Beispiel #1
0
func loginUser(context router.Context, user *users.User) error {
	// Now save the user details in a secure cookie, so that we remember the next request
	session, err := auth.Session(context, context.Request())
	if err != nil {
		return err
	}

	context.Logf("#info Login success for user: %d %s", user.Id, user.Email)
	session.Set(auth.SessionUserKey, fmt.Sprintf("%d", user.Id))
	session.Save(context)
	return nil
}
Beispiel #2
0
// HandleCreate handles the POST of the create form for users
func HandleCreate(context router.Context) error {

	// Authorise
	err := authorise.Resource(context, nil)
	if err != nil {
		return router.NotAuthorizedError(err)
	}

	// Setup context
	params, err := context.Params()
	if err != nil {
		return router.InternalError(err)
	}

	// Default to customer role etc - admins will have to promote afterwards
	params.Set("role", fmt.Sprintf("%d", users.RoleCustomer))
	params.Set("status", fmt.Sprintf("%d", status.Published))

	id, err := users.Create(params.Map())
	if err != nil {
		return err
	}

	// Log creation
	context.Logf("#info Created user id,%d", id)

	// Redirect to the new user
	user, err := users.Find(id)
	if err != nil {
		return router.InternalError(err)
	}

	// Save the details in a secure cookie
	session, err := auth.Session(context, context.Request())
	if err != nil {
		return router.InternalError(err)
	}

	context.Logf("#info CREATE for user: %d", user.Id)
	session.Set(auth.SessionUserKey, fmt.Sprintf("%d", user.Id))
	session.Save(context)

	// Send them to their user profile page
	return router.Redirect(context, user.URLShow())
}
Beispiel #3
0
// HandleLogin handles a post to /users/login
func HandleLogin(context router.Context) error {

	// Check we're not already logged in, if so redirect

	// Get the user details from the database
	params, err := context.Params()
	if err != nil {
		return router.NotFoundError(err)
	}

	// Need something neater than this - how best to do it?
	q := users.Where("email=?", params.Get("email"))
	user, err := users.First(q)
	if err != nil {
		context.Logf("#error Login failed for user no such user : %s %s", params.Get("email"), err)
		return router.Redirect(context, "/users/login?error=failed_email")

	}

	err = auth.CheckPassword(params.Get("password"), user.EncryptedPassword)

	if err != nil {
		context.Logf("#error Login failed for user : %s %s", params.Get("email"), err)
		return router.Redirect(context, "/users/login?error=failed_password")
	}

	// Now save the user details in a secure cookie, so that we remember the next request
	session, err := auth.Session(context, context.Request())
	if err != nil {
		context.Logf("#error problem retrieving session")

	}
	context.Logf("#info Login success for user: %d %s", user.Id, user.Email)
	session.Set(auth.SessionUserKey, fmt.Sprintf("%d", user.Id))
	session.Save(context)

	// Redirect to whatever page the user tried to visit before (if any)
	// For now send them to root
	return router.Redirect(context, "/")

}
Beispiel #4
0
// CurrentUser returns the saved user (or an empty anon user) for the current session cookie
// Strictly speaking this should be authenticate.User
func CurrentUser(context router.Context) *users.User {

	// First check if the user has already been set on context, if so return it
	if context.Get("current_user") != nil {
		return context.Get("current_user").(*users.User)
	}

	// Start with an anon user by default (role 0, id 0)
	user := &users.User{}

	// Build the session from the secure cookie, or create a new one
	session, err := auth.Session(context.Writer(), context.Request())
	if err != nil {
		context.Logf("#error problem retrieving session")
		return user
	}

	// Fetch the current user record if we have one recorded in the session
	var id int64
	ids := session.Get(auth.SessionUserKey)
	if len(ids) > 0 {
		id, err = strconv.ParseInt(ids, 10, 64)
		if err != nil {
			context.Logf("#error Error decoding session user key:%s\n", err)
			return user
		}
	}

	if id != 0 {
		u, err := users.Find(id)
		if err != nil {
			context.Logf("#info User not found from session id:%d\n", id)
			return user
		}
		user = u
	}

	return user
}
Beispiel #5
0
// HandleLogin handles a post to /users/login
func HandleLogin(context router.Context) error {

	params, err := context.Params()
	if err != nil {
		return router.NotFoundError(err)
	}

	// Check users against their username - we could also check against the email later?
	name := params.Get("name")
	q := users.Where("name=?", name)
	user, err := users.FindFirst(q)
	if err != nil {
		context.Logf("#error Login failed for user : %s %s", name, err)
		return router.Redirect(context, "/users/login?error=failed_name")
	}

	err = auth.CheckPassword(params.Get("password"), user.Password)
	if err != nil {
		context.Logf("#error Login failed for user : %s %s", name, err)
		return router.Redirect(context, "/users/login?error=failed_password")
	}

	// Save the details in a secure cookie
	session, err := auth.Session(context, context.Request())
	if err != nil {
		return router.InternalError(err)
	}

	context.Logf("#info LOGIN for user: %d", user.Id)
	session.Set(auth.SessionUserKey, fmt.Sprintf("%d", user.Id))
	session.Save(context)

	// Send them to their user profile page
	return router.Redirect(context, user.URLShow())

}
Beispiel #6
0
// HandleSetup responds to a POST at /fragmenta/setup
// by creating our first user and page
func HandleSetup(context router.Context) error {

	// If we have pages or users already, do not proceed
	if !missingUsersAndPages() {
		return router.NotAuthorizedError(nil)
	}

	// Take the details given and create the first user
	params := map[string]string{
		"email":    context.Param("email"),
		"password": context.Param("password"),
		"name":     nameFromEmail(context.Param("email")),
		"status":   "100",
		"role":     "100",
		"title":    "Administrator",
	}

	uid, err := users.Create(params)
	if err != nil {
		return router.InternalError(err)
	}
	context.Logf("#info Created user #%d", uid)
	user, err := users.Find(uid)
	if err != nil {
		return router.InternalError(err)
	}
	// Login this user automatically - save cookie
	session, err := auth.Session(context, context.Request())
	if err != nil {
		return router.InternalError(err)
	}
	context.Logf("#info Automatic login for first user: %d %s", user.Id, user.Email)
	session.Set(auth.SessionUserKey, fmt.Sprintf("%d", user.Id))
	session.Save(context)

	// Load our welcomepage template html
	// and put it into the text field of a new page with id 1

	welcomeText, err := ioutil.ReadFile("src/pages/views/welcome.html.got")
	if err != nil {
		return router.InternalError(err)
	}

	params = map[string]string{
		"status": "100",
		"name":   "Fragmenta",
		"url":    "/",
		"text":   string(welcomeText),
	}
	_, err = pages.Create(params)
	if err != nil {
		return router.InternalError(err)
	}

	// Create another couple of simple pages as examples (about and privacy)
	params = map[string]string{
		"status": "100",
		"name":   "About Us",
		"url":    "/about",
		"text":   "<section class=\"narrow\"><h1>About us</h1><p>About us</p></section>",
	}
	_, err = pages.Create(params)
	if err != nil {
		return router.InternalError(err)
	}
	params = map[string]string{
		"status": "100",
		"name":   "Privacy Policy",
		"url":    "/privacy",
		"text":   "<section class=\"narrow\"><h1>Privacy Policy</h1><p>We respect your privacy.</p></section>",
	}
	_, err = pages.Create(params)
	if err != nil {
		return router.InternalError(err)
	}

	// Redirect back to the newly populated home page
	return router.Redirect(context, "/")
}