Beispiel #1
0
func changePass(w http.ResponseWriter, r *http.Request) {
	page := NewPage()
	page.File = "templates/change.html"
	if r.Method != "POST" {
		servePage(page, w, r)
		return
	}
	err := r.ParseForm()
	if err != nil {
		serveErr(page, err, w, r)
		return
	}
	user := r.Form.Get("user")
	pass := r.Form.Get("pass")
	new_pass := r.Form.Get("newpass")
	confirm := r.Form.Get("confirm")

	if new_pass != confirm {
		err = fmt.Errorf("New passwords do not match.")
		serveErr(page, err, w, r)
		return
	}
	if !check_auth || !auth.Authenticate(user, pass) {
		page.Msg = "Authentication failed."
		page.ShowErr = true
		servePage(page, w, r)
		return
	}

	salt, hash := auth.HashPass(new_pass)
	if len(salt) == 0 || len(hash) == 0 {
		page.Msg = "Invalid password."
		page.ShowErr = true
		servePage(page, w, r)
		return
	}
	err = dbChangePass(user, salt, hash)
	if err != nil {
		serveErr(page, err, w, r)
		return
	}
	page.ShowMsg = true
	page.Msg = "Password changed."
	servePage(page, w, r)
}
Beispiel #2
0
func addUser(w http.ResponseWriter, r *http.Request) {
	page := NewPage()
	page.File = "templates/add.html"
	if admin_user == "" {
		err := fmt.Errorf("No administrative user specified.")
		serveErr(page, err, w, r)
		return
	}
	if r.Method != "POST" {
		servePage(page, w, r)
		return
	}
	err := r.ParseForm()
	if err != nil {
		serveErr(page, err, w, r)
		return
	}
	user := r.Form.Get("user")
	pass := r.Form.Get("pass")
	if user != admin_user && !auth.Authenticate(user, pass) {
		err = fmt.Errorf("Authentication failed.")
		serveErr(page, err, w, r)
		return
	}
	new_user := r.Form.Get("newuser")
	new_pass := r.Form.Get("newpass")
	salt, hash := auth.HashPass(new_pass)
	if len(salt) == 0 || len(hash) == 0 {
		page.Msg = "Invalid password."
		page.ShowErr = true
		servePage(page, w, r)
		return
	}
	err = addUserToDb(new_user, salt, hash)
	if err != nil {
		serveErr(page, err, w, r)
	} else {
		page.Msg = "User added."
		page.ShowMsg = true
		servePage(page, w, r)
	}
}
Beispiel #3
0
func newShortened(w http.ResponseWriter, r *http.Request) {
	page := NewPage()
	err := r.ParseForm()
	if err != nil {
		serveErr(page, err, w, r)
		return
	}

	user := r.Form.Get("user")
	pass := r.Form.Get("pass")
	if check_auth && !auth.Authenticate(user, pass) {
		err = fmt.Errorf("Authenticated failed!")
		serveErr(page, err, w, r)
		return
	}
	sid := r.Form.Get("sid")
	url := r.Form.Get("url")
	if len(url) > 0 && !valid_link.MatchString(url) {
		url = "http://" + url
	}
	if len(url) == 0 {
		err := fmt.Errorf("Invalid URL")
		serveErr(page, err, w, r)
		return
	} else if len(sid) > 0 {
		if surl, err := lookupShortCode(sid); err != nil {
			serveErr(page, err, w, r)
			return
		} else if surl != "" && surl != url {
			err = fmt.Errorf("URL already present.")
			if err != nil {
				serveErr(page, err, w, r)
				return
			}
			sid, db_err := urlToSid(url)
			if db_err == nil {
				page.ShortCode = sid
				page.Posted = true
			} else {
				err = db_err
			}
			serveErr(page, err, w, r)
			return
		} else if err = insertShortened(sid, url); err != nil {
			serveErr(page, err, w, r)
			return
		} else if valid_sid.MatchString(sid) {
			page.ShortCode = sid
			page.Posted = true
		} else {
			err = fmt.Errorf("Invalid short code.")
			serveErr(page, err, w, r)
			return
		}
	} else {
		sid, err := ShortenUrl(ValidateShortenedUrl)
		if err != nil {
			serveErr(page, err, w, r)
			return
		}
		if err = insertShortened(sid, url); err != nil {
			serveErr(page, err, w, r)
			return
		} else {
			page.Posted = true
			page.ShortCode = sid
		}
	}
	servePage(page, w, r)
	return
}