From cd3e045f542899dd430c1ca237b1b3d1b669a146 Mon Sep 17 00:00:00 2001 From: Pedro Nasser Date: Thu, 1 Sep 2016 14:57:50 -0300 Subject: [PATCH] fix auth and post creation --- examples/blog/main.go | 30 ++++++++++------ examples/blog/models/post.go | 1 + examples/blog/routes/post_create.go | 2 ++ examples/blog/routes/server.go | 54 ----------------------------- 4 files changed, 22 insertions(+), 65 deletions(-) diff --git a/examples/blog/main.go b/examples/blog/main.go index f7e9da77c..75ca27e67 100644 --- a/examples/blog/main.go +++ b/examples/blog/main.go @@ -10,6 +10,8 @@ import ( "github.com/iron-io/functions/examples/blog/routes" ) +var noAuth = map[string]interface{}{} + func main() { request := fmt.Sprintf("%s %s", os.Getenv("METHOD"), os.Getenv("ROUTE")) @@ -23,30 +25,36 @@ func main() { return } + // PUBLIC REQUESTS + switch request { + case "GET /posts": + route.HandlePostList(db, noAuth) + return + case "GET /posts/:id": + route.HandlePostRead(db, noAuth) + return + } + + // GETTING TOKEN if os.Getenv("ROUTE") == "/token" { route.HandleToken(db) return } + // AUTHENTICATION auth, valid := route.Authentication() if !valid { route.SendError("Invalid authentication") return } - switch request { - case "GET /posts": - route.HandlePostList(db, auth) - break - case "POST /posts": + // AUTHENTICATED ONLY REQUESTS + if request == "POST /posts" { route.HandlePostCreate(db, auth) - break - case "GET /posts/:id": - route.HandlePostRead(db, auth) - break - default: - route.SendError("Not found") + return } + + route.SendError("Not found") } func createUser(db *database.Database) bool { diff --git a/examples/blog/models/post.go b/examples/blog/models/post.go index 80e72694b..ef964c458 100644 --- a/examples/blog/models/post.go +++ b/examples/blog/models/post.go @@ -6,4 +6,5 @@ type Post struct { ID bson.ObjectId `json:"id" bson:"_id,omitempty"` Title string `json:"title" bson:"title"` Body string `json:"body" bson:"body"` + User string `json:"user" bsom:"user"` } diff --git a/examples/blog/routes/post_create.go b/examples/blog/routes/post_create.go index 5845713fa..3d72861b8 100644 --- a/examples/blog/routes/post_create.go +++ b/examples/blog/routes/post_create.go @@ -24,6 +24,8 @@ func HandlePostCreate(db *database.Database, auth map[string]interface{}) { return } + post.User = auth["user"].(string) + SendResponse(Response{ "post": post, }) diff --git a/examples/blog/routes/server.go b/examples/blog/routes/server.go index ea9524331..26770ed86 100644 --- a/examples/blog/routes/server.go +++ b/examples/blog/routes/server.go @@ -89,57 +89,3 @@ func Authentication() (map[string]interface{}, bool) { return nil, false } - -// func New(db *database.Database) *gin.Engine { -// DB = db - -// r := gin.New() -// r.POST("/auth", func(c *gin.Context) { -// username := c.PostForm("username") -// password := c.PostForm("password") - -// user, err := db.GetUser(username) -// if err != nil { -// c.JSON(500, gin.H{"message": "Could not generate token"}) -// return -// } - -// err = bcrypt.CompareHashAndPassword(user.Password, []byte(password)) -// if err != nil { -// c.JSON(500, gin.H{"message": "Could not generate token"}) -// return -// } - -// token := jwt_lib.New(jwt_lib.GetSigningMethod("HS256")) -// claims := token.Claims.(jwt_lib.MapClaims) -// claims["ID"] = username -// claims["exp"] = time.Now().Add(time.Hour * 1).Unix() - -// tokenString, err := token.SignedString([]byte(jwtSignKey)) -// if err != nil { -// c.JSON(500, gin.H{"message": "Could not generate token"}) -// return -// } -// c.JSON(200, gin.H{"token": tokenString}) -// }) - -// r.POST("/testuser", func(c *gin.Context) { -// _, err := db.SaveUser(&models.User{ -// Username: "test", -// Password: []byte("test"), -// }) -// if err != nil { -// c.JSON(500, gin.H{"message": "Could create test user"}) -// return -// } -// c.JSON(200, gin.H{"message": "test user created"}) -// }) - -// blog := r.Group("/blog") -// blog.Use(jwtAuth(jwtSignKey)) -// blog.GET("/posts", handlePostList) -// blog.POST("/posts", handlePostCreate) -// blog.GET("/posts/:id", handlePostRead) - -// return r -// }