Example #1
0
func (c PortalController) authorized() (interface{}, bool) {
	if secret, ok := c.Session["secret"]; ok {
		remote, _, _ := net.SplitHostPort(c.Request.RemoteAddr)
		forward := c.Request.Header.Get("X-Forwarded-For")
		if forward != "" {
			remote = forward
		}

		token, err := HitSystemToken(secret, remote)
		if err != nil {
			revel.WARN.Printf("authorized failed: %s", err.Error())
			return nil, false
		}

		var account models.SystemAccount
		account.ID = token.SystemAccountID
		if err := db.First(&account).Error; err != nil {
			return nil, false
		}
		c.RenderArgs["account"] = &account
		return &token, true
	}

	return nil, false
}
Example #2
0
func (c AuthController) PasswordPost() revel.Result {
	revel.INFO.Printf("POST > /auth.password ...")
	accountID, ok := c.Session["account"]
	if !ok {
		c.Flash.Error("please login first.")
		return c.Redirect(routes.AuthController.Login())
	}


	var account models.SystemAccount
	account.ID = models.DecodeID(accountID)
	if err := db.First(&account).Error; err != nil {
		c.Flash.Error("please login first: fake session.")
		return c.Redirect(routes.AuthController.Login())
	}

	var old_password, new_password, new_password2 string
	c.Params.Bind(&old_password, "old_password")
	c.Params.Bind(&new_password, "new_password")
	c.Params.Bind(&new_password2, "new_password2")

	if new_password != new_password2 {
		c.Flash.Error("new password not equal")
		return c.Redirect(routes.AuthController.Password())
	}

	//! params validation check
	c.Validation.Required(old_password)
	c.Validation.Required(new_password)

	if c.Validation.HasErrors() {
		// Store the validation errors in the flash context and redirect.
		c.Validation.Keep()
		c.FlashParams()
		return c.Redirect(routes.AuthController.Password())
	}


	tx := db.Begin()
	account.Password = new_password
	if err := tx.Model(&account).Update("password", models.SystemAccountCipher(&account).Password).Error; err != nil {
		tx.Rollback()
		c.Flash.Error("reset password:"******"auth.password updated success.")
	return c.Redirect(routes.PortalController.Index())
}