jwt validation, getting the correct database
This commit is contained in:
@ -1,7 +1,7 @@
|
||||
package controllers
|
||||
|
||||
import (
|
||||
auth "multitenantStack/services/authentication"
|
||||
auth "multitenantStack/services"
|
||||
"time"
|
||||
|
||||
jwt "github.com/dgrijalva/jwt-go"
|
||||
@ -37,7 +37,7 @@ func (c *AuthController) Login() {
|
||||
}
|
||||
|
||||
if c.Ctx.Input.Method() != "POST" {
|
||||
c.ServeJsonError("Method not allowed")
|
||||
c.ServeJSONError("Method not allowed")
|
||||
return
|
||||
}
|
||||
|
||||
@ -46,13 +46,13 @@ func (c *AuthController) Login() {
|
||||
email := c.GetString("email")
|
||||
password := c.GetString("password")
|
||||
|
||||
//TODO: check against main database, get company id and veryfy password
|
||||
companyName := ""
|
||||
companyUserId := 5
|
||||
//TODO: if found query the company database to get roleid, and name
|
||||
//TODO: check against main database, get company id and verify password
|
||||
companyName := "company_1"
|
||||
companyUserID := 5
|
||||
//TODO: if found query the company database to get roleID, and name
|
||||
|
||||
name := "Lukas"
|
||||
roleId := 5
|
||||
roleID := 5
|
||||
|
||||
tokenString := ""
|
||||
if email == "admin@admin.at" && password == "my password" {
|
||||
@ -60,13 +60,13 @@ func (c *AuthController) Login() {
|
||||
tokenString = auth.CreateToken(jwt.MapClaims{
|
||||
"email": email,
|
||||
"companyName": companyName,
|
||||
"companyUserId": companyUserId,
|
||||
"companyUserID": companyUserID,
|
||||
"name": name,
|
||||
"roleId": roleId,
|
||||
"expires": time.Now().Unix() + 3600,
|
||||
"roleID": roleID,
|
||||
"exp": time.Now().Unix() + 3600,
|
||||
})
|
||||
} else {
|
||||
c.ServeJsonError("Invalid user/password")
|
||||
c.ServeJSONError("Invalid user/password")
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
@ -4,35 +4,44 @@ import (
|
||||
"github.com/astaxie/beego"
|
||||
)
|
||||
|
||||
type JsonBasicResponse struct {
|
||||
// JSONBasicResponse The minimal JSON response
|
||||
type JSONBasicResponse struct {
|
||||
Status int
|
||||
Message string
|
||||
}
|
||||
|
||||
const JSON_ERROR int = 400
|
||||
const JSON_INT_ERROR int = 500
|
||||
const JSON_SUCCESS int = 200
|
||||
// JSONError code for a input error
|
||||
const JSONError int = 400
|
||||
|
||||
// JSONInternalError code for an internal error
|
||||
const JSONInternalError int = 500
|
||||
|
||||
// JSONSuccess code for a success
|
||||
const JSONSuccess int = 200
|
||||
|
||||
// BaseController operations for BaseController
|
||||
type BaseController struct {
|
||||
beego.Controller
|
||||
}
|
||||
|
||||
func (c *BaseController) ServeJsonError(message string) {
|
||||
json := JsonBasicResponse{JSON_ERROR, message}
|
||||
// ServeJSONError respond with a JSON error
|
||||
func (c *BaseController) ServeJSONError(message string) {
|
||||
json := JSONBasicResponse{JSONError, message}
|
||||
c.Data["json"] = &json
|
||||
///c.Ctx.ResponseWriter.WriteHeader(400)
|
||||
c.ServeJSON()
|
||||
}
|
||||
|
||||
func (c *BaseController) ServeJsonErrorWithCode(errorcode int, message string) {
|
||||
json := JsonBasicResponse{errorcode, message}
|
||||
// ServeJSONErrorWithCode respond with a JSON error and specify code
|
||||
func (c *BaseController) ServeJSONErrorWithCode(errorcode int, message string) {
|
||||
json := JSONBasicResponse{errorcode, message}
|
||||
c.Data["json"] = &json
|
||||
c.ServeJSON()
|
||||
}
|
||||
|
||||
func (c *BaseController) ServeJsonSuccess(message string) {
|
||||
json := JsonBasicResponse{JSON_SUCCESS, message}
|
||||
// ServeJSONSuccess respond with a JSON success message
|
||||
func (c *BaseController) ServeJSONSuccess(message string) {
|
||||
json := JSONBasicResponse{JSONSuccess, message}
|
||||
c.Data["json"] = &json
|
||||
c.ServeJSON()
|
||||
}
|
||||
|
||||
@ -1,29 +1,47 @@
|
||||
package controllers
|
||||
|
||||
// BaseController operations for APIs
|
||||
import (
|
||||
"database/sql"
|
||||
"fmt"
|
||||
companydb "multitenantStack/services"
|
||||
|
||||
"github.com/astaxie/beego/orm"
|
||||
jwt "github.com/dgrijalva/jwt-go"
|
||||
)
|
||||
|
||||
// BaseAPIController operations for APIs
|
||||
type BaseAPIController struct {
|
||||
BaseController
|
||||
}
|
||||
|
||||
func (this *BaseAPIController) Prepare() {
|
||||
var jwtSession jwt.MapClaims
|
||||
var companyDB *sql.DB
|
||||
var o orm.Ormer
|
||||
|
||||
/*
|
||||
//Lo que quieras hacer en todos los controladores
|
||||
// O puede ser leído de una cabecera HEADER!!
|
||||
tokenString := this.Ctx.Request.Header.Get("X-JWTtoken")
|
||||
et := jwtbeego.EasyToken{}
|
||||
valid, issuer, _ := et.ValidateToken(tokenString)
|
||||
if !valid {
|
||||
this.Ctx.Output.SetStatus(401)
|
||||
this.ServeJsonError("Invalid Token")
|
||||
}
|
||||
/*
|
||||
userSession := this.GetSession("username")
|
||||
//var database sql.database
|
||||
|
||||
if userSession == nil || userSession != issuer {
|
||||
this.Ctx.Output.SetStatus(401)
|
||||
this.ServeJsonError("Invalid Session")
|
||||
}
|
||||
*/
|
||||
//return
|
||||
// Prepare parse all requests that come after this controller for valid auth
|
||||
func (c *BaseAPIController) Prepare() {
|
||||
|
||||
tokenString := c.Ctx.Request.Header.Get("X-JWTtoken")
|
||||
|
||||
if tokenString == "" {
|
||||
c.ServeJSONError("No Token provided")
|
||||
return
|
||||
}
|
||||
|
||||
token, db, err := companydb.GetDatabase(tokenString)
|
||||
if err != nil {
|
||||
c.ServeJSONError("Token invalid")
|
||||
return
|
||||
}
|
||||
|
||||
jwtSession = token
|
||||
companyDB = db
|
||||
o, err = orm.NewOrmWithDB("postgres", "company", companyDB)
|
||||
if err != nil {
|
||||
fmt.Println(err.Error())
|
||||
c.ServeJSONError("internal")
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,12 +7,12 @@ import (
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/astaxie/beego"
|
||||
"github.com/astaxie/beego/orm"
|
||||
)
|
||||
|
||||
// ContactController operations for Contact
|
||||
type ContactController struct {
|
||||
beego.Controller
|
||||
BaseAPIController
|
||||
}
|
||||
|
||||
// URLMapping ...
|
||||
@ -56,7 +56,7 @@ func (c *ContactController) Post() {
|
||||
func (c *ContactController) GetOne() {
|
||||
idStr := c.Ctx.Input.Param(":id")
|
||||
id, _ := strconv.Atoi(idStr)
|
||||
v, err := models.GetContactById(id)
|
||||
v, err := models.GetContactById(orm.NewOrm(), id)
|
||||
if err != nil {
|
||||
c.Data["json"] = err.Error()
|
||||
} else {
|
||||
@ -119,12 +119,14 @@ func (c *ContactController) GetAll() {
|
||||
}
|
||||
}
|
||||
|
||||
l, err := models.GetAllContact(query, fields, sortby, order, offset, limit)
|
||||
ob, _ := orm.NewOrmWithDB("postgres", "default", companyDB)
|
||||
l, err := models.GetAllContact(ob, query, fields, sortby, order, offset, limit)
|
||||
if err != nil {
|
||||
c.Data["json"] = err.Error()
|
||||
} else {
|
||||
c.Data["json"] = l
|
||||
}
|
||||
|
||||
c.ServeJSON()
|
||||
}
|
||||
|
||||
|
||||
@ -1,13 +1,16 @@
|
||||
package controllers
|
||||
|
||||
// ErrorController Handle all errors
|
||||
type ErrorController struct {
|
||||
BaseController
|
||||
}
|
||||
|
||||
// Error404 handle a 404
|
||||
func (c *ErrorController) Error404() {
|
||||
c.ServeJsonErrorWithCode(404, "Not Found")
|
||||
c.ServeJSONErrorWithCode(404, "Not Found")
|
||||
}
|
||||
|
||||
// Error500 handle a 500
|
||||
func (c *ErrorController) Error500() {
|
||||
c.ServeJsonErrorWithCode(500, "Internal Server Error")
|
||||
c.ServeJSONErrorWithCode(500, "Internal Server Error")
|
||||
}
|
||||
|
||||
@ -5,10 +5,12 @@ type IndexController struct {
|
||||
BaseController
|
||||
}
|
||||
|
||||
// Get Index response for get
|
||||
func (c *IndexController) Get() {
|
||||
c.ServeJsonSuccess("multitenant API")
|
||||
c.ServeJSONSuccess("multitenant API")
|
||||
}
|
||||
|
||||
// Post Index response for post
|
||||
func (c *IndexController) Post() {
|
||||
c.ServeJsonSuccess("multitenant API")
|
||||
c.ServeJSONSuccess("multitenant API")
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user