
}
|