Beispiel #1
0
func SettingsPost(w http.ResponseWriter, r *http.Request) {
	// /settings POST method handler.
	// Validates the form,

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)

	if username != "" {
		pass, _ := database.GetPassword(db, username)

		newPassword := r.FormValue("new")
		repeat := r.FormValue("repeat")
		oldPassword := r.FormValue("old")

		if password.Authenticate(oldPassword, pass) && len(newPassword) > 5 && newPassword == repeat {
			hashed := password.NewPassword(newPassword)
			database.ChangePassword(db, username, hashed)
			log.Printf("USER (%s) CHANGED PASSWORD\n", username)
		}
	}

	http.Redirect(w, r, "/login", http.StatusFound)
}
Beispiel #2
0
func HomeGet(w http.ResponseWriter, r *http.Request) {
	// / handler for GET method request.
	// Renders a page only for users with valid sessionid cookie.
	// All the rest are redirected to /login .

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)
	tablesize := cookies.GetCookieVal(r, "tablesize")
	pk, is_admin := database.GetPkAdmin(db, username)

	if username == "" || pk == -1 {
		// Gorilla failed to decode it.
		// Or user is not in the db.
		http.Redirect(w, r, "/login/", http.StatusFound)
	} else if is_admin {
		// Admin needs to be redirected to
		// administration site.
		http.Redirect(w, r, "/admin/", http.StatusFound)
	} else {
		// Render home.
		if tablesize == "small" {
			drawSmall(w, db, pk)
		} else {
			drawFull(w, db, pk)
		}

	}
}
Beispiel #3
0
func GuessesGet(w http.ResponseWriter, r *http.Request) {
	// /guesses handler for GET method request.
	// Renders a page only for users with valid sessionid cookie.
	// All the rest are redirected to /login .

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)
	pk, is_admin := database.GetPkAdmin(db, username)

	if username == "" || pk == -1 {
		// Gorilla failed to decode it.
		// Or encoded username does not exist in db.
		http.Redirect(w, r, "/login/", http.StatusFound)
	} else if is_admin {
		http.Redirect(w, r, "/admin/", http.StatusFound)
	} else {
		// Fetches users guesses from the db and gets data for
		// result submit dropbox.

		var F models.GuessContext
		F.OpenGames = database.GamesList(db, "open")
		F.Guesses = database.UsersGuesses(db, pk)
		F.Error = false
		templates.Render(w, "guesses", F)
	}

}
Beispiel #4
0
func LoginPost(w http.ResponseWriter, r *http.Request) {
	// /login handler for POST request.
	// Tries to validate user.
	// If email / password is OK,
	// new sessionid cookie is set and user is redirected to / .

	db := database.GetConnection()

	username := r.FormValue("username")
	username = strings.ToLower(username)
	pass := r.FormValue("password")
	remember := r.FormValue("remember") == "1"
	hashed, _ := database.GetPassword(db, username)

	if password.Authenticate(pass, hashed) {
		// Valid password.
		sessionid := cookies.GenerateSessionId(username)
		cookies.SetSessionId(w, sessionid, remember)
		http.Redirect(w, r, "/", http.StatusFound)
		log.Printf("LOGGED IN (%s)\n", username)
	} else {
		context := loginContext{username, config.Config.Register, true}
		templates.Render(w, "login", context)
	}
}
Beispiel #5
0
func AutoGameClose() {
	db := database.GetConnection()
	toClose := database.GamesToClose(db)
	if len(toClose) > 0 {
		for _, pk := range toClose {
			database.CloseGame(db, pk)
			log.Printf("AUTO CLOSED %s\n", pk)
		}
	}
}
Beispiel #6
0
func GuessesPost(w http.ResponseWriter, r *http.Request) {
	// /guesses POST method.
	// Checks if user trying to submit is in valid.

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)

	var guess models.Guess
	guess.Userpk, _ = database.GetPkAdmin(db, username)

	var F models.GuessContext
	F.OpenGames = database.GamesList(db, "open")
	F.Guesses = database.UsersGuesses(db, guess.Userpk)
	F.Error = false

	if username == "" || guess.Userpk < 0 {
		// Gorilla failed to decode it.
		http.Redirect(w, r, "/login/", http.StatusFound)
	} else {
		var nr int
		var err error
		//Extract data from request and check if form is valid.
		if utils.ExtractResult(r.FormValue("result_2"), &guess.Result1, &guess.Result2) ||
			utils.ExtractResult(r.FormValue("result_1"), &guess.Result1, &guess.Result2) {
			if guess.Result1 < 0 || guess.Result2 < 0 {
				F.Error = true
			}
		} else {
			nr, err = fmt.Sscanf(r.FormValue("result_1"), "%d", &guess.Result1)
			if nr != 1 || err != nil || guess.Result1 < 0 {
				F.Error = true
			}
			nr, err = fmt.Sscanf(r.FormValue("result_2"), "%d", &guess.Result2)
			if nr != 1 || err != nil || guess.Result2 < 0 {
				F.Error = true
			}
		}
		nr, err = fmt.Sscanf(r.FormValue("game-id"), "%d", &guess.Gamepk)
		if nr != 1 || err != nil {
			F.Error = true
		}
		if F.Error {
			templates.Render(w, "guesses", F)
		} else {
			// Submit a guess.
			database.GiveResult(db, &guess)
			http.Redirect(w, r, "/guesses/", http.StatusFound)
			log.Printf("GUESS BY (%d). GAME (%d)\n", guess.Userpk, guess.Gamepk)
		}
	}

}
Beispiel #7
0
func RegisterPost(w http.ResponseWriter, r *http.Request) {
	// /register POST method handler.
	// Validates the form,
	// check's if username is availible,
	// and then creates a user and redirects to
	// /login .

	db := database.GetConnection()

	var user models.User
	// Model out of form data.
	user.Email = r.FormValue("email")
	user.Email = strings.ToLower(user.Email)
	user.Password = r.FormValue("password")
	user.Firstname = r.FormValue("firstname")
	if len(user.Firstname) > 0 {
		user.Firstname = strings.ToUpper(user.Firstname[0:1]) + strings.ToLower(user.Firstname[1:])
	}
	user.Lastname = r.FormValue("lastname")
	if len(user.Lastname) > 0 {
		user.Lastname = strings.ToUpper(user.Lastname[0:1]) + strings.ToLower(user.Lastname[1:])
	}

	repeat := r.FormValue("repeat")

	var old models.RegisterContext
	// Model for return form.
	// In case there the data wasn't valid
	old.Firstname = user.Firstname
	old.Lastname = user.Lastname
	old.Email = user.Email
	old.Flag = user.UserValidate(repeat)

	if old.Flag != "" {
		templates.Render(w, "register", old)
		return
	}

	pass, _ := database.GetPassword(db, user.Email)
	// Checks if user exists.
	if pass != "" {
		old.Flag = "Vartotojas su šiuo el. pašto adresu jau egzistuoja."
		templates.Render(w, "register", old)
		return
	}

	user.Password = password.NewPassword(user.Password)
	database.CreateUser(db, &user)
	// Creates a user in the db.
	http.Redirect(w, r, "/login", http.StatusFound)
	log.Printf("USER CREATED (%s)\n", user.Email)
}
Beispiel #8
0
func ForgotGet(w http.ResponseWriter, r *http.Request) {
	forgotKey := r.URL.RawQuery

	db := database.GetConnection()

	if forgotKey == "" {
		// A simple GET for the form.
		templates.Render(w, "forgot", nil)
	} else if database.CheckRecovery(db, forgotKey) {
		// Render recover page.
		templates.Render(w, "recover", forgotKey)
	} else {
		// Redirect to login.
		http.Redirect(w, r, "/login/", http.StatusFound)
	}
}
Beispiel #9
0
func AdminGet(w http.ResponseWriter, r *http.Request) {
	// /admin GET method handler.
	// Just render's the form.

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)
	_, is_admin := database.GetPassword(db, username)

	if !is_admin {
		http.Redirect(w, r, "/login/", http.StatusFound)
	} else {
		var F models.AdminContext
		F.OpenGames = database.GamesList(db, "open")
		F.NotFinish = database.GamesList(db, "finish")
		templates.Render(w, "admin", F)
	}
}
Beispiel #10
0
func ForgotPost(w http.ResponseWriter, r *http.Request) {
	forgotKey := r.URL.RawQuery
	db := database.GetConnection()
	if forgotKey == "" {
		// Initial forgot submit.
		email := r.FormValue("email")
		pk, _ := database.GetPkAdmin(db, email)
		if pk != -1 {
			if !database.RecoveryExists(db, pk) {
				// Send out an email.
				key := utils.GenRecoveryKey()
				msg := utils.Message{email,
					"Slaptažodio atkūrimas",
					fmt.Sprintf("Norėdami atkurti slaptažodį eikite į:\n\nhttp://futbolas.aivaras.in/forgot/?%s\n\nŠi nuoroda galios dvi dienas.", key)}
				go recovery(db, msg, pk, key)
				log.Printf("An email was sent to %s\n", email)
				templates.Render(w, "forgot", nil)
			} else {
				// The recovery already exists.
				templates.Render(w, "forgot", nil)
			}
		} else {
			//  User non existing.
			templates.Render(w, "forgot", nil)
		}
	} else {
		// Actual recovery.
		newPassword := r.FormValue("new")
		repeat := r.FormValue("repeat")
		if len(newPassword) < 6 || newPassword != repeat {
			// Bad password
			templates.Render(w, "recover", forgotKey)
		} else {
			hashed := password.NewPassword(newPassword)
			database.DoRecover(db, forgotKey, hashed)
			http.Redirect(w, r, "/login", http.StatusFound)
			log.Printf("KEY (%s) RESET PASSWORD\n", forgotKey)
		}
	}
}
Beispiel #11
0
func AdminPost(w http.ResponseWriter, r *http.Request) {
	// /admin POST method handler.

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)
	_, is_admin := database.GetPassword(db, username)

	option := r.FormValue("sending")
	// Each html form has a hidden input which
	// is sent only when a specific form is submited.
	var F models.AdminContext
	F.CloseF = false
	F.EndF = false

	if is_admin {
		switch option {
		case "addGame":
			// Creating a game and sending it into db.
			var game models.Game
			var err error
			game.Team1 = r.FormValue("team1")
			game.Team2 = r.FormValue("team2")
			game.Starts, err = time.Parse("2006-01-02 15:04", r.FormValue("starts"))
			// Need to parse a string from request.

			if err != nil || !utils.HasShortName(game.Team1) || !utils.HasShortName(game.Team2) {
				// Checks if teams names are valid.
				http.Redirect(w, r, "/error", http.StatusFound)
			} else {
				database.CreateGame(db, &game)
				http.Redirect(w, r, "/admin", http.StatusFound)
				log.Printf("GAME [%s - %s] ADDED\n", game.Team1, game.Team2)
			}
			break

		case "close":
			// Closes a game. Nothing to check.
			pk := r.FormValue("close-game-id")
			database.CloseGame(db, pk)
			http.Redirect(w, r, "/admin", http.StatusFound)
			log.Printf("GAME (%s) CLOSED\n", pk)
			break

		case "rollback":
			confirm := r.FormValue("confirm") == "1"
			if confirm {
				database.RollBack(db)
			}
			http.Redirect(w, r, "/admin", http.StatusFound)
			break

		case "end":
			// Finishes a game.

			t1 := r.FormValue("team1")
			t2 := r.FormValue("team2")
			pk := r.FormValue("finish-game-id")
			n1, er1 := strconv.Atoi(t1)
			n2, er2 := strconv.Atoi(t2)
			intPk, er3 := strconv.Atoi(pk)
			if er1 != nil || er2 != nil || er3 != nil {
				// Checks form data.
				http.Redirect(w, r, "/error", http.StatusFound)
			} else {
				database.FinishGame(db, pk, n1, n2)
				database.CalcPoints(db, intPk, n1, n2)
				http.Redirect(w, r, "/admin", http.StatusFound)
				log.Printf("GAME (%s) FINISHED\n", pk)
			}
			break
		}
	} else {
		// Not an admin tried subminting data.
		http.Redirect(w, r, "/login/", http.StatusFound)
	}
}