major code repair from old to new API -- WIP

domain/auth/endpoint.go

@@ -0,0 +1,207 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+package auth
+
+import (
+	"database/sql"
+	"errors"
+	"net/http"
+	"strings"
+
+	"github.com/documize/community/core/response"
+	"github.com/documize/community/core/secrets"
+	"github.com/documize/community/domain"
+	"github.com/documize/community/domain/organization"
+	"github.com/documize/community/domain/section/provider"
+	"github.com/documize/community/domain/user"
+)
+
+// Authenticate user based up HTTP Authorization header.
+// An encrypted authentication token is issued with an expiry date.
+func (h *Handler) Authenticate(w http.ResponseWriter, r *http.Request) {
+	method := "Authenticate"
+
+	s := domain.StoreContext{Runtime: h.Runtime, Context: domain.GetRequestContext(r)}
+
+	// check for http header
+	authHeader := r.Header.Get("Authorization")
+	if len(authHeader) == 0 {
+		response.WriteBadRequestError(w, method, "Missing Authorization header")
+		return
+	}
+
+	// decode what we received
+	data := strings.Replace(authHeader, "Basic ", "", 1)
+
+	decodedBytes, err := secrets.DecodeBase64([]byte(data))
+	if err != nil {
+		response.WriteBadRequestError(w, method, "Unable to decode authentication token")
+		return
+	}
+
+	decoded := string(decodedBytes)
+
+	// check that we have domain:email:password (but allow for : in password field!)
+	credentials := strings.SplitN(decoded, ":", 3)
+
+	if len(credentials) != 3 {
+		response.WriteBadRequestError(w, method, "Bad authentication token, expecting domain:email:password")
+		return
+	}
+
+	dom := strings.TrimSpace(strings.ToLower(credentials[0]))
+	dom = organization.CheckDomain(s, dom) // TODO optimize by removing this once js allows empty domains
+	email := strings.TrimSpace(strings.ToLower(credentials[1]))
+	password := credentials[2]
+	h.Runtime.Log.Info("logon attempt " + email + " @ " + dom)
+
+	u, err := user.GetByDomain(s, dom, email)
+
+	if err == sql.ErrNoRows {
+		response.WriteUnauthorizedError(w)
+		return
+	}
+
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	if len(u.Reset) > 0 || len(u.Password) == 0 {
+		response.WriteUnauthorizedError(w)
+		return
+	}
+
+	// Password correct and active user
+	if email != strings.TrimSpace(strings.ToLower(u.Email)) || !secrets.MatchPassword(u.Password, password, u.Salt) {
+		response.WriteUnauthorizedError(w)
+		return
+	}
+
+	org, err := organization.GetOrganizationByDomain(s, dom)
+	if err != nil {
+		response.WriteUnauthorizedError(w)
+		return
+	}
+
+	// Attach user accounts and work out permissions
+	user.AttachUserAccounts(s, org.RefID, &u)
+
+	// active check
+
+	if len(u.Accounts) == 0 {
+		response.WriteUnauthorizedError(w)
+		return
+	}
+
+	authModel := AuthenticationModel{}
+	authModel.Token = GenerateJWT(h.Runtime, u.RefID, org.RefID, dom)
+	authModel.User = u
+
+	response.WriteJSON(w, authModel)
+}
+
+// ValidateAuthToken finds and validates authentication token.
+func (h *Handler) ValidateAuthToken(w http.ResponseWriter, r *http.Request) {
+	// TODO should this go after token validation?
+	if s := r.URL.Query().Get("section"); s != "" {
+		if err := provider.Callback(s, w, r); err != nil {
+			h.Runtime.Log.Error("section validation failure", err)
+			w.WriteHeader(http.StatusUnauthorized)
+		}
+
+		return
+	}
+
+	s := domain.StoreContext{Runtime: h.Runtime, Context: domain.GetRequestContext(r)}
+
+	token := FindJWT(r)
+	rc, _, tokenErr := DecodeJWT(h.Runtime, token)
+
+	var org = organization.Organization{}
+	var err = errors.New("")
+
+	// We always grab the org record regardless of token status.
+	// Why? If bad token we might be OK to alow anonymous access
+	// depending upon the domain in question.
+	if len(rc.OrgID) == 0 {
+		org, err = organization.GetOrganizationByDomain(s, organization.GetRequestSubdomain(s, r))
+	} else {
+		org, err = organization.GetOrganization(s, rc.OrgID)
+	}
+
+	rc.Subdomain = org.Domain
+
+	// Inability to find org record spells the end of this request.
+	if err != nil {
+		w.WriteHeader(http.StatusUnauthorized)
+		return
+	}
+
+	// If we have bad auth token and the domain does not allow anon access
+	if !org.AllowAnonymousAccess && tokenErr != nil {
+		return
+	}
+
+	dom := organization.GetSubdomainFromHost(s, r)
+	dom2 := organization.GetRequestSubdomain(s, r)
+	if org.Domain != dom && org.Domain != dom2 {
+		w.WriteHeader(http.StatusUnauthorized)
+		return
+	}
+
+	// If we have bad auth token and the domain allows anon access
+	// then we generate guest rc.
+	if org.AllowAnonymousAccess {
+		// So you have a bad token
+		if len(token) > 1 {
+			if tokenErr != nil {
+				w.WriteHeader(http.StatusUnauthorized)
+				return
+			}
+		} else {
+			// Just grant anon user guest access
+			rc.UserID = "0"
+			rc.OrgID = org.RefID
+			rc.Authenticated = false
+			rc.Guest = true
+		}
+	}
+
+	rc.AllowAnonymousAccess = org.AllowAnonymousAccess
+	rc.OrgName = org.Title
+	rc.Administrator = false
+	rc.Editor = false
+	rc.Global = false
+	rc.AppURL = r.Host
+	rc.Subdomain = organization.GetSubdomainFromHost(s, r)
+	rc.SSL = r.TLS != nil
+
+	// Fetch user permissions for this org
+	if !rc.Authenticated {
+		w.WriteHeader(http.StatusUnauthorized)
+		return
+	}
+
+	u, err := user.GetSecuredUser(s, org.RefID, rc.UserID)
+	if err != nil {
+		w.WriteHeader(http.StatusUnauthorized)
+		return
+	}
+
+	rc.Administrator = u.Admin
+	rc.Editor = u.Editor
+	rc.Global = u.Global
+
+	response.WriteJSON(w, u)
+	return
+}