mirror of
https://github.com/mainflux/mainflux.git
synced 2025-04-27 13:48:49 +08:00
1c298d8f27
* NOISSUE - Add admin method in users service to return users list Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix loggings and metrics Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add email and metadata filters Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add comment Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Retrieve User infos by ID if Admin Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Remove admin checks and fix comments Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix missing query Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Use generic funccs to create email and metadata queries Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add /users/profile endpoint Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Simplify db helpers Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix View, List, Retrieve prefix methods naming Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix tracer endpoints naming Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix comment Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Fix typo Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com> * Add tests and remove TODO comments Signed-off-by: Manuel Imperiale <manuel.imperiale@gmail.com>
145 lines
3.2 KiB
Go
145 lines
3.2 KiB
Go
// Copyright (c) Mainflux
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package users
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"regexp"
|
|
"strings"
|
|
|
|
"golang.org/x/net/idna"
|
|
)
|
|
|
|
const (
|
|
minPassLen = 8
|
|
maxLocalLen = 64
|
|
maxDomainLen = 255
|
|
maxTLDLen = 24 // longest TLD currently in existence
|
|
|
|
atSeparator = "@"
|
|
dotSeparator = "."
|
|
)
|
|
|
|
var (
|
|
userRegexp = regexp.MustCompile("^[a-zA-Z0-9!#$%&'*+/=?^_`{|}~.-]+$")
|
|
hostRegexp = regexp.MustCompile("^[^\\s]+\\.[^\\s]+$")
|
|
userDotRegexp = regexp.MustCompile("(^[.]{1})|([.]{1}$)|([.]{2,})")
|
|
)
|
|
|
|
// Metadata to be used for mainflux thing or channel for customized
|
|
// describing of particular thing or channel.
|
|
type Metadata map[string]interface{}
|
|
|
|
// User represents a Mainflux user account. Each user is identified given its
|
|
// email and password.
|
|
type User struct {
|
|
ID string
|
|
Email string
|
|
Password string
|
|
OwnerID string
|
|
Owner *User
|
|
Groups []Group
|
|
Metadata Metadata
|
|
}
|
|
|
|
// Validate returns an error if user representation is invalid.
|
|
func (u User) Validate() error {
|
|
if !isEmail(u.Email) {
|
|
return ErrMalformedEntity
|
|
}
|
|
|
|
if len(u.Password) < minPassLen {
|
|
return ErrMalformedEntity
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// UserRepository specifies an account persistence API.
|
|
type UserRepository interface {
|
|
// Save persists the user account. A non-nil error is returned to indicate
|
|
// operation failure.
|
|
Save(ctx context.Context, u User) (string, error)
|
|
|
|
// Update updates the user metadata.
|
|
UpdateUser(ctx context.Context, u User) error
|
|
|
|
// RetrieveByEmail retrieves user by its unique identifier (i.e. email).
|
|
RetrieveByEmail(ctx context.Context, email string) (User, error)
|
|
|
|
// RetrieveByID retrieves user by its unique identifier ID.
|
|
RetrieveByID(ctx context.Context, id string) (User, error)
|
|
|
|
// RetrieveAll retrieves all users
|
|
RetrieveAll(ctx context.Context, offset, limit uint64, email string, m Metadata) (UserPage, error)
|
|
|
|
// UpdatePassword updates password for user with given email
|
|
UpdatePassword(ctx context.Context, email, password string) error
|
|
|
|
// RetrieveMembers retrieves all users that belong to a group
|
|
RetrieveMembers(ctx context.Context, groupID string, offset, limit uint64, m Metadata) (UserPage, error)
|
|
}
|
|
|
|
func isEmail(email string) bool {
|
|
if email == "" {
|
|
return false
|
|
}
|
|
|
|
es := strings.Split(email, atSeparator)
|
|
if len(es) != 2 {
|
|
return false
|
|
}
|
|
local, host := es[0], es[1]
|
|
|
|
if local == "" || len(local) > maxLocalLen {
|
|
return false
|
|
}
|
|
|
|
hs := strings.Split(host, dotSeparator)
|
|
if len(hs) < 2 {
|
|
return false
|
|
}
|
|
domain, ext := hs[0], hs[1]
|
|
|
|
// Check subdomain and validate
|
|
if len(hs) > 2 {
|
|
if domain == "" {
|
|
return false
|
|
}
|
|
|
|
for i := 1; i < len(hs)-1; i++ {
|
|
sub := hs[i]
|
|
if sub == "" {
|
|
return false
|
|
}
|
|
domain = fmt.Sprintf("%s.%s", domain, sub)
|
|
}
|
|
|
|
ext = hs[len(hs)-1]
|
|
}
|
|
|
|
if domain == "" || len(domain) > maxDomainLen {
|
|
return false
|
|
}
|
|
if ext == "" || len(ext) > maxTLDLen {
|
|
return false
|
|
}
|
|
|
|
punyLocal, err := idna.ToASCII(local)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
punyHost, err := idna.ToASCII(host)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
if userDotRegexp.MatchString(punyLocal) || !userRegexp.MatchString(punyLocal) || !hostRegexp.MatchString(punyHost) {
|
|
return false
|
|
}
|
|
|
|
return true
|
|
}
|