Ejemplo n.º 1
0
func SettingsPost(w http.ResponseWriter, r *http.Request) {
	// /settings POST method handler.
	// Validates the form,

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)

	if username != "" {
		pass, _ := database.GetPassword(db, username)

		newPassword := r.FormValue("new")
		repeat := r.FormValue("repeat")
		oldPassword := r.FormValue("old")

		if password.Authenticate(oldPassword, pass) && len(newPassword) > 5 && newPassword == repeat {
			hashed := password.NewPassword(newPassword)
			database.ChangePassword(db, username, hashed)
			log.Printf("USER (%s) CHANGED PASSWORD\n", username)
		}
	}

	http.Redirect(w, r, "/login", http.StatusFound)
}
Ejemplo n.º 2
0
func LoginPost(w http.ResponseWriter, r *http.Request) {
	// /login handler for POST request.
	// Tries to validate user.
	// If email / password is OK,
	// new sessionid cookie is set and user is redirected to / .

	db := database.GetConnection()

	username := r.FormValue("username")
	username = strings.ToLower(username)
	pass := r.FormValue("password")
	remember := r.FormValue("remember") == "1"
	hashed, _ := database.GetPassword(db, username)

	if password.Authenticate(pass, hashed) {
		// Valid password.
		sessionid := cookies.GenerateSessionId(username)
		cookies.SetSessionId(w, sessionid, remember)
		http.Redirect(w, r, "/", http.StatusFound)
		log.Printf("LOGGED IN (%s)\n", username)
	} else {
		context := loginContext{username, config.Config.Register, true}
		templates.Render(w, "login", context)
	}
}