func (c Profile) UpdateSettings(username string, profile *models.Profile, verifyPassword string) r.Result {
existingProfile := c.connected()
if existingProfile == nil || existingProfile.UserName != username {
c.Flash.Error("You must log in to access your account")
return c.Redirect(routes.Account.Logout())
}
email := profile.User.Email
// Step 1: Validate data
if email != existingProfile.User.Email {
// Validate email
models.ValidateUserEmail(c.Validation, profile.User.Email).Key("profile.User.Email")
}
if profile.User.Password != "" || verifyPassword != "" {
models.ValidateUserPassword(c.Validation, profile.User.Password).Key("profile.User.Password")
// Additional password verification
c.Validation.Required(profile.User.Password != profile.User.Email).Message("Password cannot be the same as your email address").Key("profile.User.Password")
c.Validation.Required(verifyPassword).Message("Password verification required").Key("verifyPassword")
c.Validation.Required(verifyPassword == profile.User.Password).Message("Provided passwords do not match").Key("verifyPassword")
}
// Validate profile components
models.ValidateProfileUserName(c.Validation, profile.UserName).Key("profile.UserName")
models.ValidateProfileName(c.Validation, profile.Name).Key("profile.Name")
models.ValidateProfileSummary(c.Validation, profile.Summary).Key("profile.Summary")
models.ValidateProfileDescription(c.Validation, profile.Description).Key("profile.Description")
if c.Validation.HasErrors() {
c.Validation.Keep()
c.FlashParams()
c.Flash.Error("Profile could not be updated")
return c.Redirect(routes.Profile.Settings(username))
}
// Step 2: Commit data
if email != existingProfile.User.Email {
userExists := c.getProfileByEmailAddress(email)
if userExists != nil {
c.Flash.Error("Email address is already registered to another account")
return c.Redirect(routes.Profile.Settings(username))
}
// Re-send email confirmation
existingProfile.User.Email = email
existingProfile.User.Confirmed = false
// FIXME
/*// Send out confirmation email
eErr := c.sendAccountConfirmEmail(existingProfile.User)
if eErr != nil {
c.Flash.Error("Could not send confirmation email")
} else {*/
// Update email address in database
_, err := c.Txn.Exec("update User set Email = ?, Confirmed = ? where UserId = ?",
email, 0, existingProfile.User.UserId)
if err != nil {
panic(err)
}
// Update session value
c.Session["userEmail"] = email
//}
}
profile.UserName = strings.ToLower(profile.UserName)
// Update username?
if profile.UserName != existingProfile.UserName {
userExists := c.getProfileByUserName(profile.UserName)
if userExists != nil {
c.Flash.Error("User name is already registered to another account")
return c.Redirect(routes.Profile.Settings(username))
}
// Change username
existingProfile.UserName = profile.UserName
}
// Update password?
if profile.User.Password != "" || verifyPassword != "" {
c.CommitPassword(existingProfile.User, profile.User.Password)
}
// Update other profile components
existingProfile.Name = profile.Name
existingProfile.Summary = profile.Summary
existingProfile.Description = profile.Description
_, err := c.Txn.Update(existingProfile)
if err != nil {
c.Flash.Error("Profile could not be updated")
return c.Redirect(routes.Profile.Settings(username))
}
c.Flash.Success("Profile has been updated")
return c.Redirect(routes.Profile.Show(existingProfile.UserName))
}
func (c Account) SaveUser(user models.User, username, name string) r.Result {
// Lower case username
username = strings.ToLower(username)
lcPass := strings.ToLower(user.Password)
// Validate User components
models.ValidateUserEmail(c.Validation, user.Email).Key("user.Email")
models.ValidateUserPassword(c.Validation, user.Password).Key("user.Password")
// Additional user components verification
c.Validation.Required(user.Password != user.Email).Message("Password cannot be the same as your email address").Key("user.Password")
c.Validation.Required(lcPass != username).Message("Password cannot be the same as your user name").Key("user.Password")
// Validate Profile components
models.ValidateProfileUserName(c.Validation, username).Key("username")
models.ValidateProfileName(c.Validation, name).Key("name")
if c.Validation.HasErrors() {
c.Validation.Keep()
c.FlashParams()
c.Flash.Error("Registration failed.")
return c.Redirect(routes.Account.Register())
}
userExists := c.getProfileByEmailAddress(user.Email)
if userExists != nil {
c.Validation.Keep()
c.FlashParams()
c.Flash.Error("Email '" + user.Email + "' is already registered.")
return c.Redirect(routes.Account.Register())
}
userExists = c.getProfileByUserName(username)
if userExists != nil {
c.Validation.Keep()
c.FlashParams()
c.Flash.Error("User name '" + username + "' is already taken.")
return c.Redirect(routes.Account.Register())
}
user.HashedPassword, _ = bcrypt.GenerateFromPassword([]byte(user.Password), bcrypt.DefaultCost)
user.Created = time.Now()
user.Confirmed = false
err := c.Txn.Insert(&user)
if err != nil {
panic(err)
}
// Create profile (and assign correct UserId)
profile := &models.Profile{0, user.UserId, username, name, "", "", "", 0, 0, &user}
// Get Gravatar Icon
emailHash := gr.EmailHash(user.Email)
gravatarUrl := gr.GetAvatarURL("https", emailHash, gr.DefaultIdentIcon, 128)
if gravatarUrl != nil {
profile.PhotoUrl = gravatarUrl.String()
}
err = c.Txn.Insert(profile)
if err != nil {
panic(err)
}
// Send out confirmation email
err = c.sendAccountConfirmEmail(&user)
if err != nil {
c.Flash.Error("Could not send confirmation email")
fmt.Println(err.Error())
}
c.Session["userEmail"] = string(user.Email)
c.Flash.Success("Welcome, " + profile.Name)
return c.Redirect(routes.Profile.Show(profile.UserName))
}