multitenantStack/controllers/auth.go

260 lines
6.2 KiB
Go

package controllers
import (
"fmt"
"multitenantStack/models"
companydb "multitenantStack/services/companydb"
"strings"
constants "multitenantStack/constants"
tokenTools "multitenantStack/services/tokenTools"
"time"
"github.com/astaxie/beego/orm"
jwt "github.com/dgrijalva/jwt-go"
"github.com/kennygrant/sanitize"
)
// AuthController operations for Auth
type AuthController struct {
BaseController
}
// AuthResponse the format for all responses from auth
type AuthResponse struct {
Status int `json:"status"`
Jwt string `json:"jwt"`
User models.CompanyUser `json:"user"`
}
// URLMapping ...
func (c *AuthController) URLMapping() {
// This block is used to drastically speed up the annotation -> lookup process
c.Mapping("Login", c.Login)
c.Mapping("Register", c.Register)
}
// Login Get a JWT token for the user
// @Title Create
// @Description create Auth
// @Param body body models.Auth true "body for Auth content"
// @Success 201 {object} models.Auth
// @Failure 403 body is empty
// @router /login [post]
func (c *AuthController) Login() {
if c.Ctx.Input.Method() != "POST" {
c.ServeJSONError("Method not allowed")
return
}
tokenHeader := c.Ctx.Request.Header.Get("X-JWTtoken")
if tokenHeader != "" {
valid, _ := tokenTools.Validate(tokenHeader)
if valid {
c.ServeJSONError("You are already logged in")
return
}
}
email := c.GetString("email")
password := c.GetString("password")
if email == "" || password == "" {
c.ServeJSONError("Email/Password missing")
return
}
systemdb := companydb.GetSystemDatabase()
if systemdb == nil {
c.ServeJSONError("Error retrieving User")
return
}
o, err := orm.NewOrmWithDB("postgres", "default", systemdb)
if err != nil {
c.ServeJSONError("Error retrieving User")
return
}
userCompanyMapping, err := models.GetUserCompanyMapByEmail(o, email)
if err != nil {
c.ServeJSONError("Error retrieving User")
return
}
if !tokenTools.CheckPasswordHash(password, userCompanyMapping.PasswordHash) {
c.ServeJSONError("Email/Password incorrect")
return
}
companyName := userCompanyMapping.Company
companyUserID := userCompanyMapping.CompanyUserID
db, err := companydb.GetDatabaseWithName(companyName)
if err != nil {
c.ServeJSONError("Error retrieving Company")
return
}
o, err = orm.NewOrmWithDB("postgres", "default", db)
if err != nil {
c.ServeJSONError("Error retrieving CompanyData")
return
}
companyUser, err := models.GetCompanyUserById(o, int(companyUserID))
if err != nil {
c.ServeJSONError("Error retrieving Company User")
return
}
tokenString := ""
// The jwtClaims are our trusted clientside session
tokenString = tokenTools.CreateToken(jwt.MapClaims{
"email": email,
"companyName": companyName,
"companyUserID": companyUserID,
"exp": time.Now().Unix() + 3600,
})
json := AuthResponse{200, tokenString, *companyUser}
c.Data["json"] = &json
c.ServeJSON()
}
// Register Register a new company and user, create DB and so on
// @Title Create
// @Description create Auth
// @Param body body models.Auth true "body for Auth content"
// @Success 201 {object} models.Auth
// @Failure 403 body is empty
// @router /register [post]
func (c *AuthController) Register() {
// can be called without jwt token set
// needed data:
// email
// password
// companyname
// optional: username
// Tasks:
// create database
// create user_company_map entry
// create company user
// return jwt token and user profile
if c.Ctx.Input.Method() != "POST" {
c.ServeJSONError("Method not allowed")
return
}
tokenHeader := c.Ctx.Request.Header.Get("X-JWTtoken")
if tokenHeader != "" {
valid, _ := tokenTools.Validate(tokenHeader)
if valid {
c.ServeJSONError("You are already logged in")
return
}
}
email := c.GetString("email")
password := c.GetString("password")
username := c.GetString("username")
companyname := c.GetString("companyname")
companyname = sanitize.BaseName(companyname)
companyname = strings.ToLower(companyname)
companyname = fmt.Sprintf("company_%s", companyname)
if email == "" || password == "" || companyname == "" || username == "" {
c.ServeJSONError("Email/Password/Companyname missing")
return
}
systemdb := companydb.GetSystemDatabase()
if systemdb == nil {
c.ServeJSONError("Error retrieving data")
return
}
o, err := orm.NewOrmWithDB("postgres", "default", systemdb)
if err != nil {
c.ServeJSONError("Error retrieving data")
return
}
ucmExists, err := models.GetUserCompanyMapByEmail(o, email)
if ucmExists != nil {
fmt.Println(ucmExists)
c.ServeJSONError("Error: Email exists!")
return
}
if companydb.HasDatabase(companyname) {
c.ServeJSONError("Error: Company exists!")
return
}
var userCompanyMapping models.UserCompanyMap
newHash, _ := tokenTools.HashPassword(password)
userCompanyMapping.PasswordHash = newHash
userCompanyMapping.Company = companyname
userCompanyMapping.Email = email
ucmID, err := models.AddUserCompanyMap(o, &userCompanyMapping)
if err != nil {
c.ServeJSONErrorWithError("Error on saving user", err)
return
}
// Create company
newDB, err := companydb.CreateDatabase(companyname)
if err != nil {
c.ServeJSONErrorWithError("Error on creating DB", err)
return
}
newO, err := orm.NewOrmWithDB("postgres", "default", newDB)
if err != nil {
c.ServeJSONErrorWithError("Error retrieving company data", err)
return
}
var companyUser models.CompanyUser
companyUser.Name = username
companyUser.Profile = "{}"
companyUser.Role = constants.RoleOwner
userID, err := models.AddCompanyUser(newO, &companyUser)
if err != nil {
c.ServeJSONError("Error on saving company user")
return
}
// edit usermapping
userCompanyMapping.ID = int(ucmID)
userCompanyMapping.CompanyUserID = int16(userID)
if err := models.UpdateUserCompanyMapById(o, &userCompanyMapping); err != nil {
c.ServeJSONError("Error on saving user")
return
}
tokenString := ""
tokenString = tokenTools.CreateToken(jwt.MapClaims{
"email": email,
"companyName": companyname,
"companyUserID": userCompanyMapping.CompanyUserID,
"exp": time.Now().Unix() + 3600,
})
json := AuthResponse{200, tokenString, companyUser}
c.Data["json"] = &json
c.ServeJSON()
}