Moving Services to seperate namespaces again, auth endpoint working

2018-11-08 08:36:08 +01:00 · 2018-11-08 08:36:08 +01:00 · 11eed92c15
parent 2adb24d8ce
commit 11eed92c15
12 changed files with 300 additions and 48 deletions
--- a/Readme.md
+++ b/Readme.md
@ -15,3 +15,7 @@ To regenerate docs simply run `bee generate docs`
 - company controller, create databases and so on
 - Update not found to json
 - load db connections from config
+
+## Notes:
+
+- Fixes have been placed into the beego orm for setting the timezone when using NewOrmWithDB()
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -1,9 +1,13 @@
 package controllers

 import (
-	auth "multitenantStack/services"
+	"multitenantStack/models"
+	companydb "multitenantStack/services/companydbservice"
+
+	jwtservice "multitenantStack/services/jwtservice"
 	"time"

+	"github.com/astaxie/beego/orm"
 	jwt "github.com/dgrijalva/jwt-go"
 )

@ -41,23 +45,79 @@ func (c *AuthController) Login() {
 		return
 	}

-	//TODO: did the user send us a token? then just validate and tell him he is logged in
+	tokenHeader := c.Ctx.Request.Header.Get("X-JWTtoken")
+	if tokenHeader != "" {
+		valid, _ := jwtservice.Validate(tokenHeader)
+		if valid {
+			c.ServeJSONError("You are already logged in")
+			return
+		}
+	}

 	email := c.GetString("email")
 	password := c.GetString("password")

-	//TODO: check against main database, get company id and verify password
-	companyName := "company_1"
-	companyUserID := 5
+	if email == "" || password == "" {
+		c.ServeJSONError("Email/Password missing")
+		return
+	}
+	/*
+		systemdb := companydb.GetSystemDatabase()
+
+		if systemdb == nil {
+			c.ServeJSONError("Error retrieving User")
+			return
+		}
+		o, err := orm.NewOrmWithDB("postgres", "default", systemdb)
+		if err != nil {
+			c.ServeJSONError("Error retrieving User")
+			return
+		}
+	*/
+	o := orm.NewOrm()
+	o.Using("system") //TODO: Replace this with something cleverer (manager) once implemented
+
+	userCompanyMapping, err := models.GetUserCompanyMapByEmail(o, email)
+	if err != nil {
+		c.ServeJSONError("Error retrieving User")
+		return
+	}
+
+	if password != userCompanyMapping.PasswordHash { // TODO: Hash me
+		c.ServeJSONError("Email/Password incorrect")
+		return
+	}
+
+	companyName := userCompanyMapping.Company
+	companyUserID := userCompanyMapping.CompanyUserID
+
+	db, err := companydb.GetDatabaseWithName(companyName)
+	if err != nil {
+		c.ServeJSONError("Error retrieving Company")
+		return
+	}
+
+	o, err = orm.NewOrmWithDB("postgres", "default", db)
+	if err != nil {
+		c.ServeJSONError("Error retrieving CompanyData")
+		return
+	}
+
+	companyUser, err := models.GetCompanyUserById(o, int(companyUserID))
+	if err != nil {
+		c.ServeJSONError("Error retrieving Company User")
+		return
+	}
+
 	//TODO: if found query the company database to get roleID, and name

-	name := "Lukas"
-	roleID := 5
+	name := companyUser.Name
+	roleID := companyUser.Role

 	tokenString := ""
 	if email == "admin@admin.at" && password == "my password" {
 		// The jwtClaims are our trusted clientside session
-		tokenString = auth.CreateToken(jwt.MapClaims{
+		tokenString = jwtservice.CreateToken(jwt.MapClaims{
 			"email":         email,
 			"companyName":   companyName,
 			"companyUserID": companyUserID,
--- a/controllers/baseAPI.go
+++ b/controllers/baseAPI.go
@ -3,7 +3,7 @@ package controllers
 import (
 	"database/sql"
 	"fmt"
-	companydb "multitenantStack/services"
+	companydb "multitenantStack/services/companydbservice"

 	"github.com/astaxie/beego/orm"
 	jwt "github.com/dgrijalva/jwt-go"
--- a/controllers/companyData.go
+++ b/controllers/companyData.go
@ -34,7 +34,7 @@ func (c *CompanyDataController) URLMapping() {
 func (c *CompanyDataController) Post() {
 	var v models.CompanyData
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if _, err := models.AddCompanyData(&v); err == nil {
+		if _, err := models.AddCompanyData(o, &v); err == nil {
 			c.Ctx.Output.SetStatus(201)
 			c.Data["json"] = v
 		} else {
@ -56,7 +56,7 @@ func (c *CompanyDataController) Post() {
 func (c *CompanyDataController) GetOne() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	v, err := models.GetCompanyDataById(id)
+	v, err := models.GetCompanyDataById(o, id)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -119,7 +119,7 @@ func (c *CompanyDataController) GetAll() {
 		}
 	}

-	l, err := models.GetAllCompanyData(query, fields, sortby, order, offset, limit)
+	l, err := models.GetAllCompanyData(o, query, fields, sortby, order, offset, limit)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -141,7 +141,7 @@ func (c *CompanyDataController) Put() {
 	id, _ := strconv.Atoi(idStr)
 	v := models.CompanyData{Id: id}
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if err := models.UpdateCompanyDataById(&v); err == nil {
+		if err := models.UpdateCompanyDataById(o, &v); err == nil {
 			c.Data["json"] = "OK"
 		} else {
 			c.Data["json"] = err.Error()
@ -162,7 +162,7 @@ func (c *CompanyDataController) Put() {
 func (c *CompanyDataController) Delete() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	if err := models.DeleteCompanyData(id); err == nil {
+	if err := models.DeleteCompanyData(o, id); err == nil {
 		c.Data["json"] = "OK"
 	} else {
 		c.Data["json"] = err.Error()
--- a/controllers/companyUser.go
+++ b/controllers/companyUser.go
@ -34,7 +34,7 @@ func (c *CompanyUserController) URLMapping() {
 func (c *CompanyUserController) Post() {
 	var v models.CompanyUser
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if _, err := models.AddCompanyUser(&v); err == nil {
+		if _, err := models.AddCompanyUser(o, &v); err == nil {
 			c.Ctx.Output.SetStatus(201)
 			c.Data["json"] = v
 		} else {
@ -56,7 +56,7 @@ func (c *CompanyUserController) Post() {
 func (c *CompanyUserController) GetOne() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	v, err := models.GetCompanyUserById(id)
+	v, err := models.GetCompanyUserById(o, id)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -119,7 +119,7 @@ func (c *CompanyUserController) GetAll() {
 		}
 	}

-	l, err := models.GetAllCompanyUser(query, fields, sortby, order, offset, limit)
+	l, err := models.GetAllCompanyUser(o, query, fields, sortby, order, offset, limit)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -141,7 +141,7 @@ func (c *CompanyUserController) Put() {
 	id, _ := strconv.Atoi(idStr)
 	v := models.CompanyUser{Id: id}
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if err := models.UpdateCompanyUserById(&v); err == nil {
+		if err := models.UpdateCompanyUserById(o, &v); err == nil {
 			c.Data["json"] = "OK"
 		} else {
 			c.Data["json"] = err.Error()
@ -162,7 +162,7 @@ func (c *CompanyUserController) Put() {
 func (c *CompanyUserController) Delete() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	if err := models.DeleteCompanyUser(id); err == nil {
+	if err := models.DeleteCompanyUser(o, id); err == nil {
 		c.Data["json"] = "OK"
 	} else {
 		c.Data["json"] = err.Error()
--- a/controllers/contact.go
+++ b/controllers/contact.go
@ -34,7 +34,7 @@ func (c *ContactController) URLMapping() {
 func (c *ContactController) Post() {
 	var v models.Contact
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if _, err := models.AddContact(&v); err == nil {
+		if _, err := models.AddContact(o, &v); err == nil {
 			c.Ctx.Output.SetStatus(201)
 			c.Data["json"] = v
 		} else {
@ -119,8 +119,7 @@ func (c *ContactController) GetAll() {
 		}
 	}

-	ob, _ := orm.NewOrmWithDB("postgres", "default", companyDB)
-	l, err := models.GetAllContact(ob, query, fields, sortby, order, offset, limit)
+	l, err := models.GetAllContact(o, query, fields, sortby, order, offset, limit)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -143,7 +142,7 @@ func (c *ContactController) Put() {
 	id, _ := strconv.Atoi(idStr)
 	v := models.Contact{Id: id}
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if err := models.UpdateContactById(&v); err == nil {
+		if err := models.UpdateContactById(o, &v); err == nil {
 			c.Data["json"] = "OK"
 		} else {
 			c.Data["json"] = err.Error()
@ -164,7 +163,7 @@ func (c *ContactController) Put() {
 func (c *ContactController) Delete() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	if err := models.DeleteContact(id); err == nil {
+	if err := models.DeleteContact(o, id); err == nil {
 		c.Data["json"] = "OK"
 	} else {
 		c.Data["json"] = err.Error()
--- a/controllers/post.go
+++ b/controllers/post.go
@ -34,7 +34,7 @@ func (c *PostController) URLMapping() {
 func (c *PostController) Post() {
 	var v models.Post
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if _, err := models.AddPost(&v); err == nil {
+		if _, err := models.AddPost(o, &v); err == nil {
 			c.Ctx.Output.SetStatus(201)
 			c.Data["json"] = v
 		} else {
@ -56,7 +56,7 @@ func (c *PostController) Post() {
 func (c *PostController) GetOne() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	v, err := models.GetPostById(id)
+	v, err := models.GetPostById(o, id)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -119,7 +119,7 @@ func (c *PostController) GetAll() {
 		}
 	}

-	l, err := models.GetAllPost(query, fields, sortby, order, offset, limit)
+	l, err := models.GetAllPost(o, query, fields, sortby, order, offset, limit)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -141,7 +141,7 @@ func (c *PostController) Put() {
 	id, _ := strconv.Atoi(idStr)
 	v := models.Post{Id: id}
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if err := models.UpdatePostById(&v); err == nil {
+		if err := models.UpdatePostById(o, &v); err == nil {
 			c.Data["json"] = "OK"
 		} else {
 			c.Data["json"] = err.Error()
@ -162,7 +162,7 @@ func (c *PostController) Put() {
 func (c *PostController) Delete() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	if err := models.DeletePost(id); err == nil {
+	if err := models.DeletePost(o, id); err == nil {
 		c.Data["json"] = "OK"
 	} else {
 		c.Data["json"] = err.Error()
--- a/lastupdate.tmp
+++ b/lastupdate.tmp
@ -1 +1 @@
-{"/Users/LB/go/src/multitenantStack/controllers":1541617005449208486}
+{"/Users/LB/go/src/multitenantStack/controllers":1541629384273036460}
--- a/main.go
+++ b/main.go
@ -2,7 +2,8 @@ package main

 import (
 	_ "multitenantStack/routers"
-	auth "multitenantStack/services"
+	companydb "multitenantStack/services/companydbservice"
+	jwt "multitenantStack/services/jwtservice"
 	"time"

 	"github.com/astaxie/beego"
@ -12,11 +13,15 @@ import (

 func init() {
 	orm.RegisterDataBase("default", "postgres", "host=127.0.0.1 port=5435 user=postgres password=postgre sslmode=disable")
-	auth.InitJWTService()
+	orm.RegisterDataBase("system", "postgres", "host=127.0.0.1 port=5435 user=postgres password=postgre dbname=system sslmode=disable")
+
+	jwt.InitJWTService()
+	companydb.InitCompanyService()
 	orm.DefaultTimeLoc = time.UTC
 	if beego.BConfig.RunMode == "dev" {
 		beego.BConfig.WebConfig.DirectoryIndex = true
 		beego.BConfig.WebConfig.StaticDir["/swagger"] = "swagger"
+		orm.Debug = true
 	}
 }

--- a/models/userCompanyMap.go
+++ b/models/userCompanyMap.go
@ -0,0 +1,159 @@
+package models
+
+import (
+	"errors"
+	"fmt"
+	"reflect"
+	"strings"
+	"time"
+
+	"github.com/astaxie/beego/orm"
+)
+
+type UserCompanyMap struct {
+	ID            int       `orm:"column(id);pk"`
+	Email         string    `orm:"column(email)"`
+	PasswordHash  string    `orm:"column(password_hash)"`
+	Company       string    `orm:"column(company)"`
+	CompanyUserID int16     `orm:"column(company_user_id)"`
+	Created       time.Time `orm:"column(created);type(timestamp with time zone);auto_now_add"`
+	Modified      time.Time `orm:"column(modified);type(timestamp with time zone);auto_now_add"`
+}
+
+// TableName returns tablename
+func (t *UserCompanyMap) TableName() string {
+	return "user_company_map"
+}
+
+func init() {
+	orm.RegisterModel(new(UserCompanyMap))
+}
+
+// AddUserCompanyMap insert a new UserCompanyMap into database and returns
+// last inserted Id on success.
+func AddUserCompanyMap(o orm.Ormer, m *UserCompanyMap) (id int64, err error) {
+	id, err = o.Insert(m)
+	return
+}
+
+// GetUserCompanyMapByID retrieves UserCompanyMap by Id. Returns error if Id doesn't exist
+func GetUserCompanyMapByID(o orm.Ormer, id int) (v *UserCompanyMap, err error) {
+	v = &UserCompanyMap{ID: id}
+	if err = o.Read(v); err == nil {
+		return v, nil
+	}
+	return nil, err
+}
+
+// GetUserCompanyMapByEmail retrieves UserCompanyMap by email. Returns error if email doesn't exist
+func GetUserCompanyMapByEmail(o orm.Ormer, email string) (v *UserCompanyMap, err error) {
+	v = &UserCompanyMap{Email: email}
+	if err = o.Read(v, "email"); err == nil {
+		return v, nil
+	}
+	return nil, err
+}
+
+// GetAllUserCompanyMap retrieves all UserCompanyMap matches certain condition. Returns empty list if
+// no records exist
+func GetAllUserCompanyMap(o orm.Ormer, query map[string]string, fields []string, sortby []string, order []string,
+	offset int64, limit int64) (ml []interface{}, err error) {
+	qs := o.QueryTable(new(UserCompanyMap))
+	// query k=v
+	for k, v := range query {
+		// rewrite dot-notation to Object__Attribute
+		k = strings.Replace(k, ".", "__", -1)
+		if strings.Contains(k, "isnull") {
+			qs = qs.Filter(k, (v == "true" || v == "1"))
+		} else {
+			qs = qs.Filter(k, v)
+		}
+	}
+	// order by:
+	var sortFields []string
+	if len(sortby) != 0 {
+		if len(sortby) == len(order) {
+			// 1) for each sort field, there is an associated order
+			for i, v := range sortby {
+				orderby := ""
+				if order[i] == "desc" {
+					orderby = "-" + v
+				} else if order[i] == "asc" {
+					orderby = v
+				} else {
+					return nil, errors.New("Error: Invalid order. Must be either [asc|desc]")
+				}
+				sortFields = append(sortFields, orderby)
+			}
+			qs = qs.OrderBy(sortFields...)
+		} else if len(sortby) != len(order) && len(order) == 1 {
+			// 2) there is exactly one order, all the sorted fields will be sorted by this order
+			for _, v := range sortby {
+				orderby := ""
+				if order[0] == "desc" {
+					orderby = "-" + v
+				} else if order[0] == "asc" {
+					orderby = v
+				} else {
+					return nil, errors.New("Error: Invalid order. Must be either [asc|desc]")
+				}
+				sortFields = append(sortFields, orderby)
+			}
+		} else if len(sortby) != len(order) && len(order) != 1 {
+			return nil, errors.New("Error: 'sortby', 'order' sizes mismatch or 'order' size is not 1")
+		}
+	} else {
+		if len(order) != 0 {
+			return nil, errors.New("Error: unused 'order' fields")
+		}
+	}
+
+	var l []UserCompanyMap
+	qs = qs.OrderBy(sortFields...)
+	if _, err = qs.Limit(limit, offset).All(&l, fields...); err == nil {
+		if len(fields) == 0 {
+			for _, v := range l {
+				ml = append(ml, v)
+			}
+		} else {
+			// trim unused fields
+			for _, v := range l {
+				m := make(map[string]interface{})
+				val := reflect.ValueOf(v)
+				for _, fname := range fields {
+					m[fname] = val.FieldByName(fname).Interface()
+				}
+				ml = append(ml, m)
+			}
+		}
+		return ml, nil
+	}
+	return nil, err
+}
+
+// UpdateUserCompanyMapById updates UserCompanyMap by Id and returns error if the record to be updated doesn't exist
+func UpdateUserCompanyMapById(o orm.Ormer, m *UserCompanyMap) (err error) {
+	v := UserCompanyMap{ID: m.ID}
+	// ascertain id exists in the database
+	if err = o.Read(&v); err == nil {
+		var num int64
+		if num, err = o.Update(m); err == nil {
+			fmt.Println("Number of records updated in database:", num)
+		}
+	}
+	return
+}
+
+// DeleteUserCompanyMap deletes UserCompanyMap by Id and returns error if
+// the record to be deleted doesn't exist
+func DeleteUserCompanyMap(o orm.Ormer, id int) (err error) {
+	v := UserCompanyMap{ID: id}
+	// ascertain id exists in the database
+	if err = o.Read(&v); err == nil {
+		var num int64
+		if num, err = o.Delete(&UserCompanyMap{ID: id}); err == nil {
+			fmt.Println("Number of records deleted in database:", num)
+		}
+	}
+	return
+}
--- a/services/companydbservice/companydb.go
+++ b/services/companydbservice/companydb.go
@ -1,12 +1,12 @@
-package services
+package companydbservice

 import (
 	"database/sql"
 	"errors"
 	"fmt"
+	"multitenantStack/services/jwtservice"
 	"os"

-	"github.com/astaxie/beego/orm"
 	jwt "github.com/dgrijalva/jwt-go"
 )

@ -17,9 +17,7 @@ func InitCompanyService() {
 	fmt.Println("Hello from init") // test if init gets called from each orm
 	dbs := make(map[string]*sql.DB)

-	orm.RegisterDataBase("default", "postgres", "host=127.0.0.1 port=5435 user=postgres password=postgre sslmode=disable")
-
-	systemDB, err := sql.Open("postgres", "host=127.0.0.1 port=5435 user=postgres password=postgre dbname=company5 sslmode=disable")
+	systemDB, err := sql.Open("postgres", "host=127.0.0.1 port=5435 user=postgres password=postgre dbname=system sslmode=disable")
 	if err != nil {
 		fmt.Println("Fatal: could not connect to db, exiting... Error:", err)
 		os.Exit(1)
@ -28,10 +26,35 @@ func InitCompanyService() {

 }

+// GetSystemDatabase returns system db
+func GetSystemDatabase() *sql.DB {
+	return dbs["system"]
+}
+
+// GetDatabase Get orm and user information
+func GetDatabaseWithName(companyName string) (*sql.DB, error) {
+
+	if dbs[companyName] != nil {
+		fmt.Println("DB Already open")
+		return dbs[companyName], nil
+	}
+
+	conStr := fmt.Sprintf("host=127.0.0.1 port=5435 user=postgres password=postgre dbname=%s sslmode=disable", companyName)
+	fmt.Println(conStr)
+	db, err := sql.Open("postgres", conStr)
+	if err != nil {
+		return nil, err
+	}
+
+	// return db with orm or error
+	return db, nil
+}
+
+// TODO: call upper function in this one to reduce code
 // GetDatabase Get orm and user information
 func GetDatabase(tokenString string) (jwt.MapClaims, *sql.DB, error) {
 	// validate token
-	valid, token := Validate(tokenString)
+	valid, token := jwtservice.Validate(tokenString)
 	if !valid {
 		return nil, nil, errors.New("Token is invalid")
 	}
@ -44,7 +67,7 @@ func GetDatabase(tokenString string) (jwt.MapClaims, *sql.DB, error) {
 		return tokenMap, dbs[companyName], nil
 	}

-	conStr := fmt.Sprintf("host=127.0.0.1 port=5435 user=postgres password=postgre dbname=%s sslmode=disable", tokenMap["companyName"])
+	conStr := fmt.Sprintf("host=127.0.0.1 port=5435 user=postgres password=postgre dbname=%s sslmode=disable", companyName)
 	fmt.Println(conStr)
 	db, err := sql.Open("postgres", conStr)
 	if err != nil {
@ -69,15 +92,17 @@ func CreateDatabase(token string) {

 // DeleteDatabase Delete an entire database, this is very very dangerous :-)
 func DeleteDatabase(token string) {
+	//_, db, err := GetDatabase(token)
 	/*
-		db.Close()
-		fmt.Println("Closed company5")
-		//}
+		remove from map!
+			db.Close()
+			fmt.Println("Closed company5")
+			//}

-		res, err := o.Raw("DROP DATABASE company5;").Exec()
-		if err == nil {
-			num, _ := res.RowsAffected()
-			fmt.Println("mysql row affected number: ", num)
-		}
+			res, err := o.Raw("DROP DATABASE company5;").Exec()
+			if err == nil {
+				num, _ := res.RowsAffected()
+				fmt.Println("mysql row affected number: ", num)
+			}
 	*/
 }
--- a/services/jwtservice/jwt.go
+++ b/services/jwtservice/jwt.go
@ -1,4 +1,4 @@
-package services
+package jwtservice

 import (
 	"crypto/rand"