// PostLogin performs login.
func PostLogin(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
storages := context.Get(r, "storages").(*storage.Storages)
email := r.FormValue("Email")
password := r.FormValue("Password")
user, err := dal.GetUserByEmailAndPassword(storages, email, password)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
session, _ := storages.Cookie.Get(r, "chillax-session")
session.Values["user"] = user
err = session.Save(r, w)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
http.Redirect(w, r, "/", 301)
}
func GetHome(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
storages := context.Get(r, "storages").(*storage.Storages)
session, _ := storages.Cookie.Get(r, "chillax-session")
currentUserInterface := session.Values["user"]
if currentUserInterface == nil {
http.Redirect(w, r, "/login", 301)
return
}
currentUser := currentUserInterface.(*chillax_dal.User)
data := struct {
CurrentUser *chillax_dal.User
}{
currentUser,
}
tmpl, err := template.ParseFiles("templates/dashboard.html.tmpl", "templates/home.html.tmpl")
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
tmpl.Execute(w, data)
}
func GetLoginWithoutSession(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
tmpl, err := template.ParseFiles("templates/users/login-signup-parent.html.tmpl", "templates/users/login.html.tmpl")
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
tmpl.Execute(w, nil)
}
func PutUsersID(w http.ResponseWriter, r *http.Request) {
userId, err := getIdFromPath(w, r)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
storages := context.Get(r, "storages").(*storage.Storages)
session, _ := storages.Cookie.Get(r, "chillax-session")
currentUser := session.Values["user"].(*dal.User)
if currentUser.ID != userId {
err := errors.New("Modifying other user is not allowed.")
libhttp.HandleErrorJson(w, err)
return
}
email := r.FormValue("Email")
password := r.FormValue("Password")
passwordAgain := r.FormValue("PasswordAgain")
err = currentUser.UpdateCreds(email, password, passwordAgain)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
// Update currentUser stored in session.
session.Values["user"] = currentUser
err = session.Save(r, w)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
http.Redirect(w, r, "/", 301)
}
func PostSignup(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
storages := context.Get(r, "storages").(*storage.Storages)
email := r.FormValue("Email")
password := r.FormValue("Password")
passwordAgain := r.FormValue("PasswordAgain")
existingUser, err := dal.GetUserByEmailAndPassword(storages, email, password)
if err != nil && err.Error() != "Failed to get user." {
libhttp.HandleErrorJson(w, err)
return
}
if existingUser != nil {
err = errors.New("User already exists.")
libhttp.HandleErrorJson(w, err)
return
}
user, err := dal.NewUser(storages, email, password, passwordAgain)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
err = user.Save()
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
// Perform login
PostLogin(w, r)
}
func DeleteUsersID(w http.ResponseWriter, r *http.Request) {
err := errors.New("DELETE method is not implemented.")
libhttp.HandleErrorJson(w, err)
return
}