diff options
author | JoramWilander <jwawilander@gmail.com> | 2015-07-22 12:42:03 -0400 |
---|---|---|
committer | JoramWilander <jwawilander@gmail.com> | 2015-07-22 12:42:03 -0400 |
commit | 44cfa364fd3c328523054d8ee2221d6019ad6de1 (patch) | |
tree | 877ba6f84c8a07d184b51787e5c11d1bd15d35e6 /api | |
parent | 4f0364d87656138d5e262b53373706ff122f3f4c (diff) | |
download | chat-44cfa364fd3c328523054d8ee2221d6019ad6de1.tar.gz chat-44cfa364fd3c328523054d8ee2221d6019ad6de1.tar.bz2 chat-44cfa364fd3c328523054d8ee2221d6019ad6de1.zip |
added error case for login and removed authdata + authservice unique constraint in users table
Diffstat (limited to 'api')
-rw-r--r-- | api/user.go | 32 |
1 files changed, 23 insertions, 9 deletions
diff --git a/api/user.go b/api/user.go index 40bac7bd5..d16ad300a 100644 --- a/api/user.go +++ b/api/user.go @@ -241,38 +241,44 @@ func FireAndForgetVerifyEmail(userId, name, email, teamDisplayName, teamURL stri }() } -func LoginById(c *Context, w http.ResponseWriter, r *http.Request, userId, password, deviceId string) { +func LoginById(c *Context, w http.ResponseWriter, r *http.Request, userId, password, deviceId string) *model.User { if result := <-Srv.Store.User().Get(userId); result.Err != nil { c.Err = result.Err - return + return nil } else { user := result.Data.(*model.User) if checkUserPassword(c, user, password) { Login(c, w, r, user, deviceId) + return user } } + + return nil } -func LoginByEmail(c *Context, w http.ResponseWriter, r *http.Request, email, name, password, deviceId string) { +func LoginByEmail(c *Context, w http.ResponseWriter, r *http.Request, email, name, password, deviceId string) *model.User { var team *model.Team if result := <-Srv.Store.Team().GetByName(name); result.Err != nil { c.Err = result.Err - return + return nil } else { team = result.Data.(*model.Team) } if result := <-Srv.Store.User().GetByEmail(team.Id, email); result.Err != nil { c.Err = result.Err - return + return nil } else { user := result.Data.(*model.User) if checkUserPassword(c, user, password) { Login(c, w, r, user, deviceId) + return user } } + + return nil } func checkUserPassword(c *Context, user *model.User, password string) bool { @@ -356,7 +362,6 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User, } http.SetCookie(w, sessionCookie) - user.Sanitize(map[string]bool{}) c.Session = *session c.LogAuditWithUserId(user.Id, "success") @@ -365,17 +370,26 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User, func login(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) + var user *model.User if len(props["id"]) != 0 { - LoginById(c, w, r, props["id"], props["password"], props["device_id"]) + user = LoginById(c, w, r, props["id"], props["password"], props["device_id"]) } else if len(props["email"]) != 0 && len(props["name"]) != 0 { - LoginByEmail(c, w, r, props["email"], props["name"], props["password"], props["device_id"]) + user = LoginByEmail(c, w, r, props["email"], props["name"], props["password"], props["device_id"]) + } else { + c.Err = model.NewAppError("login", "Either user id or team name and user email must be provided", "") + return } if c.Err != nil { return } - w.Write([]byte("{}")) + if user != nil { + user.Sanitize(map[string]bool{}) + } else { + user = &model.User{} + } + w.Write([]byte(user.ToJson())) } func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) { |