Merge branch 'release/0.6.0'

CenterForOpenScience · Apr 5, 2016 · f975f0a · f975f0a
2 parents ae0cd9f + 6c3d867
commit f975f0a
Show file tree

Hide file tree

Showing 5 changed files with 98 additions and 47 deletions.
diff --git a/fakecas.go b/fakecas.go
@@ -4,8 +4,11 @@ import (
 	"flag"
 	"fmt"
 	"github.com/labstack/echo"
+	"github.com/labstack/echo/engine/standard"
 	mw "github.com/labstack/echo/middleware"
+	"github.com/rs/cors"
 	"gopkg.in/mgo.v2"
+	"os"
 )
 
 var (
@@ -19,17 +22,27 @@ var (
 func main() {
 	flag.Parse()
 	e := echo.New()
-	e.Use(mw.Logger())
+	e.Use(mw.LoggerFromConfig(mw.LoggerConfig{
+		Format: "${time_rfc3339} ${method} ${uri} ${status} ${response_time} ${response_size}\n",
+		Output: os.Stdout,
+	}))
 	e.Use(mw.Recover())
-	e.Use(CorsMiddleWare())
 
+	e.Use(standard.WrapMiddleware(cors.New(cors.Options{
+		AllowCredentials: true,
+		AllowedOrigins:   []string{"*"},
+		AllowedMethods:   []string{"GET", "PUT", "POST", "DELETE"},
+		AllowedHeaders:   []string{"Range", "Content-Type", "Authorization", "X-Requested-With"},
+		ExposedHeaders:   []string{"Range", "Content-Type", "Authorization", "X-Requested-With"},
+	}).Handler))
+
+	e.Get("/login", Login)
 	e.Post("/login", Login)
 	e.Get("/logout", Logout)
 	e.Get("/oauth2/profile", OAuth)
 	e.Get("/p3/serviceValidate", ServiceValidate)
 
-	fmt.Println("Expecting database", *DatabaseName, " to be running at", *DatabaseAddress)
-	fmt.Println("Listening on", *Host)
+	fmt.Println("Expecting database", *DatabaseName, "to be running at", *DatabaseAddress)
 
 	DatabaseSession, err := mgo.Dial(*DatabaseAddress)
 	if err != nil {
@@ -39,5 +52,6 @@ func main() {
 
 	UserCollection = DatabaseSession.DB(*DatabaseName).C("user")
 
-	e.Run(*Host)
+	fmt.Println("Listening on", *Host)
+	e.Run(standard.New(*Host))
 }
diff --git a/middleware.go b/middleware.go
diff --git a/static.go b/static.go
@@ -0,0 +1,49 @@
+package main
+
+var UNREGISTERED = `<html lang="en" class=" js no-mobile desktop no-ie chrome chrome49 root-section gradient rgba opacity textshadow multiplebgs boxshadow borderimage borderradius cssreflections csstransforms csstransitions no-touch no-retina fontface domloaded w-2307 gt-240 gt-320 gt-480 gt-640 gt-768 gt-800 gt-1024 gt-1280 gt-1440 gt-1680 gt-1920 no-portrait landscape" id="login-page"><head>
+  <meta charset="UTF-8">
+
+  <title>Open Science Framework | Sign In</title>
+
+	<link rel="stylesheet" href="//staging-accounts.osf.io/css/cas.css">
+  <link rel="icon" href="//staging-accounts.osf.io/favicon.ico" type="image/x-icon">
+
+  <!--[if lt IE 9]>
+    <script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.6.1/html5shiv.js" type="text/javascript"></script>
+  <![endif]--><script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
+<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js"></script><script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js"></script><style type="text/css">@media print{.lpiframeoverlay{display:none}}</style></head>
+<body id="cas"><div id="lptopspacer80974089" style="height: 40px;"></div>
+  <div id="container">
+      <header>
+
+        <a id="logo" href="" title="Open Science Framework Sign In">Open Science Framework | Sign In</a>
+
+      </header>
+      <div id="content">
+
+  <div id="msg" class="errors">
+
+    <h2>Account has not been confirmed.</h2>
+    <p>This login email has been registered but not confirmed. Please check your email (and spam folder). <a href="https://staging.osf.io/resend/">Click here</a> to resend your confirmation email.</p>
+  </div>
+
+    <div class="row" style="text-align: center;">
+        <hr>
+        <a href="https://staging.osf.io/">Back to OSF</a>
+    </div>
+</div> <!-- END #content -->
+
+<footer>
+    <div class="copyright">
+        <div class="row">
+            <p>Copyright © 2011-2015 <a href="http://centerforopenscience.org">Center for Open Science</a> |
+                <a href="https://github.com/CenterForOpenScience/centerforopenscience.org/blob/master/TERMS_OF_USE.md">Terms of Use</a> |
+                <a href="https://github.com/CenterForOpenScience/centerforopenscience.org/blob/master/PRIVACY_POLICY.md">Privacy Policy</a>
+            </p>
+        </div>
+    </div>
+</footer>
+
+</div> <!-- END #container -->
+<script src="https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.min.js"></script>
+<script type="text/javascript" src="//staging-accounts.osf.io/js/cas.js"></script>`
diff --git a/types.go b/types.go
@@ -13,12 +13,13 @@ type OAuthResponse struct {
 }
 
 type User struct {
-	Id         string   `bson:"_id"`
-	Username   string   `bson:"username"`
-	Emails     []string `bson:"emails"`
-	Fullname   string   `bson:"fullname"`
-	GivenName  string   `bson:"given_name"`
-	FamilyName string   `bson:"family_name"`
+	Id           string   `bson:"_id"`
+	Username     string   `bson:"username"`
+	Emails       []string `bson:"emails"`
+	Fullname     string   `bson:"fullname"`
+	GivenName    string   `bson:"given_name"`
+	FamilyName   string   `bson:"family_name"`
+	IsRegistered bool     `bson:"is_registered"`
 }
 
 type ServiceResponse struct {

diff --git a/views.go b/views.go
@@ -9,35 +9,43 @@ import (
 	"strings"
 )
 
-func Login(c *echo.Context) error {
-	redir, err := url.Parse(c.Form("service"))
+func Login(c echo.Context) error {
+	redir, err := url.Parse(c.FormValue("service"))
 
 	if err != nil {
 		c.Error(err)
 		return nil
 	}
 
+	result := User{}
+
+	if err = UserCollection.Find(bson.M{"username": c.FormValue("username")}).One(&result); err != nil {
+		fmt.Println("User", c.FormValue("ticket"), "not found.")
+		return c.NoContent(http.StatusNotFound)
+	}
+
+	if !result.IsRegistered {
+		return c.HTML(200, UNREGISTERED)
+	}
+
 	query := redir.Query()
-	query.Set("ticket", c.Form("username"))
+	query.Set("ticket", c.FormValue("username"))
 	redir.RawQuery = query.Encode()
 
 	fmt.Println("Logging in and redirecting to", redir)
-	c.Redirect(http.StatusFound, redir.String())
-	return nil
+	return c.Redirect(http.StatusFound, redir.String())
 }
 
-func Logout(c *echo.Context) error {
-	fmt.Println("Logging out and redirecting to", c.Form("service"))
-	c.Redirect(http.StatusFound, c.Form("service"))
-	return nil
+func Logout(c echo.Context) error {
+	fmt.Println("Logging out and redirecting to", c.FormValue("service"))
+	return c.Redirect(http.StatusFound, c.FormValue("service"))
 }
 
-func ServiceValidate(c *echo.Context) error {
+func ServiceValidate(c echo.Context) error {
 	result := User{}
-	err := UserCollection.Find(bson.M{"emails": c.Form("ticket")}).One(&result)
 
-	if err != nil {
-		fmt.Println("User", c.Form("ticket"), "not found.")
+	if err := UserCollection.Find(bson.M{"emails": c.FormValue("ticket")}).One(&result); err != nil {
+		fmt.Println("User", c.FormValue("ticket"), "not found.")
 		return c.NoContent(http.StatusNotFound)
 	}
 
@@ -55,10 +63,10 @@ func ServiceValidate(c *echo.Context) error {
 	return c.XML(http.StatusOK, response)
 }
 
-func OAuth(c *echo.Context) error {
+func OAuth(c echo.Context) error {
 	result := User{}
 	err := UserCollection.Find(bson.M{
-		"_id": strings.Replace(c.Request().Header.Get("Authorization"), "Bearer ", "", 1),
+		"_id": strings.Replace(c.Request().Header().Get("Authorization"), "Bearer ", "", 1),
 	}).One(&result)
 
 	if err != nil {