func UserForm(w http.ResponseWriter, req *http.Request) {
args := handlers.GetArgs(req)
err := req.ParseForm()
if err != nil {
context.Set(req, "error", err)
return
}
username := args.Vars["username"]
var u *quimby.User
if username == "new-user" {
u = quimby.NewUser(req.PostFormValue("username"), quimby.UserDB(args.DB), quimby.UserTFA(handlers.TFA))
u.Password = req.PostFormValue("password")
pw := req.PostFormValue("password_confirm")
if pw != u.Password {
context.Set(req, "error", ErrPasswordsDoNotMatch)
return
}
} else {
u = quimby.NewUser(username, quimby.UserDB(args.DB), quimby.UserTFA(handlers.TFA))
if err := u.Fetch(); err != nil {
context.Set(req, "error", ErrPasswordsDoNotMatch)
return
}
}
u.Permission = req.PostFormValue("permission")
qrData, err := u.Save()
if err != nil {
context.Set(req, "error", err)
return
}
if username == "new-user" {
qr := qrPage{
userPage: userPage{
User: args.User.Username,
Admin: handlers.Admin(args),
Links: []link{
{"quimby", "/"},
{"admin", "/admin.html"},
},
},
QR: template.HTMLAttr(base64.StdEncoding.EncodeToString(qrData)),
}
templates["qr-code.html"].template.ExecuteTemplate(w, "base", qr)
} else {
w.Header().Set("Location", "/admin.html")
w.WriteHeader(http.StatusFound)
}
}
