auth

Paddy 2015-04-11 Parent:849f3820b164 Child:73e12d5a1124

auth/profile.go

Clean up sessions and tokens after Profile is deleted. Add a terminateSessionsByProfile method to our sessionStore to mark Sessions associated with a Profile as inactive. Implement memstore and postgres implementations of the terminateSessionsByProfile method. Add a TerminateSessionsByProfile wrapper method to Context. Add a revokeTokensByProfileID method to our tokenStore to mark Tokens associated with a Profile as revoked. Implement memstore and postgres implementation of the revokeTokensByProfileID method. Add a RevokeTokensByProfileID wrapper method to Context. Call our RevokeTokensByProfileID and TerminateSessionsByProfile methods after a Profile is deleted, to clean up the Tokens and Sessions associated with it.

Download raw file

View source Diff to previous Annotate

paddy@27	1 package auth
paddy@27	2
paddy@27	3 import (
paddy@99	4 "encoding/json"
paddy@38	5 "errors"
paddy@149	6 "log"
paddy@99	7 "net/http"
paddy@99	8 "regexp"
paddy@99	9 "strings"
paddy@27	10 "time"
paddy@27	11
paddy@107	12 "code.secondbit.org/uuid.hg"
paddy@105	13 "github.com/gorilla/mux"
paddy@27	14 )
paddy@27	15
paddy@48	16 const (
paddy@57	17 // MinPassphraseLength is the minimum length, in bytes, of a passphrase, exclusive.
paddy@48	18 MinPassphraseLength = 6
paddy@57	19 // MaxPassphraseLength is the maximum length, in bytes, of a passphrase, exclusive.
paddy@48	20 MaxPassphraseLength = 64
paddy@69	21 // CurPassphraseScheme is the current passphrase scheme. Incrememnt it when we use a different passphrase scheme
paddy@69	22 CurPassphraseScheme = 1
paddy@99	23 // MaxNameLength is the maximum length, in bytes, of a name, exclusive.
paddy@99	24 MaxNameLength = 64
paddy@99	25 // MaxEmailLength is the maximum length, in bytes, of an email address, exclusive.
paddy@99	26 MaxEmailLength = 64
paddy@48	27 )
paddy@48	28
paddy@38	29 var (
paddy@57	30 // ErrNoProfileStore is returned when a Context tries to act on a profileStore without setting one first.
paddy@57	31 ErrNoProfileStore = errors.New("no profileStore was specified for the Context")
paddy@57	32 // ErrProfileAlreadyExists is returned when a Profile is added to a profileStore, but another Profile with
paddy@57	33 // the same ID already exists in the profileStore.
paddy@57	34 ErrProfileAlreadyExists = errors.New("profile already exists in profileStore")
paddy@57	35 // ErrProfileNotFound is returned when a Profile is requested but not found in the profileStore.
paddy@57	36 ErrProfileNotFound = errors.New("profile not found in profileStore")
paddy@57	37 // ErrLoginAlreadyExists is returned when a Login is added to a profileStore, but another Login with the same
paddy@57	38 // Type and Value already exists in the profileStore.
paddy@57	39 ErrLoginAlreadyExists = errors.New("login already exists in profileStore")
paddy@57	40 // ErrLoginNotFound is returned when a Login is requested but not found in the profileStore.
paddy@57	41 ErrLoginNotFound = errors.New("login not found in profileStore")
paddy@48	42
paddy@57	43 // ErrMissingPassphrase is returned when a ProfileChange is validated but does not contain a
paddy@57	44 // Passphrase, and requires one.
paddy@57	45 ErrMissingPassphrase = errors.New("missing passphrase")
paddy@57	46 // ErrMissingPassphraseReset is returned when a ProfileChange is validated but does not contain
paddy@57	47 // a PassphraseReset, and requires one.
paddy@57	48 ErrMissingPassphraseReset = errors.New("missing passphrase reset")
paddy@57	49 // ErrMissingPassphraseResetCreated is returned when a ProfileChange is validated but does not
paddy@57	50 // contain a PassphraseResetCreated, and requires one.
paddy@48	51 ErrMissingPassphraseResetCreated = errors.New("missing passphrase reset created timestamp")
paddy@57	52 // ErrPassphraseTooShort is returned when a ProfileChange is validated and contains a Passphrase,
paddy@57	53 // but the Passphrase is shorter than MinPassphraseLength.
paddy@57	54 ErrPassphraseTooShort = errors.New("passphrase too short")
paddy@57	55 // ErrPassphraseTooLong is returned when a ProfileChange is validated and contains a Passphrase,
paddy@57	56 // but the Passphrase is longer than MaxPassphraseLength.
paddy@57	57 ErrPassphraseTooLong = errors.New("passphrase too long")
paddy@99	58
paddy@99	59 // ErrProfileCompromised is returned when a user tries to log in with a profile that is suspected
paddy@99	60 // of being compromised.
paddy@99	61 ErrProfileCompromised = errors.New("profile compromised")
paddy@99	62 // ErrProfileLocked is returned when a user tries to log in with a profile that is locked for a certain
paddy@99	63 // duration, to prevent brute force attacks.
paddy@99	64 ErrProfileLocked = errors.New("profile locked")
paddy@38	65 )
paddy@38	66
paddy@57	67 // Profile represents a single user of the service,
paddy@158	68 // including their authentication information.
paddy@27	69 type Profile struct {
paddy@105	70 ID uuid.ID `json:"id,omitempty"`
paddy@105	71 Name string `json:"name,omitempty"`
paddy@105	72 Passphrase string `json:"-"`
paddy@105	73 Iterations int `json:"-"`
paddy@105	74 Salt string `json:"-"`
paddy@105	75 PassphraseScheme int `json:"-"`
paddy@105	76 Compromised bool `json:"-"`
paddy@105	77 LockedUntil time.Time `json:"-"`
paddy@105	78 PassphraseReset string `json:"-"`
paddy@105	79 PassphraseResetCreated time.Time `json:"-"`
paddy@105	80 Created time.Time `json:"created,omitempty"`
paddy@105	81 LastSeen time.Time `json:"last_seen,omitempty"`
paddy@38	82 }
paddy@38	83
paddy@57	84 // ApplyChange applies the properties of the passed ProfileChange
paddy@57	85 // to the Profile it is called on.
paddy@38	86 func (p *Profile) ApplyChange(change ProfileChange) {
paddy@38	87 if change.Name != nil {
paddy@38	88 p.Name = *change.Name
paddy@38	89 }
paddy@38	90 if change.Passphrase != nil {
paddy@38	91 p.Passphrase = *change.Passphrase
paddy@38	92 }
paddy@38	93 if change.Iterations != nil {
paddy@38	94 p.Iterations = *change.Iterations
paddy@38	95 }
paddy@38	96 if change.Salt != nil {
paddy@38	97 p.Salt = *change.Salt
paddy@38	98 }
paddy@38	99 if change.PassphraseScheme != nil {
paddy@38	100 p.PassphraseScheme = *change.PassphraseScheme
paddy@38	101 }
paddy@38	102 if change.Compromised != nil {
paddy@38	103 p.Compromised = *change.Compromised
paddy@38	104 }
paddy@38	105 if change.LockedUntil != nil {
paddy@38	106 p.LockedUntil = *change.LockedUntil
paddy@38	107 }
paddy@38	108 if change.PassphraseReset != nil {
paddy@38	109 p.PassphraseReset = *change.PassphraseReset
paddy@38	110 }
paddy@38	111 if change.PassphraseResetCreated != nil {
paddy@38	112 p.PassphraseResetCreated = *change.PassphraseResetCreated
paddy@38	113 }
paddy@38	114 if change.LastSeen != nil {
paddy@38	115 p.LastSeen = *change.LastSeen
paddy@38	116 }
paddy@38	117 }
paddy@38	118
paddy@57	119 // ApplyBulkChange applies the properties of the passed BulkProfileChange
paddy@57	120 // to the Profile it is called on.
paddy@44	121 func (p *Profile) ApplyBulkChange(change BulkProfileChange) {
paddy@44	122 if change.Compromised != nil {
paddy@44	123 p.Compromised = *change.Compromised
paddy@44	124 }
paddy@44	125 }
paddy@44	126
paddy@57	127 // ProfileChange represents a single atomic change to a Profile's mutable data.
paddy@38	128 type ProfileChange struct {
paddy@38	129 Name *string
paddy@38	130 Passphrase *string
paddy@69	131 Iterations *int
paddy@38	132 Salt *string
paddy@38	133 PassphraseScheme *int
paddy@38	134 Compromised *bool
paddy@38	135 LockedUntil *time.Time
paddy@38	136 PassphraseReset *string
paddy@38	137 PassphraseResetCreated *time.Time
paddy@38	138 LastSeen *time.Time
paddy@38	139 }
paddy@38	140
paddy@149	141 func (c ProfileChange) Empty() bool {
paddy@161	142 return (c.Name == nil && c.Passphrase == nil && c.Iterations == nil && c.Salt == nil && c.PassphraseScheme == nil && c.Compromised == nil && c.LockedUntil == nil && c.PassphraseReset == nil && c.PassphraseResetCreated == nil && c.LastSeen == nil)
paddy@149	143 }
paddy@149	144
paddy@57	145 // Validate checks the ProfileChange it is called on
paddy@57	146 // and asserts its internal validity, or lack thereof.
paddy@57	147 // A descriptive error will be returned in the case of
paddy@57	148 // an invalid change.
paddy@38	149 func (c ProfileChange) Validate() error {
paddy@149	150 if c.Empty() {
paddy@48	151 return ErrEmptyChange
paddy@48	152 }
paddy@48	153 if c.PassphraseScheme != nil && c.Passphrase == nil {
paddy@48	154 return ErrMissingPassphrase
paddy@48	155 }
paddy@48	156 if c.PassphraseReset != nil && c.PassphraseResetCreated == nil {
paddy@48	157 return ErrMissingPassphraseResetCreated
paddy@48	158 }
paddy@48	159 if c.PassphraseReset == nil && c.PassphraseResetCreated != nil {
paddy@48	160 return ErrMissingPassphraseReset
paddy@48	161 }
paddy@48	162 if c.Salt != nil && c.Passphrase == nil {
paddy@48	163 return ErrMissingPassphrase
paddy@48	164 }
paddy@48	165 if c.Iterations != nil && c.Passphrase == nil {
paddy@48	166 return ErrMissingPassphrase
paddy@48	167 }
paddy@38	168 return nil
paddy@27	169 }
paddy@27	170
paddy@57	171 // BulkProfileChange represents a single atomic change to many Profiles' mutable data.
paddy@57	172 // It is a subset of a ProfileChange, as it doesn't make sense to mutate some of the
paddy@57	173 // ProfileChange values across many Profiles all at once.
paddy@44	174 type BulkProfileChange struct {
paddy@44	175 Compromised *bool
paddy@44	176 }
paddy@44	177
paddy@149	178 func (b BulkProfileChange) Empty() bool {
paddy@149	179 return b.Compromised == nil
paddy@149	180 }
paddy@149	181
paddy@57	182 // Validate checks the BulkProfileChange it is called on
paddy@57	183 // and asserts its internal validity, or lack thereof.
paddy@57	184 // A descriptive error will be returned in the case of an
paddy@57	185 // invalid change.
paddy@44	186 func (b BulkProfileChange) Validate() error {
paddy@149	187 if b.Empty() {
paddy@48	188 return ErrEmptyChange
paddy@48	189 }
paddy@44	190 return nil
paddy@44	191 }
paddy@44	192
paddy@57	193 // Login represents a single human-friendly identifier for
paddy@57	194 // a given Profile that can be used to log into that Profile.
paddy@57	195 // Each Profile may only have one Login for each Type.
paddy@27	196 type Login struct {
paddy@105	197 Type string `json:"type,omitempty"`
paddy@105	198 Value string `json:"value,omitempty"`
paddy@105	199 ProfileID uuid.ID `json:"profile_id,omitempty"`
paddy@105	200 Created time.Time `json:"created,omitempty"`
paddy@105	201 LastUsed time.Time `json:"last_used,omitempty"`
paddy@27	202 }
paddy@27	203
paddy@99	204 type newProfileRequest struct {
paddy@99	205 Email string `json:"email"`
paddy@99	206 Passphrase string `json:"passphrase"`
paddy@99	207 Name string `json:"name"`
paddy@99	208 }
paddy@99	209
paddy@99	210 func validateNewProfileRequest(req *newProfileRequest) []requestError {
paddy@99	211 errors := []requestError{}
paddy@99	212 req.Name = strings.TrimSpace(req.Name)
paddy@99	213 req.Email = strings.TrimSpace(req.Email)
paddy@99	214 if len(req.Passphrase) < MinPassphraseLength {
paddy@99	215 errors = append(errors, requestError{
paddy@99	216 Slug: requestErrInsufficient,
paddy@99	217 Field: "/passphrase",
paddy@99	218 })
paddy@99	219 }
paddy@99	220 if len(req.Passphrase) > MaxPassphraseLength {
paddy@99	221 errors = append(errors, requestError{
paddy@99	222 Slug: requestErrOverflow,
paddy@99	223 Field: "/passphrase",
paddy@99	224 })
paddy@99	225 }
paddy@99	226 if len(req.Name) > MaxNameLength {
paddy@99	227 errors = append(errors, requestError{
paddy@99	228 Slug: requestErrOverflow,
paddy@99	229 Field: "/name",
paddy@99	230 })
paddy@99	231 }
paddy@99	232 if req.Email == "" {
paddy@99	233 errors = append(errors, requestError{
paddy@99	234 Slug: requestErrMissing,
paddy@99	235 Field: "/email",
paddy@99	236 })
paddy@99	237 }
paddy@99	238 if len(req.Email) > MaxEmailLength {
paddy@99	239 errors = append(errors, requestError{
paddy@99	240 Slug: requestErrOverflow,
paddy@99	241 Field: "/email",
paddy@99	242 })
paddy@99	243 }
paddy@99	244 re := regexp.MustCompile(".+@.+\\..+")
paddy@99	245 if !re.Match([]byte(req.Email)) {
paddy@99	246 errors = append(errors, requestError{
paddy@105	247 Slug: requestErrInvalidFormat,
paddy@99	248 Field: "/email",
paddy@99	249 })
paddy@99	250 }
paddy@99	251 return errors
paddy@99	252 }
paddy@99	253
paddy@57	254 type profileStore interface {
paddy@57	255 getProfileByID(id uuid.ID) (Profile, error)
paddy@69	256 getProfileByLogin(value string) (Profile, error)
paddy@57	257 saveProfile(profile Profile) error
paddy@57	258 updateProfile(id uuid.ID, change ProfileChange) error
paddy@57	259 updateProfiles(ids []uuid.ID, change BulkProfileChange) error
paddy@161	260 deleteProfile(id uuid.ID) error
paddy@44	261
paddy@57	262 addLogin(login Login) error
paddy@69	263 removeLogin(value string, profile uuid.ID) error
paddy@160	264 removeLoginsByProfile(profile uuid.ID) error
paddy@69	265 recordLoginUse(value string, when time.Time) error
paddy@57	266 listLogins(profile uuid.ID, num, offset int) ([]Login, error)
paddy@38	267 }
paddy@27	268
paddy@57	269 func (m *memstore) getProfileByID(id uuid.ID) (Profile, error) {
paddy@38	270 m.profileLock.RLock()
paddy@38	271 defer m.profileLock.RUnlock()
paddy@38	272 p, ok := m.profiles[id.String()]
paddy@38	273 if !ok {
paddy@38	274 return Profile{}, ErrProfileNotFound
paddy@38	275 }
paddy@38	276 return p, nil
paddy@27	277 }
paddy@38	278
paddy@69	279 func (m *memstore) getProfileByLogin(value string) (Profile, error) {
paddy@44	280 m.loginLock.RLock()
paddy@44	281 defer m.loginLock.RUnlock()
paddy@69	282 login, ok := m.logins[value]
paddy@44	283 if !ok {
paddy@44	284 return Profile{}, ErrLoginNotFound
paddy@44	285 }
paddy@44	286 m.profileLock.RLock()
paddy@44	287 defer m.profileLock.RUnlock()
paddy@44	288 profile, ok := m.profiles[login.ProfileID.String()]
paddy@44	289 if !ok {
paddy@44	290 return Profile{}, ErrProfileNotFound
paddy@44	291 }
paddy@44	292 return profile, nil
paddy@38	293 }
paddy@38	294
paddy@57	295 func (m *memstore) saveProfile(profile Profile) error {
paddy@38	296 m.profileLock.Lock()
paddy@38	297 defer m.profileLock.Unlock()
paddy@38	298 _, ok := m.profiles[profile.ID.String()]
paddy@38	299 if ok {
paddy@38	300 return ErrProfileAlreadyExists
paddy@38	301 }
paddy@38	302 m.profiles[profile.ID.String()] = profile
paddy@38	303 return nil
paddy@38	304 }
paddy@38	305
paddy@57	306 func (m *memstore) updateProfile(id uuid.ID, change ProfileChange) error {
paddy@38	307 m.profileLock.Lock()
paddy@38	308 defer m.profileLock.Unlock()
paddy@38	309 p, ok := m.profiles[id.String()]
paddy@38	310 if !ok {
paddy@38	311 return ErrProfileNotFound
paddy@38	312 }
paddy@38	313 p.ApplyChange(change)
paddy@38	314 m.profiles[id.String()] = p
paddy@38	315 return nil
paddy@38	316 }
paddy@38	317
paddy@57	318 func (m *memstore) updateProfiles(ids []uuid.ID, change BulkProfileChange) error {
paddy@44	319 m.profileLock.Lock()
paddy@44	320 defer m.profileLock.Unlock()
paddy@44	321 for id, profile := range m.profiles {
paddy@44	322 for _, i := range ids {
paddy@44	323 if id == i.String() {
paddy@44	324 profile.ApplyBulkChange(change)
paddy@44	325 m.profiles[id] = profile
paddy@44	326 break
paddy@44	327 }
paddy@44	328 }
paddy@44	329 }
paddy@44	330 return nil
paddy@44	331 }
paddy@44	332
paddy@161	333 func (m *memstore) deleteProfile(id uuid.ID) error {
paddy@161	334 m.profileLock.Lock()
paddy@161	335 defer m.profileLock.Unlock()
paddy@161	336 if _, ok := m.profiles[id.String()]; !ok {
paddy@161	337 return ErrProfileNotFound
paddy@161	338 }
paddy@161	339 delete(m.profiles, id.String())
paddy@161	340 return nil
paddy@161	341 }
paddy@161	342
paddy@57	343 func (m *memstore) addLogin(login Login) error {
paddy@44	344 m.loginLock.Lock()
paddy@44	345 defer m.loginLock.Unlock()
paddy@69	346 _, ok := m.logins[login.Value]
paddy@44	347 if ok {
paddy@44	348 return ErrLoginAlreadyExists
paddy@44	349 }
paddy@69	350 m.logins[login.Value] = login
paddy@69	351 m.profileLoginLookup[login.ProfileID.String()] = append(m.profileLoginLookup[login.ProfileID.String()], login.Value)
paddy@44	352 return nil
paddy@44	353 }
paddy@44	354
paddy@69	355 func (m *memstore) removeLogin(value string, profile uuid.ID) error {
paddy@44	356 m.loginLock.Lock()
paddy@44	357 defer m.loginLock.Unlock()
paddy@69	358 l, ok := m.logins[value]
paddy@44	359 if !ok {
paddy@44	360 return ErrLoginNotFound
paddy@44	361 }
paddy@44	362 if !l.ProfileID.Equal(profile) {
paddy@44	363 return ErrLoginNotFound
paddy@44	364 }
paddy@69	365 delete(m.logins, value)
paddy@44	366 pos := -1
paddy@44	367 for p, id := range m.profileLoginLookup[profile.String()] {
paddy@69	368 if id == value {
paddy@44	369 pos = p
paddy@44	370 break
paddy@44	371 }
paddy@44	372 }
paddy@44	373 if pos >= 0 {
paddy@44	374 m.profileLoginLookup[profile.String()] = append(m.profileLoginLookup[profile.String()][:pos], m.profileLoginLookup[profile.String()][pos+1:]...)
paddy@44	375 }
paddy@44	376 return nil
paddy@44	377 }
paddy@44	378
paddy@160	379 func (m *memstore) removeLoginsByProfile(profile uuid.ID) error {
paddy@160	380 m.loginLock.Lock()
paddy@160	381 defer m.loginLock.Unlock()
paddy@160	382 logins, ok := m.profileLoginLookup[profile.String()]
paddy@160	383 if !ok {
paddy@160	384 return ErrProfileNotFound
paddy@160	385 }
paddy@160	386 delete(m.profileLoginLookup, profile.String())
paddy@160	387 for _, login := range logins {
paddy@160	388 delete(m.logins, login)
paddy@160	389 }
paddy@160	390 return nil
paddy@160	391 }
paddy@160	392
paddy@69	393 func (m *memstore) recordLoginUse(value string, when time.Time) error {
paddy@44	394 m.loginLock.Lock()
paddy@44	395 defer m.loginLock.Unlock()
paddy@69	396 l, ok := m.logins[value]
paddy@44	397 if !ok {
paddy@44	398 return ErrLoginNotFound
paddy@44	399 }
paddy@44	400 l.LastUsed = when
paddy@69	401 m.logins[value] = l
paddy@44	402 return nil
paddy@44	403 }
paddy@44	404
paddy@57	405 func (m *memstore) listLogins(profile uuid.ID, num, offset int) ([]Login, error) {
paddy@44	406 m.loginLock.RLock()
paddy@44	407 defer m.loginLock.RUnlock()
paddy@44	408 ids, ok := m.profileLoginLookup[profile.String()]
paddy@44	409 if !ok {
paddy@44	410 return []Login{}, nil
paddy@44	411 }
paddy@44	412 if len(ids) > num+offset {
paddy@44	413 ids = ids[offset : num+offset]
paddy@44	414 } else if len(ids) > offset {
paddy@44	415 ids = ids[offset:]
paddy@44	416 } else {
paddy@44	417 return []Login{}, nil
paddy@44	418 }
paddy@44	419 logins := []Login{}
paddy@44	420 for _, id := range ids {
paddy@44	421 login, ok := m.logins[id]
paddy@44	422 if !ok {
paddy@44	423 continue
paddy@44	424 }
paddy@44	425 logins = append(logins, login)
paddy@44	426 }
paddy@44	427 return logins, nil
paddy@44	428 }
paddy@99	429
paddy@160	430 func cleanUpAfterProfileDeletion(profile uuid.ID, context Context) {
paddy@160	431 err := context.RemoveLoginsByProfile(profile)
paddy@160	432 if err != nil {
paddy@160	433 log.Printf("Error removing logins from profile %s: %+v\n", profile, err)
paddy@160	434 }
paddy@162	435 err = context.TerminateSessionsByProfile(profile)
paddy@162	436 if err != nil {
paddy@162	437 log.Printf("Error terminating sessions associated with profile %s: %+v\n", profile, err)
paddy@162	438 }
paddy@162	439 err = context.RevokeTokensByProfileID(profile)
paddy@162	440 if err != nil {
paddy@162	441 log.Printf("Error revoking tokens associated with profile %s: %+v\n", profile, err)
paddy@162	442 }
paddy@160	443 // BUG(paddy): need to delete all the grants associated with the Profile
paddy@162	444 // BUG(paddy): need to delete all clients associated with the Profile
paddy@160	445 }
paddy@160	446
paddy@105	447 // RegisterProfileHandlers adds handlers to the passed router to handle the profile endpoints, like registration and user retrieval.
paddy@105	448 func RegisterProfileHandlers(r *mux.Router, context Context) {
paddy@105	449 r.Handle("/profiles", wrap(context, CreateProfileHandler)).Methods("POST")
paddy@128	450 // BUG(paddy): We need to implement a handler that will return information about a profile or set of profiles.
paddy@145	451 r.Handle("/profiles/{id}", wrap(context, UpdateProfileHandler)).Methods("PATCH")
paddy@160	452 r.Handle("/profiles/{id}", wrap(context, DeleteProfileHandler)).Methods("DELETE")
paddy@128	453 // BUG(paddy): We need to implement a handler that will add a login to a profile.
paddy@128	454 // BUG(paddy): We need to implement a handler that will remove a login from a profile. What happens to sessions created with that login?
paddy@128	455 // BUG(paddy): We need to implement a handler that will list the logins attached to a profile.
paddy@105	456 }
paddy@105	457
paddy@99	458 // CreateProfileHandler is an HTTP handler for registering new profiles.
paddy@99	459 func CreateProfileHandler(w http.ResponseWriter, r *http.Request, context Context) {
paddy@99	460 scheme, ok := passphraseSchemes[CurPassphraseScheme]
paddy@99	461 if !ok {
paddy@149	462 log.Printf("Error selecting passphrase scheme #%d\n", CurPassphraseScheme)
paddy@105	463 encode(w, r, http.StatusInternalServerError, actOfGodResponse)
paddy@99	464 return
paddy@99	465 }
paddy@99	466 var req newProfileRequest
paddy@99	467 errors := []requestError{}
paddy@99	468 decoder := json.NewDecoder(r.Body)
paddy@99	469 err := decoder.Decode(&req)
paddy@99	470 if err != nil {
paddy@105	471 encode(w, r, http.StatusBadRequest, invalidFormatResponse)
paddy@99	472 return
paddy@99	473 }
paddy@99	474 errors = append(errors, validateNewProfileRequest(&req)...)
paddy@99	475 if len(errors) > 0 {
paddy@105	476 encode(w, r, http.StatusBadRequest, response{Errors: errors})
paddy@99	477 return
paddy@99	478 }
paddy@99	479 passphrase, salt, err := scheme.create(req.Passphrase, context.config.iterations)
paddy@99	480 if err != nil {
paddy@149	481 log.Printf("Error creating encoded passphrase: %#+v\n", err)
paddy@105	482 encode(w, r, http.StatusInternalServerError, actOfGodResponse)
paddy@99	483 return
paddy@99	484 }
paddy@99	485 profile := Profile{
paddy@99	486 ID: uuid.NewID(),
paddy@99	487 Name: req.Name,
paddy@99	488 Passphrase: string(passphrase),
paddy@99	489 Iterations: context.config.iterations,
paddy@99	490 Salt: string(salt),
paddy@99	491 PassphraseScheme: CurPassphraseScheme,
paddy@99	492 Created: time.Now(),
paddy@99	493 LastSeen: time.Now(),
paddy@99	494 }
paddy@99	495 err = context.SaveProfile(profile)
paddy@99	496 if err != nil {
paddy@105	497 if err == ErrProfileAlreadyExists {
paddy@105	498 encode(w, r, http.StatusBadRequest, response{Errors: []requestError{{Slug: requestErrConflict, Field: "/id"}}})
paddy@105	499 return
paddy@105	500 }
paddy@149	501 log.Printf("Error saving profile: %#+v\n", err)
paddy@105	502 encode(w, r, http.StatusInternalServerError, actOfGodResponse)
paddy@99	503 return
paddy@99	504 }
paddy@99	505 logins := []Login{}
paddy@99	506 login := Login{
paddy@99	507 Type: "email",
paddy@99	508 Value: req.Email,
paddy@99	509 Created: profile.Created,
paddy@99	510 LastUsed: profile.Created,
paddy@99	511 ProfileID: profile.ID,
paddy@99	512 }
paddy@99	513 err = context.AddLogin(login)
paddy@99	514 if err != nil {
paddy@105	515 if err == ErrLoginAlreadyExists {
paddy@105	516 encode(w, r, http.StatusBadRequest, response{Errors: []requestError{{Slug: requestErrConflict, Field: "/email"}}})
paddy@105	517 return
paddy@105	518 }
paddy@149	519 log.Printf("Error adding login: %#+v\n", err)
paddy@105	520 encode(w, r, http.StatusInternalServerError, actOfGodResponse)
paddy@99	521 return
paddy@99	522 }
paddy@99	523 logins = append(logins, login)
paddy@105	524 resp := response{
paddy@105	525 Logins: logins,
paddy@105	526 Profiles: []Profile{profile},
paddy@105	527 }
paddy@105	528 encode(w, r, http.StatusCreated, resp)
paddy@99	529 // TODO(paddy): should we kick off the email validation flow?
paddy@99	530 }
paddy@145	531
paddy@145	532 func UpdateProfileHandler(w http.ResponseWriter, r *http.Request, context Context) {
paddy@145	533 errors := []requestError{}
paddy@145	534 vars := mux.Vars(r)
paddy@145	535 if vars["id"] == "" {
paddy@145	536 errors = append(errors, requestError{Slug: requestErrMissing, Param: "id"})
paddy@145	537 encode(w, r, http.StatusBadRequest, response{Errors: errors})
paddy@145	538 return
paddy@145	539 }
paddy@145	540 id, err := uuid.Parse(vars["id"])
paddy@145	541 if err != nil {
paddy@145	542 errors = append(errors, requestError{Slug: requestErrAccessDenied})
paddy@145	543 encode(w, r, http.StatusBadRequest, response{Errors: errors})
paddy@145	544 return
paddy@145	545 }
paddy@145	546 username, password, ok := r.BasicAuth()
paddy@145	547 if !ok {
paddy@145	548 errors = append(errors, requestError{Slug: requestErrAccessDenied})
paddy@145	549 encode(w, r, http.StatusUnauthorized, response{Errors: errors})
paddy@145	550 return
paddy@145	551 }
paddy@145	552 profile, err := authenticate(username, password, context)
paddy@145	553 if err != nil {
paddy@145	554 if isAuthError(err) {
paddy@145	555 errors = append(errors, requestError{Slug: requestErrAccessDenied})
paddy@145	556 encode(w, r, http.StatusUnauthorized, response{Errors: errors})
paddy@145	557 } else {
paddy@145	558 errors = append(errors, requestError{Slug: requestErrActOfGod})
paddy@145	559 encode(w, r, http.StatusInternalServerError, response{Errors: errors})
paddy@145	560 }
paddy@145	561 return
paddy@145	562 }
paddy@145	563 if !profile.ID.Equal(id) {
paddy@145	564 errors = append(errors, requestError{Slug: requestErrAccessDenied})
paddy@145	565 encode(w, r, http.StatusForbidden, response{Errors: errors})
paddy@145	566 return
paddy@145	567 }
paddy@145	568 var req ProfileChange
paddy@145	569 decoder := json.NewDecoder(r.Body)
paddy@145	570 err = decoder.Decode(&req)
paddy@145	571 if err != nil {
paddy@149	572 log.Printf("Error decoding request: %#+v\n", err)
paddy@145	573 encode(w, r, http.StatusBadRequest, invalidFormatResponse)
paddy@145	574 return
paddy@145	575 }
paddy@145	576 req.Iterations = nil
paddy@145	577 req.Salt = nil
paddy@145	578 req.PassphraseScheme = nil
paddy@145	579 req.Compromised = nil // BUG(paddy): Need a way for admins to mark accounts as compromised
paddy@145	580 req.LockedUntil = nil
paddy@145	581 req.LastSeen = nil
paddy@145	582 if req.Passphrase != nil {
paddy@145	583 if len(*req.Passphrase) < MinPassphraseLength {
paddy@145	584 errors = append(errors, requestError{Slug: requestErrInsufficient, Field: "/passphrase"})
paddy@145	585 encode(w, r, http.StatusBadRequest, response{Errors: errors})
paddy@145	586 return
paddy@145	587 }
paddy@145	588 if len(*req.Passphrase) > MaxPassphraseLength {
paddy@145	589 errors = append(errors, requestError{Slug: requestErrOverflow, Field: "/passphrase"})
paddy@145	590 encode(w, r, http.StatusBadRequest, response{Errors: errors})
paddy@145	591 return
paddy@145	592 }
paddy@145	593 iterations := context.config.iterations
paddy@145	594 scheme, ok := passphraseSchemes[CurPassphraseScheme]
paddy@145	595 if !ok {
paddy@145	596 encode(w, r, http.StatusInternalServerError, actOfGodResponse)
paddy@145	597 return
paddy@145	598 }
paddy@145	599 curScheme := CurPassphraseScheme
paddy@145	600 req.PassphraseScheme = &curScheme
paddy@145	601 passphrase, salt, err := scheme.create(*req.Passphrase, iterations)
paddy@145	602 if err != nil {
paddy@145	603 encode(w, r, http.StatusInternalServerError, actOfGodResponse)
paddy@145	604 return
paddy@145	605 }
paddy@145	606 req.Passphrase = &passphrase
paddy@145	607 req.Salt = &salt
paddy@145	608 req.Iterations = &iterations
paddy@145	609 }
paddy@145	610 if req.PassphraseReset != nil {
paddy@145	611 now := time.Now()
paddy@145	612 req.PassphraseResetCreated = &now
paddy@145	613 }
paddy@145	614 err = req.Validate()
paddy@145	615 if err != nil {
paddy@145	616 var status int
paddy@145	617 var resp response
paddy@145	618 switch err {
paddy@145	619 case ErrEmptyChange:
paddy@145	620 resp.Profiles = []Profile{profile}
paddy@145	621 status = http.StatusOK
paddy@145	622 default:
paddy@145	623 errors = append(errors, requestError{Slug: requestErrActOfGod})
paddy@145	624 resp.Errors = errors
paddy@145	625 status = http.StatusInternalServerError
paddy@145	626 }
paddy@145	627 encode(w, r, status, resp)
paddy@145	628 return
paddy@145	629 }
paddy@145	630 err = context.UpdateProfile(id, req)
paddy@145	631 if err != nil {
paddy@145	632 if err == ErrProfileNotFound {
paddy@145	633 errors = append(errors, requestError{Slug: requestErrNotFound})
paddy@145	634 encode(w, r, http.StatusNotFound, response{Errors: errors})
paddy@145	635 return
paddy@145	636 }
paddy@145	637 encode(w, r, http.StatusInternalServerError, actOfGodResponse)
paddy@145	638 return
paddy@145	639 }
paddy@145	640 profile.ApplyChange(req)
paddy@145	641 encode(w, r, http.StatusOK, response{Profiles: []Profile{profile}})
paddy@145	642 return
paddy@145	643 }
paddy@160	644
paddy@160	645 func DeleteProfileHandler(w http.ResponseWriter, r *http.Request, context Context) {
paddy@160	646 errors := []requestError{}
paddy@160	647 vars := mux.Vars(r)
paddy@160	648 if vars["id"] == "" {
paddy@160	649 errors = append(errors, requestError{Slug: requestErrMissing, Param: "id"})
paddy@160	650 encode(w, r, http.StatusBadRequest, response{Errors: errors})
paddy@160	651 return
paddy@160	652 }
paddy@160	653 id, err := uuid.Parse(vars["id"])
paddy@160	654 if err != nil {
paddy@160	655 errors = append(errors, requestError{Slug: requestErrAccessDenied})
paddy@160	656 encode(w, r, http.StatusBadRequest, response{Errors: errors})
paddy@160	657 return
paddy@160	658 }
paddy@160	659 username, password, ok := r.BasicAuth()
paddy@160	660 if !ok {
paddy@160	661 errors = append(errors, requestError{Slug: requestErrAccessDenied})
paddy@160	662 encode(w, r, http.StatusUnauthorized, response{Errors: errors})
paddy@160	663 return
paddy@160	664 }
paddy@160	665 profile, err := authenticate(username, password, context)
paddy@160	666 if err != nil {
paddy@160	667 if isAuthError(err) {
paddy@160	668 errors = append(errors, requestError{Slug: requestErrAccessDenied})
paddy@160	669 encode(w, r, http.StatusUnauthorized, response{Errors: errors})
paddy@160	670 } else {
paddy@160	671 errors = append(errors, requestError{Slug: requestErrActOfGod})
paddy@160	672 encode(w, r, http.StatusInternalServerError, response{Errors: errors})
paddy@160	673 }
paddy@160	674 return
paddy@160	675 }
paddy@160	676 if !profile.ID.Equal(id) {
paddy@160	677 errors = append(errors, requestError{Slug: requestErrAccessDenied})
paddy@160	678 encode(w, r, http.StatusForbidden, response{Errors: errors})
paddy@160	679 return
paddy@160	680 }
paddy@161	681 err = context.DeleteProfile(id)
paddy@160	682 if err != nil {
paddy@160	683 if err == ErrProfileNotFound {
paddy@160	684 errors = append(errors, requestError{Slug: requestErrNotFound})
paddy@160	685 encode(w, r, http.StatusNotFound, response{Errors: errors})
paddy@160	686 return
paddy@160	687 }
paddy@160	688 encode(w, r, http.StatusInternalServerError, actOfGodResponse)
paddy@160	689 return
paddy@160	690 }
paddy@160	691 encode(w, r, http.StatusOK, response{Profiles: []Profile{profile}})
paddy@160	692 go cleanUpAfterProfileDeletion(profile.ID, context)
paddy@160	693 }