diff --git a/authStore.go b/authStore.go index 0b1fc34..2a972b2 100644 --- a/authStore.go +++ b/authStore.go @@ -37,9 +37,9 @@ type AuthStorer interface { GetSession(w http.ResponseWriter, r *http.Request) (*LoginSession, error) GetBasicAuth(w http.ResponseWriter, r *http.Request) (*LoginSession, error) OAuthLogin(w http.ResponseWriter, r *http.Request) (string, error) - Login(w http.ResponseWriter, r *http.Request) (string, error) + Login(w http.ResponseWriter, r *http.Request) (*LoginSession, error) Register(w http.ResponseWriter, r *http.Request) error - CreateProfile(w http.ResponseWriter, r *http.Request) (string, error) + CreateProfile(w http.ResponseWriter, r *http.Request) (*LoginSession, error) VerifyEmail(w http.ResponseWriter, r *http.Request) (string, string, error) CreateSecondaryEmail(w http.ResponseWriter, r *http.Request) error SetPrimaryEmail(w http.ResponseWriter, r *http.Request) error @@ -183,16 +183,16 @@ func (s *authStore) renewSession(w http.ResponseWriter, r *http.Request, session } /******************************** Login ***********************************************/ -func (s *authStore) Login(w http.ResponseWriter, r *http.Request) (string, error) { +func (s *authStore) Login(w http.ResponseWriter, r *http.Request) (*LoginSession, error) { credentials, err := getCredentials(r) if err != nil { - return "", newAuthError("Unable to get credentials", err) + return nil, newAuthError("Unable to get credentials", err) } session, err := s.login(w, r, credentials.Email, credentials.Password, credentials.RememberMe) if err != nil { - return "", err + return nil, err } - return session.CSRFToken, err + return session, err } func (s *authStore) login(w http.ResponseWriter, r *http.Request, email, password string, rememberMe bool) (*LoginSession, error) { @@ -413,59 +413,59 @@ func (s *authStore) addEmailSession(email, destinationURL string) (string, error return verifyCode, nil } -func (s *authStore) CreateProfile(w http.ResponseWriter, r *http.Request) (string, error) { +func (s *authStore) CreateProfile(w http.ResponseWriter, r *http.Request) (*LoginSession, error) { profile, err := getProfile(r) if err != nil { - return "", newAuthError("Unable to get profile information from form", err) + return nil, newAuthError("Unable to get profile information from form", err) } csrfToken := r.Header.Get("X-CSRF-Token") if csrfToken == "" { - return "", errMissingCSRF + return nil, errMissingCSRF } return s.createProfile(w, r, csrfToken, profile.FullName, profile.Organization, profile.Password, profile.PicturePath) } -func (s *authStore) createProfile(w http.ResponseWriter, r *http.Request, csrfToken, fullName, organization, password, picturePath string) (string, error) { +func (s *authStore) createProfile(w http.ResponseWriter, r *http.Request, csrfToken, fullName, organization, password, picturePath string) (*LoginSession, error) { emailCookie, err := s.getEmailCookie(w, r) if err != nil || emailCookie.EmailVerificationCode == "" { - return "", newLoggedError("Unable to get email verification cookie", err) + return nil, newLoggedError("Unable to get email verification cookie", err) } emailVerifyHash, err := decodeStringToHash(emailCookie.EmailVerificationCode) // base64 decode and hash if err != nil { - return "", newLoggedError("Invalid email verification cookie", err) + return nil, newLoggedError("Invalid email verification cookie", err) } session, err := s.backend.GetEmailSession(emailVerifyHash) if err != nil { - return "", newLoggedError("Invalid email verification", err) + return nil, newLoggedError("Invalid email verification", err) } if session.CSRFToken != csrfToken { - return "", errInvalidCSRF + return nil, errInvalidCSRF } err = s.backend.UpdateUser(session.UserID, fullName, organization, picturePath) if err != nil { - return "", newLoggedError("Unable to update user", err) + return nil, newLoggedError("Unable to update user", err) } err = s.backend.DeleteEmailSession(session.EmailVerifyHash) if err != nil { - return "", newLoggedError("Error while creating profile", err) + return nil, newLoggedError("Error while creating profile", err) } _, err = s.backend.CreateLogin(session.UserID, session.Email, password, fullName) if err != nil { - return "", newLoggedError("Unable to create login", err) + return nil, newLoggedError("Unable to create login", err) } ls, err := s.createSession(w, r, session.Email, session.UserID, fullName, false) if err != nil { - return "", err + return nil, err } s.deleteEmailCookie(w) - return ls.CSRFToken, nil + return ls, nil } // move to sessionStore diff --git a/authStore_e2e_test.go b/authStore_e2e_test.go index 185ba85..3ccebd3 100644 --- a/authStore_e2e_test.go +++ b/authStore_e2e_test.go @@ -167,7 +167,7 @@ func _createProfile(fullName, password string, emailCookie *emailCookie, b *back } // create profile - newToken, err := s.createProfile(nil, r, csrfToken, fullName, "company", password, "picturePath") + newSession, err := s.createProfile(nil, r, csrfToken, fullName, "company", password, "picturePath") if err != nil { return "", nil, err } @@ -198,7 +198,7 @@ func _createProfile(fullName, password string, emailCookie *emailCookie, b *back if session == nil || session.SessionHash != sessionHash || session.Email != oldEmailSession.Email || session.UserID != oldEmailSession.UserID || session.FullName != fullName { return "", nil, errors.Errorf("expected session to be created, %v", session) } - return newToken, sessionCookie, nil + return newSession.CSRFToken, sessionCookie, nil } func _login(email, password string, remember bool, clientSessionCookie *sessionCookie, rememberCookie *rememberMeCookie, b *backendMemory, m *TextMailer) (string, *sessionCookie, *rememberMeCookie, error) { diff --git a/backend.go b/backend.go index 6d04dc0..1f8fa8d 100644 --- a/backend.go +++ b/backend.go @@ -97,9 +97,9 @@ type user struct { // UserLogin is the struct which holds login information type UserLogin struct { - UserID string - Email string - FullName string + UserID string `json:"userID"` + Email string `json:"email"` + FullName string `json:"fullName"` } // LoginSession is the struct which holds session information diff --git a/nginx/nginxauth.go b/nginx/nginxauth.go index 8a0d834..1397781 100644 --- a/nginx/nginxauth.go +++ b/nginx/nginxauth.go @@ -236,7 +236,7 @@ func oauthLogin(authStore auth.AuthStorer, w http.ResponseWriter, r *http.Reques } func login(authStore auth.AuthStorer, w http.ResponseWriter, r *http.Request) { - runWithCSRF("login", authStore.Login, w, r) + runWithProfile(authStore.Login, w, r) } func register(authStore auth.AuthStorer, w http.ResponseWriter, r *http.Request) { @@ -244,7 +244,7 @@ func register(authStore auth.AuthStorer, w http.ResponseWriter, r *http.Request) } func createProfile(authStore auth.AuthStorer, w http.ResponseWriter, r *http.Request) { - runWithCSRF("createProfile", authStore.CreateProfile, w, r) + runWithProfile(authStore.CreateProfile, w, r) } func createSecondaryEmail(authStore auth.AuthStorer, w http.ResponseWriter, r *http.Request) { @@ -268,6 +268,22 @@ func run(name string, method func(http.ResponseWriter, *http.Request) error, w h writeOutput(w, `{ "result": "Success" }`, method(w, r)) } +func runWithProfile(method func(http.ResponseWriter, *http.Request) (*auth.LoginSession, error), w http.ResponseWriter, r *http.Request) { + s, err := method(w, r) + if err != nil { + authErr(w, r, err) + return + } + + user, err := json.Marshal(&auth.UserLogin{Email: s.Email, UserID: s.UserID, FullName: s.FullName}) + if err != nil { + authErr(w, r, err) + return + } + + writeOutput(w, string(user), nil) +} + func runWithCSRF(name string, method func(http.ResponseWriter, *http.Request) (string, error), w http.ResponseWriter, r *http.Request) { csrfToken, err := method(w, r) writeOutput(w, fmt.Sprintf(`{ "result": "Success", "csrfToken": "%s" }`, csrfToken), err) diff --git a/nginx/nginxauth_test.go b/nginx/nginxauth_test.go index 8d65fee..ef54e89 100644 --- a/nginx/nginxauth_test.go +++ b/nginx/nginxauth_test.go @@ -184,17 +184,17 @@ func (s *mockAuthStorer) OAuthLogin(w http.ResponseWriter, r *http.Request) (str s.LastRun = "OAuthLogin" return "csrfToken", s.ErrReturn } -func (s *mockAuthStorer) Login(w http.ResponseWriter, r *http.Request) (string, error) { +func (s *mockAuthStorer) Login(w http.ResponseWriter, r *http.Request) (*auth.LoginSession, error) { s.LastRun = "Login" - return "csrfToken", s.ErrReturn + return s.SessionReturn, s.ErrReturn } func (s *mockAuthStorer) Register(w http.ResponseWriter, r *http.Request) error { s.LastRun = "Register" return s.ErrReturn } -func (s *mockAuthStorer) CreateProfile(w http.ResponseWriter, r *http.Request) (string, error) { +func (s *mockAuthStorer) CreateProfile(w http.ResponseWriter, r *http.Request) (*auth.LoginSession, error) { s.LastRun = "CreateProfile" - return "csrfToken", s.ErrReturn + return s.SessionReturn, s.ErrReturn } func (s *mockAuthStorer) VerifyEmail(w http.ResponseWriter, r *http.Request) (string, string, error) { s.LastRun = "VerifyEmail"