Moving files and adding auth

controllers/auth.go

@@ -0,0 +1,127 @@
+package controllers
+
+import (
+	auth "multitenantStack/services/authentication"
+	"time"
+
+	jwt "github.com/dgrijalva/jwt-go"
+)
+
+// AuthController operations for Auth
+type AuthController struct {
+	BaseController
+}
+
+// URLMapping ...
+func (c *AuthController) URLMapping() {
+	// This block is used to drastically speed up the annotation -> lookup process
+	c.Mapping("Login", c.Login)
+	c.Mapping("GetOne", c.GetOne)
+	c.Mapping("GetAll", c.GetAll)
+	c.Mapping("Put", c.Put)
+	c.Mapping("Delete", c.Delete)
+}
+
+// Login Get a JWT token for the user
+// @Title Create
+// @Description create Auth
+// @Param	body		body 	models.Auth	true		"body for Auth content"
+// @Success 201 {object} models.Auth
+// @Failure 403 body is empty
+// @router /login [post]
+func (c *AuthController) Login() {
+
+	type AuthResponse struct {
+		Status int
+		Jwt    string
+	}
+
+	if c.Ctx.Input.Method() != "POST" {
+		c.ServeJsonError("Method not allowed")
+		return
+	}
+
+	//TODO: did the user send us a token? then just validate and tell him he is logged in
+
+	email := c.GetString("email")
+	password := c.GetString("password")
+
+	//TODO: check against main database, get company id and veryfy password
+	companyName := ""
+	companyUserId := 5
+	//TODO: if found query the company database to get roleid, and name
+
+	name := "Lukas"
+	roleId := 5
+
+	tokenString := ""
+	if email == "admin@admin.at" && password == "my password" {
+		// The jwtClaims are our trusted clientside session
+		tokenString = auth.CreateToken(jwt.MapClaims{
+			"email":         email,
+			"companyName":   companyName,
+			"companyUserId": companyUserId,
+			"name":          name,
+			"roleId":        roleId,
+			"expires":       time.Now().Unix() + 3600,
+		})
+	} else {
+		c.ServeJsonError("Invalid user/password")
+		return
+	}
+
+	json := AuthResponse{200, tokenString}
+	c.Data["json"] = &json
+
+	c.ServeJSON()
+}
+
+// GetOne ...
+// @Title GetOne
+// @Description get Auth by id
+// @Param	id		path 	string	true		"The key for staticblock"
+// @Success 200 {object} models.Auth
+// @Failure 403 :id is empty
+// @router /:id [get]
+func (c *AuthController) GetOne() {
+
+}
+
+// GetAll ...
+// @Title GetAll
+// @Description get Auth
+// @Param	query	query	string	false	"Filter. e.g. col1:v1,col2:v2 ..."
+// @Param	fields	query	string	false	"Fields returned. e.g. col1,col2 ..."
+// @Param	sortby	query	string	false	"Sorted-by fields. e.g. col1,col2 ..."
+// @Param	order	query	string	false	"Order corresponding to each sortby field, if single value, apply to all sortby fields. e.g. desc,asc ..."
+// @Param	limit	query	string	false	"Limit the size of result set. Must be an integer"
+// @Param	offset	query	string	false	"Start position of result set. Must be an integer"
+// @Success 200 {object} models.Auth
+// @Failure 403
+// @router / [get]
+func (c *AuthController) GetAll() {
+
+}
+
+// Put ...
+// @Title Put
+// @Description update the Auth
+// @Param	id		path 	string	true		"The id you want to update"
+// @Param	body		body 	models.Auth	true		"body for Auth content"
+// @Success 200 {object} models.Auth
+// @Failure 403 :id is not int
+// @router /:id [put]
+func (c *AuthController) Put() {
+
+}
+
+// Delete ...
+// @Title Delete
+// @Description delete the Auth
+// @Param	id		path 	string	true		"The id you want to delete"
+// @Success 200 {string} delete success!
+// @Failure 403 id is empty
+// @router /:id [delete]
+func (c *AuthController) Delete() {
+
+}

controllers/base.go

@@ -0,0 +1,30 @@
+package controllers
+
+import (
+	"github.com/astaxie/beego"
+)
+
+type JsonBasicResponse struct {
+	Status  int
+	Message string
+}
+
+const JSON_ERROR int = 500
+const JSON_SUCCESS int = 200
+
+// BaseController operations for BaseController
+type BaseController struct {
+	beego.Controller
+}
+
+func (this *BaseController) ServeJsonError(message string) {
+	json := JsonBasicResponse{JSON_ERROR, message}
+	this.Data["json"] = &json
+	this.ServeJSON()
+}
+
+func (this *BaseController) ServeJsonSuccess(message string) {
+	json := JsonBasicResponse{JSON_SUCCESS, message}
+	this.Data["json"] = &json
+	this.ServeJSON()
+}

controllers/baseAPI.go

@@ -0,0 +1,36 @@
+package controllers
+
+import (
+	//"fmt"
+	"github.com/juusechec/jwt-beego"
+)
+
+// BaseController operations for APIs
+type BaseAPIController struct {
+	BaseController
+}
+
+func (this *BaseAPIController) Prepare() {
+	if this.Ctx.Input.Method() != "POST" {
+		this.ServeJsonError("Method not allowed")
+	}
+
+	//Lo que quieras hacer en todos los controladores
+	// O puede ser leído de una cabecera HEADER!!
+	tokenString := this.Ctx.Request.Header.Get("X-JWTtoken")
+	et := jwtbeego.EasyToken{}
+	valid, issuer, _ := et.ValidateToken(tokenString)
+	if !valid {
+		this.Ctx.Output.SetStatus(401)
+		this.ServeJsonError("Invalid Token")
+	}
+
+	userSession := this.GetSession("username")
+
+	if userSession == nil || userSession != issuer {
+		this.Ctx.Output.SetStatus(401)
+		this.ServeJsonError("Invalid Session")
+	}
+
+	return
+}