func (this *MainController) Profile() {
this.activeContent("user/profile")
//******** This page requires login
sess := this.GetSession("acme")
if sess == nil {
this.Redirect("/user/login/home", 302)
return
}
m := sess.(map[string]interface{})
flash := beego.NewFlash()
//******** Read password hash from database
var x pk.PasswordHash
x.Hash = make([]byte, 32)
x.Salt = make([]byte, 16)
o := orm.NewOrm()
o.Using("default")
user := models.AuthUser{Email: m["username"].(string)}
err := o.Read(&user, "Email")
if err == nil {
// scan in the password hash/salt
if x.Hash, err = hex.DecodeString(user.Password[:64]); err != nil {
fmt.Println("ERROR:", err)
}
if x.Salt, err = hex.DecodeString(user.Password[64:]); err != nil {
fmt.Println("ERROR:", err)
}
} else {
flash.Error("Internal error")
flash.Store(&this.Controller)
return
}
if this.Ctx.Input.Method() == "POST" {
u := user2{}
if err := this.ParseForm(&u); err != nil {
fmt.Println("cannot parse form")
return
}
this.Data["User"] = u
valid := validation.Validation{}
if b, _ := valid.Valid(&u); !b {
this.Data["Errors"] = valid.ErrorsMap
return
}
password := this.GetString("password")
password2 := this.GetString("password2")
if password != "" {
valid.MinSize(password, 6, "password")
valid.Required(password2, "password2")
if valid.HasErrors() {
errormap := make(map[string]string)
for _, err := range valid.Errors {
errormap[err.Key] = err.Message
}
this.Data["Errors"] = errormap
return
}
if password != password2 {
flash.Error("Passwords don't match")
flash.Store(&this.Controller)
return
}
h := pk.HashPassword(password)
// Convert password hash to string
user.Password = hex.EncodeToString(h.Hash) + hex.EncodeToString(h.Salt)
}
//******** Compare submitted password with database
if !pk.MatchPassword(u.Current, &x) {
flash.Error("Bad current password")
flash.Store(&this.Controller)
return
}
//******** Save user info to database
user.First = u.First
user.Last = u.Last
user.Email = u.Email
_, err := o.Update(&user)
if err == nil {
flash.Notice("Profile updated")
flash.Store(&this.Controller)
m["username"] = u.Email
} else {
flash.Error("Internal error")
flash.Store(&this.Controller)
return
}
} else {
this.Data["User"] = user
}
}
func (this *MainController) Remove() {
this.activeContent("user/remove")
//******** This page requires login
sess := this.GetSession("acme")
if sess == nil {
this.Redirect("/user/login/home", 302)
return
}
m := sess.(map[string]interface{})
if this.Ctx.Input.Method() == "POST" {
current := this.GetString("current")
valid := validation.Validation{}
valid.Required(current, "current")
if valid.HasErrors() {
errormap := make(map[string]string)
for _, err := range valid.Errors {
errormap[err.Key] = err.Message
}
this.Data["Errors"] = errormap
return
}
flash := beego.NewFlash()
//******** Read password hash from database
var x pk.PasswordHash
x.Hash = make([]byte, 32)
x.Salt = make([]byte, 16)
o := orm.NewOrm()
o.Using("default")
user := models.AuthUser{Email: m["username"].(string)}
err := o.Read(&user, "Email")
if err == nil {
// scan in the password hash/salt
if x.Hash, err = hex.DecodeString(user.Password[:64]); err != nil {
fmt.Println("ERROR:", err)
}
if x.Salt, err = hex.DecodeString(user.Password[64:]); err != nil {
fmt.Println("ERROR:", err)
}
} else {
flash.Error("Internal error")
flash.Store(&this.Controller)
return
}
//******** Compare submitted password with database
if !pk.MatchPassword(current, &x) {
flash.Error("Bad current password")
flash.Store(&this.Controller)
return
}
//******** Delete user record
_, err = o.Delete(&user)
if err == nil {
flash.Notice("Your account is deleted.")
flash.Store(&this.Controller)
this.DelSession("acme")
this.Redirect("/notice", 302)
} else {
flash.Error("Internal error")
flash.Store(&this.Controller)
return
}
}
}
func (this *MainController) Login() {
this.activeContent("user/login")
sess := this.GetSession("acme")
if sess != nil {
this.Redirect("/home", 302)
}
back := strings.Replace(this.Ctx.Input.Param(":back"), ">", "/", -1) // allow for deeper URL such as l1/l2/l3 represented by l1>l2>l3
fmt.Println("back is", back)
if this.Ctx.Input.Method() == "POST" {
fmt.Println("es un POST")
//flash := beego.NewFlash()
email := this.GetString("email")
password := this.GetString("password")
valid := validation.Validation{}
valid.Email(email, "email")
valid.Required(password, "password")
if valid.HasErrors() {
errormap := make(map[string]string)
for _, err := range valid.Errors {
errormap[err.Key] = err.Message
}
this.Data["Errors"] = errormap
return
}
fmt.Println("Authorization is", email, ":", password)
//******** Read password hash from database
var x pk.PasswordHash
x.Hash = make([]byte, 32)
x.Salt = make([]byte, 16)
o := orm.NewOrm()
o.Using("default")
user := models.AuthUser{Email: email}
/*
err := o.Read(&user, "Email")
if err == nil {
if user.Reg_key != "" {
flash.Error("Account not verified")
flash.Store(&this.Controller)
return
}
// scan in the password hash/salt
fmt.Println("Password to scan:", user.Password)
if x.Hash, err = hex.DecodeString(user.Password[:64]); err != nil {
fmt.Println("ERROR:", err)
}
if x.Salt, err = hex.DecodeString(user.Password[64:]); err != nil {
fmt.Println("ERROR:", err)
}
fmt.Println("decoded password is", x)
} else {
flash.Error("No such user/email")
flash.Store(&this.Controller)
return
}
//******** Compare submitted password with database
if !pk.MatchPassword(password, &x) {
flash.Error("Bad password")
flash.Store(&this.Controller)
return
}
*/
//******** Create session and go back to previous page
m := make(map[string]interface{})
m["first"] = user.First
m["username"] = email
m["timestamp"] = time.Now()
this.SetSession("acme", m)
this.Redirect("/"+back, 302)
}
}