dataswift
diff --git a/‎hat/app/org/hatdex/hat/api/controllers/Authentication.scala
+145-6 b/‎hat/app/org/hatdex/hat/api/controllers/Authentication.scala
+145-6
diff --git a/‎hat/app/org/hatdex/hat/api/controllers/LogController.scala
+40 b/‎hat/app/org/hatdex/hat/api/controllers/LogController.scala
+40
diff --git a/‎hat/app/org/hatdex/hat/api/service/LogService.scala
+48 b/‎hat/app/org/hatdex/hat/api/service/LogService.scala
+48
diff --git a/‎hat/app/org/hatdex/hat/api/service/MailTokenService.scala
+23-2 b/‎hat/app/org/hatdex/hat/api/service/MailTokenService.scala
+23-2
diff --git a/‎hat/app/org/hatdex/hat/phata/assets/js/main.bundle.js
+1-1 b/‎hat/app/org/hatdex/hat/phata/assets/js/main.bundle.js
+1-1
diff --git a/‎hat/app/org/hatdex/hat/phata/assets/js/main.bundle.js.gz
9.94 KB b/‎hat/app/org/hatdex/hat/phata/assets/js/main.bundle.js.gz
9.94 KB
diff --git a/‎hat/app/org/hatdex/hat/phata/assets/js/polyfills.bundle.js.gz
-21 Bytes b/‎hat/app/org/hatdex/hat/phata/assets/js/polyfills.bundle.js.gz
-21 Bytes
diff --git a/‎hat/app/org/hatdex/hat/phata/assets/js/runtime.bundle.js.gz
0 Bytes b/‎hat/app/org/hatdex/hat/phata/assets/js/runtime.bundle.js.gz
0 Bytes
diff --git a/‎hat/app/org/hatdex/hat/phata/models/HatClaims.scala
+51 b/‎hat/app/org/hatdex/hat/phata/models/HatClaims.scala
+51
@@ -24,32 +24,36 @@
 
 package org.hatdex.hat.api.controllers
 
-import java.net.URLDecoder
-import javax.inject.Inject
+import java.net.{ URLDecoder, URLEncoder }
 
+import akka.Done
+import javax.inject.Inject
 import com.mohiva.play.silhouette.api.repositories.AuthInfoRepository
 import com.mohiva.play.silhouette.api.util.{ Credentials, PasswordHasherRegistry }
 import com.mohiva.play.silhouette.api.{ LoginEvent, Silhouette }
 import com.mohiva.play.silhouette.impl.exceptions.{ IdentityNotFoundException, InvalidPasswordException }
 import com.mohiva.play.silhouette.impl.providers.CredentialsProvider
 import org.hatdex.hat.api.json.HatJsonFormats
 import org.hatdex.hat.api.models._
-import org.hatdex.hat.api.service.{ HatServicesService, MailTokenService, UsersService }
+import org.hatdex.hat.api.service.applications.ApplicationsService
+import org.hatdex.hat.api.service.{ HatServicesService, LogService, MailTokenService, UsersService }
 import org.hatdex.hat.authentication._
-import org.hatdex.hat.phata.models.{ ApiPasswordChange, ApiPasswordResetRequest, MailTokenUser }
+import org.hatdex.hat.phata.models._
 import org.hatdex.hat.resourceManagement.{ HatServerProvider, _ }
 import org.hatdex.hat.utils.{ HatBodyParsers, HatMailer }
-import play.api.Logger
+import play.api.{ Configuration, Logger }
 import play.api.cache.{ Cached, CachedBuilder }
 import play.api.libs.json.Json
-import play.api.mvc._
+import play.api.libs.ws.WSClient
+import play.api.mvc.{ Action, _ }
 
 import scala.concurrent.ExecutionContext.Implicits.global
 import scala.concurrent.Future
 
 class Authentication @Inject() (
     components: ControllerComponents,
     cached: Cached,
+    configuration: Configuration,
     parsers: HatBodyParsers,
     hatServerProvider: HatServerProvider,
     silhouette: Silhouette[HatApiAuthEnvironment],
@@ -58,8 +62,11 @@ class Authentication @Inject() (
     passwordHasherRegistry: PasswordHasherRegistry,
     authInfoRepository: AuthInfoRepository[HatServer],
     usersService: UsersService,
+    applicationsService: ApplicationsService,
+    logService: LogService,
     mailer: HatMailer,
     tokenService: MailTokenService[MailTokenUser],
+    wsClient: WSClient,
     limiter: UserLimiter) extends HatApiController(components, silhouette) with HatJsonFormats {
 
   private val logger = Logger(this.getClass)
@@ -223,4 +230,136 @@ class Authentication @Inject() (
         Future.successful(Unauthorized(Json.toJson(ErrorMessage("Invalid Token", "Token does not exist"))))
     }
   }
+
+  /**
+   * Sends an email to the owner with a link to claim the hat
+   */
+  def handleClaimStart(): Action[ApiClaimHatRequest] = UserAwareAction.async(parsers.json[ApiClaimHatRequest]) { implicit request =>
+
+    val claimHatRequest = request.body
+    val email = request.dynamicEnvironment.ownerEmail
+    val response = Ok(Json.toJson(SuccessResponse("You will shortly receive an email with claim instructions")))
+
+    if (claimHatRequest.email == email) {
+      usersService.listUsers.map(_.find(_.roles.contains(Owner()))).flatMap {
+        case Some(user) =>
+          applicationsService.applicationStatus()(request.dynamicEnvironment, user, request).flatMap { applications =>
+            val maybeApplication = applications.find(_.application.id.equals(claimHatRequest.applicationId))
+            val maybeAppDetails = maybeApplication.map { app =>
+              ((app.application.developer.name, app.application.developer.logo.map(_.normal).getOrElse("#")),
+                (app.application.id, app.application.info.version.toString))
+            }
+
+            val scheme = if (request.secure) {
+              "https://"
+            }
+            else {
+              "http://"
+            }
+
+            tokenService.retrieve(email, isSignup = true).flatMap {
+              case Some(existingTokenUser) if !existingTokenUser.isExpired =>
+                val claimLink = s"$scheme${request.host}/#/hat/claim/${existingTokenUser.id}?email=${URLEncoder.encode(email, "UTF-8")}"
+                mailer.claimHat(email, claimLink, maybeAppDetails.map(_._1))
+
+                Future.successful(response)
+              case Some(_) => Future.successful(Ok(Json.toJson(SuccessResponse("The HAT is already claimed"))))
+
+              case None =>
+                val token = MailClaimTokenUser(email)
+
+                val eventualResult = for {
+                  _ <- tokenService.create(token)
+                  _ <- logService
+                    .logAction(request.dynamicEnvironment.domain, LogRequest("unclaimed", None, None), maybeAppDetails.map(_._2))
+                    .recover {
+                      case e =>
+                        logger.error(s"LogActionError::unclaimed. Reason: ${e.getMessage}")
+                        Done
+                    }
+                } yield {
+
+                  val claimLink = s"$scheme${request.host}/#/hat/claim/${token.id}?email=${URLEncoder.encode(email, "UTF-8")}"
+                  mailer.claimHat(email, claimLink, maybeAppDetails.map(_._1))
+
+                  response
+                }
+
+                eventualResult.recover {
+                  case e =>
+                    logger.error(s"Could not create new HAT claim token. Reason: ${e.getMessage}")
+                    InternalServerError(Json.toJson(ErrorMessage("Internal Server Error", "Failed to initialize HAT claim process")))
+                }
+            }
+          }
+        case None => Future.successful(response)
+      }
+    }
+    else {
+      Future.successful(response)
+    }
+  }
+
+  def handleClaimComplete(claimToken: String): Action[HatClaimCompleteRequest] = UserAwareAction.async(parsers.json[HatClaimCompleteRequest]) { implicit request =>
+    implicit val hatClaimComplete: HatClaimCompleteRequest = request.body
+
+    tokenService.retrieve(claimToken).flatMap {
+      case Some(token) if token.isSignUp && !token.isExpired && token.email == request.dynamicEnvironment.ownerEmail =>
+        usersService.listUsers.map(_.find(_.roles.contains(Owner()))).flatMap {
+          case Some(user) =>
+            val eventualResult = for {
+              _ <- updateHatMembership(hatClaimComplete)
+              _ <- authInfoRepository.update(user.loginInfo, passwordHasherRegistry.current.hash(request.body.password))
+              _ <- tokenService.expire(token.id)
+              authenticator <- env.authenticatorService.create(user.loginInfo)
+              result <- env.authenticatorService.renew(authenticator, Ok(Json.toJson(SuccessResponse("HAT claimed"))))
+              _ <- logService.logAction(request.dynamicEnvironment.domain, LogRequest("claimed", None, None), None).recover {
+                case e =>
+                  logger.error(s"LogActionError::unclaimed. Reason: ${e.getMessage}")
+                  Done
+              }
+            } yield {
+              //env.eventBus.publish(LoginEvent(user, request))
+              //mailer.passwordChanged(token.email, user)
+
+              result
+            }
+
+            eventualResult.recover {
+              case e =>
+                logger.error(s"HAT claim process failed with error ${e.getMessage}")
+                BadRequest(Json.toJson(ErrorMessage("Bad Request", "HAT claim process failed")))
+            }
+
+          case None => Future.successful(Unauthorized(Json.toJson(ErrorMessage("HAT claim unauthorized", "No user matching token"))))
+        }
+
+      case Some(_) =>
+        Future.successful(Unauthorized(Json.toJson(ErrorMessage("Invalid Token", "Token expired or invalid"))))
+
+      case None =>
+        Future.successful(Unauthorized(Json.toJson(ErrorMessage("Invalid Token", "Token does not exist"))))
+    }
+  }
+
+  private def updateHatMembership(claim: HatClaimCompleteRequest): Future[Done] = {
+    val path = "api/products/hat/claim"
+    val hattersUrl = s"${configuration.underlying.getString("hatters.scheme")}${configuration.underlying.getString("hatters.address")}"
+
+    logger.info(s"Proxy POST request to $hattersUrl/$path with parameters: $claim")
+
+    val futureResponse = wsClient.url(s"$hattersUrl/$path")
+      //.withHttpHeaders("x-auth-token" → token.accessToken)
+      .post(Json.toJson(claim.copy(password = "")))
+
+    futureResponse.flatMap { response =>
+      response.status match {
+        case OK =>
+          Future.successful(Done)
+        case _ =>
+          logger.error(s"Failed to claim HAT with Hatters. Claim details:\n$claim\nHatters response: ${response.body}")
+          Future.failed(new UnknownError("HAT claim failed"))
+      }
+    }
+  }
 }
@@ -0,0 +1,40 @@
+package org.hatdex.hat.api.controllers
+
+import com.mohiva.play.silhouette.api.Silhouette
+import javax.inject.Inject
+import org.hatdex.hat.api.json.HatJsonFormats
+import org.hatdex.hat.api.models._
+import org.hatdex.hat.api.service.{ LogService, RemoteExecutionContext }
+import org.hatdex.hat.authentication.{ HatApiAuthEnvironment, HatApiController }
+import org.hatdex.hat.utils.HatBodyParsers
+import play.api.Logger
+import play.api.libs.json.Json
+import play.api.mvc.{ Action, ControllerComponents }
+
+import scala.util.Try
+
+class LogController @Inject() (
+    components: ControllerComponents,
+    parsers: HatBodyParsers,
+    logService: LogService,
+    silhouette: Silhouette[HatApiAuthEnvironment])(implicit val ec: RemoteExecutionContext)
+  extends HatApiController(components, silhouette) with HatJsonFormats {
+
+  private val logger = Logger(this.getClass)
+
+  def logFrontendAction(): Action[LogRequest] = SecuredAction.async(parsers.json[LogRequest]) { request =>
+    val logRequest = request.body
+    val hatAddress = request.dynamicEnvironment.domain
+    val appDetails = request.authenticator.customClaims.flatMap { customClaims =>
+      Try(((customClaims \ "application").as[String], (customClaims \ "applicationVersion").as[String])).toOption
+    }
+
+    logService.logAction(hatAddress, logRequest, appDetails).map { _ =>
+      Ok(Json.toJson(SuccessResponse(s"${logRequest.actionCode} logged")))
+    }.recover {
+      case e =>
+        logger.error(s"Failed to log action ${logRequest.actionCode}. Reason:\n${e.getMessage}")
+        InternalServerError(Json.toJson(ErrorMessage("Internal server error", s"Could not log ${logRequest.actionCode} action")))
+    }
+  }
+}
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2019 HAT Data Exchange Ltd
+ * SPDX-License-Identifier: AGPL-3.0
+ *
+ * This file is part of the Hub of All Things project (HAT).
+ *
+ * HAT is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License
+ * as published by the Free Software Foundation, version 3 of
+ * the License.
+ *
+ * HAT is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
+ * the GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General
+ * Public License along with this program. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * Written by Terry Lee <terry.lee@hatdex.org>
+ * 2 / 2019
+ */
+
+package org.hatdex.hat.api.service
+
+import java.util.UUID
+
+import akka.Done
+import javax.inject.Inject
+import org.hatdex.hat.api.models.LogRequest
+import play.api.Logger
+
+import scala.concurrent.Future
+
+class LogService @Inject() (implicit val ec: DalExecutionContext) {
+  val logger = Logger(this.getClass)
+
+  def logAction(hat: String, logDetails: LogRequest, applicationDetails: Option[(String, String)]): Future[Done] = {
+    Future {
+      val logId = UUID.randomUUID()
+      val applicationVersion = applicationDetails.map(a => s"${a._1}@${a._2}").getOrElse("Unknown")
+      logger.info(s"[${logDetails.logGroup.getOrElse("STATS")}] [$hat] [$logId] [${logDetails.actionCode}] [$applicationVersion] ${logDetails.message.getOrElse("")}")
+
+      Done
+    }
+  }
+}
@@ -25,19 +25,21 @@
 package org.hatdex.hat.api.service
 
 import javax.inject.Inject
-
 import akka.Done
 import org.hatdex.hat.dal.ModelTranslation
 import org.hatdex.hat.dal.Tables._
 import org.hatdex.hat.phata.models.{ MailToken, MailTokenUser }
 import org.hatdex.libs.dal.HATPostgresProfile.api._
+import org.joda.time.LocalDateTime
 
 import scala.concurrent._
 
 trait MailTokenService[T <: MailToken] {
   def create(token: T)(implicit db: Database): Future[Option[T]]
   def retrieve(id: String)(implicit db: Database): Future[Option[T]]
+  def retrieve(email: String, isSignup: Boolean)(implicit db: Database): Future[Option[T]]
   def consume(id: String)(implicit db: Database): Future[Done]
+  def expire(id: String)(implicit db: Database): Future[Done]
 }
 
 class MailTokenUserService @Inject() (implicit val ec: DalExecutionContext) extends MailTokenService[MailTokenUser] {
@@ -50,13 +52,25 @@ class MailTokenUserService @Inject() (implicit val ec: DalExecutionContext) exte
   def consume(id: String)(implicit db: Database): Future[Done] = {
     delete(id)
   }
+  def retrieve(email: String, isSignup: Boolean)(implicit db: Database): Future[Option[MailTokenUser]] = {
+    findByEmailAndIsSignup(email, isSignup)
+  }
+  def expire(id: String)(implicit db: Database): Future[Done] = {
+    expireNow(id)
+  }
 
   private def findById(id: String)(implicit db: Database): Future[Option[MailTokenUser]] = {
     db.run(UserMailTokens.filter(_.id === id).result).map { tokens =>
       tokens.headOption.map(ModelTranslation.fromDbModel)
     }
   }
 
+  private def findByEmailAndIsSignup(email: String, isSignup: Boolean)(implicit db: Database): Future[Option[MailTokenUser]] = {
+    db.run(UserMailTokens.filter(t => t.email === email && t.isSignup === isSignup).result).map { tokens =>
+      tokens.headOption.map(ModelTranslation.fromDbModel)
+    }
+  }
+
   private def save(token: MailTokenUser)(implicit db: Database): Future[MailTokenUser] = {
     val query = (UserMailTokens returning UserMailTokens) += UserMailTokensRow(token.id, token.email, token.expirationTime.toLocalDateTime, token.isSignUp)
     db.run(query)
@@ -66,4 +80,11 @@ class MailTokenUserService @Inject() (implicit val ec: DalExecutionContext) exte
   private def delete(id: String)(implicit db: Database): Future[Done] = {
     db.run(UserMailTokens.filter(_.id === id).delete).map(_ ⇒ Done)
   }
-}
+
+  private def expireNow(id: String)(implicit db: Database): Future[Done] = {
+    db.run(UserMailTokens
+      .filter(_.id === id)
+      .map(_.expirationTime)
+      .update(LocalDateTime.now())).map(_ => Done)
+  }
+}
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2019 HAT Data Exchange Ltd
+ * SPDX-License-Identifier: AGPL-3.0
+ *
+ * This file is part of the Hub of All Things project (HAT).
+ *
+ * HAT is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License
+ * as published by the Free Software Foundation, version 3 of
+ * the License.
+ *
+ * HAT is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
+ * the GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General
+ * Public License along with this program. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * Written by Terry Lee <terry.lee@hatdex.org>
+ * 2 / 2019
+ */
+
+package org.hatdex.hat.phata.models
+
+import play.api.libs.json.{ JsPath, Json, Reads, Writes }
+import play.api.libs.functional.syntax._
+
+case class ApiClaimHatRequest(applicationId: String, email: String)
+
+object ApiClaimHatRequest {
+  implicit val claimHatRequestApiReads: Reads[ApiClaimHatRequest] = (
+    (JsPath \ "applicationId").read[String] and (JsPath \ "email").read[String](Reads.email))(ApiClaimHatRequest.apply _)
+
+  implicit val claimHatRequestApiWrites: Writes[ApiClaimHatRequest] = Json.format[ApiClaimHatRequest]
+
+}
+
+case class HatClaimCompleteRequest(
+    email: String,
+    termsAgreed: Boolean,
+    optins: Array[String],
+    hatName: String,
+    hatCluster: String,
+    password: String)
+
+object HatClaimCompleteRequest {
+  implicit val hatClaimRequestReads: Reads[HatClaimCompleteRequest] = Json.reads[HatClaimCompleteRequest]
+  implicit val HatClaimRequestWrites: Writes[HatClaimCompleteRequest] = Json.format[HatClaimCompleteRequest]
+}