auth
166:c45b946abe78 Browse Files
Implement a GetProfileHandler. Create a Handler that will allow us to return details about a Profile. Right now, you only get a single Profile at a time, which is problematic, because it will lead to N+1 requests. But we have no reason to retrieve anyone _else_'s Profile, so it's not like you need to be fetching any Profile other than your own. Also, this requires a Token issued for the Profile in question, which means you're limited to one Profile per request, anyways. Future avenues for exploration may be an admin Token granting access to many Profiles, the unspecified service flow for accessing the API, or simply accepting that name, join date, last active date, and ID are "public information".
1.1 --- a/profile.go Mon May 11 20:46:23 2015 -0400 1.2 +++ b/profile.go Mon May 11 21:25:18 2015 -0400 1.3 @@ -460,7 +460,7 @@ 1.4 // RegisterProfileHandlers adds handlers to the passed router to handle the profile endpoints, like registration and user retrieval. 1.5 func RegisterProfileHandlers(r *mux.Router, context Context) { 1.6 r.Handle("/profiles", wrap(context, CreateProfileHandler)).Methods("POST", "OPTIONS") 1.7 - // BUG(paddy): We need to implement a handler that will return information about a profile or set of profiles. 1.8 + r.Handle("/profiles/{id}", wrap(context, GetProfileHandler)).Methods("GET", "OPTIONS") 1.9 r.Handle("/profiles/{id}", wrap(context, UpdateProfileHandler)).Methods("PATCH", "OPTIONS") 1.10 r.Handle("/profiles/{id}", wrap(context, DeleteProfileHandler)).Methods("DELETE", "OPTIONS") 1.11 // BUG(paddy): We need to implement a handler that will add a login to a profile. 1.12 @@ -468,6 +468,58 @@ 1.13 // BUG(paddy): We need to implement a handler that will list the logins attached to a profile. 1.14 } 1.15 1.16 +// GetProfileHandler is an HTTP handler for retrieving a profile. 1.17 +func GetProfileHandler(w http.ResponseWriter, r *http.Request, context Context) { 1.18 + errors := []requestError{} 1.19 + authz := r.Header.Get("Authorization") 1.20 + if !strings.HasPrefix(authz, "Bearer ") { 1.21 + errors = append(errors, requestError{Slug: requestErrAccessDenied}) 1.22 + encode(w, r, http.StatusUnauthorized, response{Errors: errors}) 1.23 + return 1.24 + } 1.25 + authz = strings.TrimPrefix(authz, "Bearer ") 1.26 + vars := mux.Vars(r) 1.27 + if vars["id"] == "" { 1.28 + errors = append(errors, requestError{Slug: requestErrMissing, Param: "id"}) 1.29 + encode(w, r, http.StatusBadRequest, response{Errors: errors}) 1.30 + return 1.31 + } 1.32 + id, err := uuid.Parse(vars["id"]) 1.33 + if err != nil { 1.34 + errors = append(errors, requestError{Slug: requestErrInvalidFormat, Param: "id"}) 1.35 + encode(w, r, http.StatusBadRequest, response{Errors: errors}) 1.36 + return 1.37 + } 1.38 + token, err := context.GetToken(authz, false) 1.39 + if err != nil || token.Revoked { 1.40 + if err == ErrTokenNotFound || token.Revoked { 1.41 + errors = append(errors, requestError{Slug: requestErrAccessDenied}) 1.42 + encode(w, r, http.StatusUnauthorized, response{Errors: errors}) 1.43 + return 1.44 + } else { 1.45 + encode(w, r, http.StatusInternalServerError, actOfGodResponse) 1.46 + return 1.47 + } 1.48 + } 1.49 + if !id.Equal(token.ProfileID) { 1.50 + errors = append(errors, requestError{Slug: requestErrAccessDenied}) 1.51 + encode(w, r, http.StatusForbidden, response{Errors: errors}) 1.52 + return 1.53 + } 1.54 + profile, err := context.GetProfileByID(id) 1.55 + if err != nil { 1.56 + if err == ErrProfileNotFound { 1.57 + errors = append(errors, requestError{Slug: requestErrNotFound, Param: "id"}) 1.58 + encode(w, r, http.StatusNotFound, response{Errors: errors}) 1.59 + return 1.60 + } 1.61 + encode(w, r, http.StatusInternalServerError, actOfGodResponse) 1.62 + return 1.63 + } 1.64 + encode(w, r, http.StatusOK, response{Profiles: []Profile{profile}}) 1.65 + return 1.66 +} 1.67 + 1.68 // CreateProfileHandler is an HTTP handler for registering new profiles. 1.69 func CreateProfileHandler(w http.ResponseWriter, r *http.Request, context Context) { 1.70 scheme, ok := passphraseSchemes[CurPassphraseScheme]