2017-10-10 09:09:26 +00:00
|
|
|
package models
|
|
|
|
|
|
|
|
import (
|
2017-12-05 13:46:54 +00:00
|
|
|
"github.com/dgrijalva/jwt-go"
|
|
|
|
"github.com/labstack/echo"
|
2017-11-07 15:35:10 +00:00
|
|
|
"golang.org/x/crypto/bcrypt"
|
2017-10-10 09:09:26 +00:00
|
|
|
)
|
|
|
|
|
2017-11-08 16:12:05 +00:00
|
|
|
// UserLogin Object to recive user credentials in JSON format
|
|
|
|
type UserLogin struct {
|
|
|
|
Username string `json:"username" form:"username"`
|
|
|
|
Password string `json:"password" form:"password"`
|
|
|
|
}
|
|
|
|
|
2017-11-08 09:55:17 +00:00
|
|
|
// User holds information about an user
|
2017-10-10 09:09:26 +00:00
|
|
|
type User struct {
|
2018-01-23 11:37:13 +00:00
|
|
|
ID int64 `xorm:"int(11) autoincr not null unique pk" json:"id"`
|
|
|
|
Name string `xorm:"varchar(250)" json:"name"`
|
|
|
|
Username string `xorm:"varchar(250) not null unique" json:"username"`
|
|
|
|
Password string `xorm:"varchar(250) not null" json:"password"`
|
|
|
|
Email string `xorm:"varchar(250)" json:"email"`
|
|
|
|
IsAdmin bool `xorm:"tinyint(1) not null" json:"isAdmin"`
|
2018-01-23 11:59:48 +00:00
|
|
|
Created int64 `xorm:"created" json:"created"`
|
|
|
|
Updated int64 `xorm:"updated" json:"updated"`
|
2017-10-10 09:09:26 +00:00
|
|
|
}
|
|
|
|
|
2017-12-05 13:46:54 +00:00
|
|
|
// UserLog logs user actions
|
|
|
|
type UserLog struct {
|
2018-03-06 12:43:07 +00:00
|
|
|
ID int64 `xorm:"int(11) autoincr not null unique pk" json:"id"`
|
|
|
|
UserID int64 `xorm:"int(11)" json:"userID"`
|
2018-03-06 11:36:49 +00:00
|
|
|
Log ActionType `xorm:"int(11)" json:"log"`
|
2018-03-06 12:43:07 +00:00
|
|
|
ItemID int64 `xorm:"int(11)" json:"itemID"`
|
|
|
|
Time int64 `xorm:"created" json:"time"`
|
2017-12-05 13:46:54 +00:00
|
|
|
}
|
|
|
|
|
2017-11-08 09:55:17 +00:00
|
|
|
// TableName returns the table name for users
|
2017-10-10 09:09:26 +00:00
|
|
|
func (User) TableName() string {
|
|
|
|
return "users"
|
|
|
|
}
|
|
|
|
|
2017-11-16 11:28:27 +00:00
|
|
|
// GetUserByID gets informations about a user by its ID
|
|
|
|
func GetUserByID(id int64) (user User, exists bool, err error) {
|
2018-01-23 13:31:54 +00:00
|
|
|
// Apparently xorm does otherwise look for all users but return only one, which leads to returing one even if the ID is 0
|
2018-01-23 13:52:03 +00:00
|
|
|
if id == 0 {
|
2018-01-23 13:31:54 +00:00
|
|
|
return User{}, false, nil
|
|
|
|
}
|
|
|
|
|
2017-11-24 13:36:40 +00:00
|
|
|
return GetUser(User{ID: id})
|
2017-11-16 11:28:27 +00:00
|
|
|
}
|
|
|
|
|
2017-11-24 13:36:40 +00:00
|
|
|
// GetUser gets a user object
|
|
|
|
func GetUser(user User) (userOut User, exists bool, err error) {
|
|
|
|
userOut = user
|
|
|
|
exists, err = x.Get(&userOut)
|
2018-01-23 13:31:54 +00:00
|
|
|
//fmt.Println(user, userOut, exists, err)
|
2017-11-24 13:36:40 +00:00
|
|
|
return userOut, exists, err
|
2017-11-16 11:28:27 +00:00
|
|
|
}
|
|
|
|
|
2017-11-08 09:55:17 +00:00
|
|
|
// CheckUserCredentials checks user credentials
|
2017-11-08 16:14:51 +00:00
|
|
|
func CheckUserCredentials(u *UserLogin) (User, error) {
|
2017-10-10 09:09:26 +00:00
|
|
|
|
|
|
|
// Check if the user exists
|
2018-01-26 15:44:58 +00:00
|
|
|
user, exists, err := GetUser(User{Username: u.Username})
|
2017-10-10 09:09:26 +00:00
|
|
|
if err != nil {
|
|
|
|
return User{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if !exists {
|
2018-01-23 14:19:39 +00:00
|
|
|
return User{}, ErrUserDoesNotExist{}
|
2017-10-10 09:09:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Check the users password
|
2017-11-08 16:06:06 +00:00
|
|
|
err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(u.Password))
|
2017-10-10 09:09:26 +00:00
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return User{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return user, nil
|
2017-11-07 15:35:10 +00:00
|
|
|
}
|
2017-12-05 13:46:54 +00:00
|
|
|
|
|
|
|
// GetCurrentUser returns the current user based on its jwt token
|
|
|
|
func GetCurrentUser(c echo.Context) (user User, err error) {
|
|
|
|
jwtinf := c.Get("user").(*jwt.Token)
|
|
|
|
claims := jwtinf.Claims.(jwt.MapClaims)
|
|
|
|
userID, ok := claims["id"].(float64)
|
|
|
|
if !ok {
|
2018-01-24 12:18:17 +00:00
|
|
|
return user, ErrCouldNotGetUserID{}
|
2017-12-05 13:46:54 +00:00
|
|
|
}
|
|
|
|
user = User{
|
|
|
|
ID: int64(userID),
|
|
|
|
Name: claims["name"].(string),
|
|
|
|
Email: claims["email"].(string),
|
|
|
|
Username: claims["username"].(string),
|
|
|
|
}
|
|
|
|
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// LogAction logs a user action
|
2018-03-06 11:36:49 +00:00
|
|
|
func LogAction(actionType ActionType, itemID int64, c echo.Context) (err error) {
|
2017-12-05 13:46:54 +00:00
|
|
|
// Get the user options
|
|
|
|
user, err := GetCurrentUser(c)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2018-03-06 11:36:49 +00:00
|
|
|
return logAction(actionType, &user, itemID)
|
2017-12-05 13:46:54 +00:00
|
|
|
}
|
2018-01-23 11:37:13 +00:00
|
|
|
|
|
|
|
// IsAdmin checks based on it's JWT token if the user is admin
|
|
|
|
func IsAdmin(c echo.Context) bool {
|
|
|
|
|
|
|
|
// Get the users JWT token
|
|
|
|
jwtinf := c.Get("user").(*jwt.Token)
|
|
|
|
claims := jwtinf.Claims.(jwt.MapClaims)
|
|
|
|
|
|
|
|
// And check if he is admin
|
|
|
|
if claims["admin"].(bool) {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
// Send him to nirvarna if not
|
|
|
|
return false
|
|
|
|
}
|