Moving Services to seperate namespaces again, auth endpoint working

2018-11-08 08:36:08 +01:00
parent 2adb24d8ce
commit 11eed92c15
12 changed files with 300 additions and 48 deletions
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -1,9 +1,13 @@
 package controllers

 import (
-	auth "multitenantStack/services"
+	"multitenantStack/models"
+	companydb "multitenantStack/services/companydbservice"
+
+	jwtservice "multitenantStack/services/jwtservice"
 	"time"

+	"github.com/astaxie/beego/orm"
 	jwt "github.com/dgrijalva/jwt-go"
 )

@ -41,23 +45,79 @@ func (c *AuthController) Login() {
 		return
 	}

-	//TODO: did the user send us a token? then just validate and tell him he is logged in
+	tokenHeader := c.Ctx.Request.Header.Get("X-JWTtoken")
+	if tokenHeader != "" {
+		valid, _ := jwtservice.Validate(tokenHeader)
+		if valid {
+			c.ServeJSONError("You are already logged in")
+			return
+		}
+	}

 	email := c.GetString("email")
 	password := c.GetString("password")

-	//TODO: check against main database, get company id and verify password
-	companyName := "company_1"
-	companyUserID := 5
+	if email == "" || password == "" {
+		c.ServeJSONError("Email/Password missing")
+		return
+	}
+	/*
+		systemdb := companydb.GetSystemDatabase()
+
+		if systemdb == nil {
+			c.ServeJSONError("Error retrieving User")
+			return
+		}
+		o, err := orm.NewOrmWithDB("postgres", "default", systemdb)
+		if err != nil {
+			c.ServeJSONError("Error retrieving User")
+			return
+		}
+	*/
+	o := orm.NewOrm()
+	o.Using("system") //TODO: Replace this with something cleverer (manager) once implemented
+
+	userCompanyMapping, err := models.GetUserCompanyMapByEmail(o, email)
+	if err != nil {
+		c.ServeJSONError("Error retrieving User")
+		return
+	}
+
+	if password != userCompanyMapping.PasswordHash { // TODO: Hash me
+		c.ServeJSONError("Email/Password incorrect")
+		return
+	}
+
+	companyName := userCompanyMapping.Company
+	companyUserID := userCompanyMapping.CompanyUserID
+
+	db, err := companydb.GetDatabaseWithName(companyName)
+	if err != nil {
+		c.ServeJSONError("Error retrieving Company")
+		return
+	}
+
+	o, err = orm.NewOrmWithDB("postgres", "default", db)
+	if err != nil {
+		c.ServeJSONError("Error retrieving CompanyData")
+		return
+	}
+
+	companyUser, err := models.GetCompanyUserById(o, int(companyUserID))
+	if err != nil {
+		c.ServeJSONError("Error retrieving Company User")
+		return
+	}
+
 	//TODO: if found query the company database to get roleID, and name

-	name := "Lukas"
-	roleID := 5
+	name := companyUser.Name
+	roleID := companyUser.Role

 	tokenString := ""
 	if email == "admin@admin.at" && password == "my password" {
 		// The jwtClaims are our trusted clientside session
-		tokenString = auth.CreateToken(jwt.MapClaims{
+		tokenString = jwtservice.CreateToken(jwt.MapClaims{
 			"email":         email,
 			"companyName":   companyName,
 			"companyUserID": companyUserID,
--- a/controllers/baseAPI.go
+++ b/controllers/baseAPI.go
@ -3,7 +3,7 @@ package controllers
 import (
 	"database/sql"
 	"fmt"
-	companydb "multitenantStack/services"
+	companydb "multitenantStack/services/companydbservice"

 	"github.com/astaxie/beego/orm"
 	jwt "github.com/dgrijalva/jwt-go"
--- a/controllers/companyData.go
+++ b/controllers/companyData.go
@ -34,7 +34,7 @@ func (c *CompanyDataController) URLMapping() {
 func (c *CompanyDataController) Post() {
 	var v models.CompanyData
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if _, err := models.AddCompanyData(&v); err == nil {
+		if _, err := models.AddCompanyData(o, &v); err == nil {
 			c.Ctx.Output.SetStatus(201)
 			c.Data["json"] = v
 		} else {
@ -56,7 +56,7 @@ func (c *CompanyDataController) Post() {
 func (c *CompanyDataController) GetOne() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	v, err := models.GetCompanyDataById(id)
+	v, err := models.GetCompanyDataById(o, id)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -119,7 +119,7 @@ func (c *CompanyDataController) GetAll() {
 		}
 	}

-	l, err := models.GetAllCompanyData(query, fields, sortby, order, offset, limit)
+	l, err := models.GetAllCompanyData(o, query, fields, sortby, order, offset, limit)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -141,7 +141,7 @@ func (c *CompanyDataController) Put() {
 	id, _ := strconv.Atoi(idStr)
 	v := models.CompanyData{Id: id}
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if err := models.UpdateCompanyDataById(&v); err == nil {
+		if err := models.UpdateCompanyDataById(o, &v); err == nil {
 			c.Data["json"] = "OK"
 		} else {
 			c.Data["json"] = err.Error()
@ -162,7 +162,7 @@ func (c *CompanyDataController) Put() {
 func (c *CompanyDataController) Delete() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	if err := models.DeleteCompanyData(id); err == nil {
+	if err := models.DeleteCompanyData(o, id); err == nil {
 		c.Data["json"] = "OK"
 	} else {
 		c.Data["json"] = err.Error()
--- a/controllers/companyUser.go
+++ b/controllers/companyUser.go
@ -34,7 +34,7 @@ func (c *CompanyUserController) URLMapping() {
 func (c *CompanyUserController) Post() {
 	var v models.CompanyUser
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if _, err := models.AddCompanyUser(&v); err == nil {
+		if _, err := models.AddCompanyUser(o, &v); err == nil {
 			c.Ctx.Output.SetStatus(201)
 			c.Data["json"] = v
 		} else {
@ -56,7 +56,7 @@ func (c *CompanyUserController) Post() {
 func (c *CompanyUserController) GetOne() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	v, err := models.GetCompanyUserById(id)
+	v, err := models.GetCompanyUserById(o, id)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -119,7 +119,7 @@ func (c *CompanyUserController) GetAll() {
 		}
 	}

-	l, err := models.GetAllCompanyUser(query, fields, sortby, order, offset, limit)
+	l, err := models.GetAllCompanyUser(o, query, fields, sortby, order, offset, limit)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -141,7 +141,7 @@ func (c *CompanyUserController) Put() {
 	id, _ := strconv.Atoi(idStr)
 	v := models.CompanyUser{Id: id}
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if err := models.UpdateCompanyUserById(&v); err == nil {
+		if err := models.UpdateCompanyUserById(o, &v); err == nil {
 			c.Data["json"] = "OK"
 		} else {
 			c.Data["json"] = err.Error()
@ -162,7 +162,7 @@ func (c *CompanyUserController) Put() {
 func (c *CompanyUserController) Delete() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	if err := models.DeleteCompanyUser(id); err == nil {
+	if err := models.DeleteCompanyUser(o, id); err == nil {
 		c.Data["json"] = "OK"
 	} else {
 		c.Data["json"] = err.Error()
--- a/controllers/contact.go
+++ b/controllers/contact.go
@ -34,7 +34,7 @@ func (c *ContactController) URLMapping() {
 func (c *ContactController) Post() {
 	var v models.Contact
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if _, err := models.AddContact(&v); err == nil {
+		if _, err := models.AddContact(o, &v); err == nil {
 			c.Ctx.Output.SetStatus(201)
 			c.Data["json"] = v
 		} else {
@ -119,8 +119,7 @@ func (c *ContactController) GetAll() {
 		}
 	}

-	ob, _ := orm.NewOrmWithDB("postgres", "default", companyDB)
-	l, err := models.GetAllContact(ob, query, fields, sortby, order, offset, limit)
+	l, err := models.GetAllContact(o, query, fields, sortby, order, offset, limit)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -143,7 +142,7 @@ func (c *ContactController) Put() {
 	id, _ := strconv.Atoi(idStr)
 	v := models.Contact{Id: id}
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if err := models.UpdateContactById(&v); err == nil {
+		if err := models.UpdateContactById(o, &v); err == nil {
 			c.Data["json"] = "OK"
 		} else {
 			c.Data["json"] = err.Error()
@ -164,7 +163,7 @@ func (c *ContactController) Put() {
 func (c *ContactController) Delete() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	if err := models.DeleteContact(id); err == nil {
+	if err := models.DeleteContact(o, id); err == nil {
 		c.Data["json"] = "OK"
 	} else {
 		c.Data["json"] = err.Error()
--- a/controllers/post.go
+++ b/controllers/post.go
@ -34,7 +34,7 @@ func (c *PostController) URLMapping() {
 func (c *PostController) Post() {
 	var v models.Post
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if _, err := models.AddPost(&v); err == nil {
+		if _, err := models.AddPost(o, &v); err == nil {
 			c.Ctx.Output.SetStatus(201)
 			c.Data["json"] = v
 		} else {
@ -56,7 +56,7 @@ func (c *PostController) Post() {
 func (c *PostController) GetOne() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	v, err := models.GetPostById(id)
+	v, err := models.GetPostById(o, id)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -119,7 +119,7 @@ func (c *PostController) GetAll() {
 		}
 	}

-	l, err := models.GetAllPost(query, fields, sortby, order, offset, limit)
+	l, err := models.GetAllPost(o, query, fields, sortby, order, offset, limit)
 	if err != nil {
 		c.Data["json"] = err.Error()
 	} else {
@ -141,7 +141,7 @@ func (c *PostController) Put() {
 	id, _ := strconv.Atoi(idStr)
 	v := models.Post{Id: id}
 	if err := json.Unmarshal(c.Ctx.Input.RequestBody, &v); err == nil {
-		if err := models.UpdatePostById(&v); err == nil {
+		if err := models.UpdatePostById(o, &v); err == nil {
 			c.Data["json"] = "OK"
 		} else {
 			c.Data["json"] = err.Error()
@ -162,7 +162,7 @@ func (c *PostController) Put() {
 func (c *PostController) Delete() {
 	idStr := c.Ctx.Input.Param(":id")
 	id, _ := strconv.Atoi(idStr)
-	if err := models.DeletePost(id); err == nil {
+	if err := models.DeletePost(o, id); err == nil {
 		c.Data["json"] = "OK"
 	} else {
 		c.Data["json"] = err.Error()