func SendMessageSubmitHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
_, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if userId == 0 {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
recipient, message, err := util.ValidMessagePost(r)
if err != nil {
return err
}
err = gen.MessageLimit(db, userId)
if err != nil {
return err
}
err = gen.SendMessage(db, userId, recipient, message)
if err != nil {
return err
}
http.Redirect(w, r, "https://5sur.com/dashboard/messages?i="+strconv.Itoa(recipient), 303)
return nil
}
func ListingsHandler(w http.ResponseWriter, r *http.Request) error {
query, err := util.ValidListingQuery(r.URL) // Returns util.QueryFields
if err != nil {
return err
}
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
listings, err := gen.ReturnListings(db, query.Origin, query.Destination, query.Date+" "+query.Time)
if err != nil {
return err
}
jsonListings, err := json.MarshalIndent(listings, "", " ")
if err != nil {
return util.NewError(nil, "Json conversion failed", 500)
}
w.Header().Set("Content-Type", "application/json")
fmt.Fprint(w, string(jsonListings))
return nil
}
func UploadHandler(w http.ResponseWriter, r *http.Request) error {
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, _, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if user == "" {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
// the FormFile function takes in the POST input id file
file, header, err := r.FormFile("Picture")
if err != nil {
return util.NewError(nil, "Foto no encontrado", 400)
}
defer file.Close()
err = util.SaveImage(db, user, file, header)
if err != nil {
return err
}
http.Redirect(w, r, "https://5sur.com/dashboard/settings", 303)
return nil
}
func EmailPrefHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
_, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if userId == 0 {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
prefs, err := util.ReturnEmailPref(db, userId)
if err != nil {
return err
}
err = templates.ExecuteTemplate(w, "emailPref.html", prefs)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func CreateSubmitHandler(w http.ResponseWriter, r *http.Request) error {
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if user == "" {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
createFormPost, err := util.ValidCreateSubmit(r)
if err != nil {
return err
}
listingId, err := gen.CreateListing(db, createFormPost.Date, userId, createFormPost.Origin, createFormPost.Destination, createFormPost.Seats, createFormPost.Fee)
if err != nil {
return err
}
http.Redirect(w, r, "https://5sur.com/dashboard/listings?i="+strconv.FormatInt(listingId, 10), 303)
return nil
}
func PasswordResetHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
err = gen.ResetPassword(db, r.FormValue("Email"))
if err != nil {
return err
}
Page := struct {
Title string
MessageTitle string
Message string
}{
"Restablecer contraseña",
"",
"Email para reestablecer contraseña ha sido mandado a " + r.FormValue("Email"),
}
err = templates.ExecuteTemplate(w, "formSubmit.html", Page)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func SendMessageHandler(w http.ResponseWriter, r *http.Request) error {
recipientId, err := util.ValidMessageURL(r)
if err != nil {
return err
}
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
_, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if userId == 0 {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
userInfo, err := gen.ReturnUserInfo(db, recipientId)
if err != nil {
return err
}
err = templates.ExecuteTemplate(w, "message.html", userInfo)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func CreateListingHandler(w http.ResponseWriter, r *http.Request) error {
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, _, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if user == "" {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
// HTML generation (also does listing-specific SQL calls)
cities, err := gen.ReturnFilter(db)
if err != nil {
return err
}
err = templates.ExecuteTemplate(w, "create.html", cities)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func ReserveHandler(w http.ResponseWriter, r *http.Request) error {
//Check POST data
values, err := util.ValidReservePost(r)
if err != nil {
return err
}
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, userId, err := util.CheckAppCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if user == "" {
return util.NewError(nil, "Login required", 401)
}
err = gen.CreateReservation(db, userId, values.ListingId, values.Seats, r.FormValue("Message"))
if err != nil {
return err
}
w.WriteHeader(200)
fmt.Fprint(w, "You registered, woo")
return nil
}
func LoginHandler(w http.ResponseWriter, r *http.Request) error {
// POST validation
if r.FormValue("Password") == "" || r.FormValue("Username") == "" {
return util.NewError(nil, "Missing username or password", 400)
}
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
authenticated, err := gen.CheckCredentials(db, r.FormValue("Username"), r.FormValue("Password"))
if err != nil {
return err
}
if authenticated {
myCookie, err := util.CreateCookie(r.FormValue("Username"), db, true, true) // This also stores a hashed cookie in the database
if err != nil {
return err
}
http.SetCookie(w, &myCookie)
w.WriteHeader(200)
fmt.Fprint(w, "Logged in as "+r.FormValue("Username"))
return nil
} else {
return util.NewError(nil, "Your username or password was incorrect", 400)
}
return nil
}
func UploadDeleteHandler(w http.ResponseWriter, r *http.Request) error {
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if userId == 0 {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
if r.FormValue("User") != strconv.Itoa(userId) {
return util.NewError(nil, "Foto no borrado", 400)
}
err = util.DeletePicture(db, user)
if err != nil {
return err
}
http.Redirect(w, r, "https://5sur.com/dashboard/settings", 303)
return nil
}
func RootHandler(w http.ResponseWriter, r *http.Request) error {
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, userId, userImg, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
alerts, err := gen.GetAlerts(db, userId)
if err != nil {
return err
}
header := &gen.HeaderHTML{
Username: user,
Alerts: len(alerts),
AlertText: alerts,
UserImage: userImg,
}
cities, err := gen.ReturnFilter(db)
if err != nil {
return err
}
listings, err := gen.ReturnAllListings(db)
if err != nil {
return err
}
body := &gen.ListingsHTML{
Filter: cities,
Listings: listings,
Homepage: true,
}
page := struct {
Header gen.HeaderHTML
Body gen.ListingsHTML
}{
*header,
*body,
}
err = templates.ExecuteTemplate(w, "listings.html", page)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func DeleteAccountHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if user == "" {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
// put this in valid
if r.FormValue("Password") == "" || r.FormValue("Password2") == "" {
return util.NewError(nil, "Rellena el formulario completo por favor", 400)
}
if r.FormValue("Password") != r.FormValue("Password2") {
return util.NewError(nil, "No coincide la contraseña", 400)
}
authenticated, err := gen.CheckCredentials(db, user, r.FormValue("Password"))
if err != nil {
return err
}
if !authenticated {
return util.NewError(nil, "Contraseña incorrecta", 400)
}
err = gen.DeleteAccount(db, userId)
if err != nil {
return err
}
Page := struct {
Title string
MessageTitle string
Message string
}{
"Borrar cuenta",
"",
"Cuenta eliminada",
}
err = templates.ExecuteTemplate(w, "formSubmit.html", Page)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func RegistrationHandler(w http.ResponseWriter, r *http.Request) error {
err := util.ValidRegister(r)
if err != nil {
return err
}
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
err = gen.CheckUserInfo(db, r.FormValue("Username"), r.FormValue("Email"))
if err != nil {
return err
}
userIp := ""
if ipProxy := r.Header.Get("X-Real-IP"); len(ipProxy) > 0 {
userIp = ipProxy
} else {
userIp, _, _ = net.SplitHostPort(r.RemoteAddr)
}
human, err := gen.CheckCaptcha(r.FormValue("g-recaptcha-response"), userIp)
if err != nil {
return err
}
if !human {
return util.NewError(nil, "Captcha invalido", 400)
}
err = gen.UserAuth(db, r.FormValue("Username"), r.FormValue("Password"), r.FormValue("Email"))
if err != nil {
return err
}
Page := struct {
Title string
MessageTitle string
Message string
}{
"Regístrate",
"",
"Email de confirmacion ha sido mandado a " + r.FormValue("Email"),
}
err = templates.ExecuteTemplate(w, "formSubmit.html", Page)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func RegisterFormHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
err = templates.ExecuteTemplate(w, "register.html", "")
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func UserHandler(w http.ResponseWriter, r *http.Request) error {
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, userId, userImg, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
alerts, err := gen.GetAlerts(db, userId)
if err != nil {
return err
}
splits := strings.Split(r.URL.Path, "/")
userInfo, err := gen.ReturnUserInfo(db, splits[2])
if err != nil {
return err
}
header := &gen.HeaderHTML{
Title: user,
Username: user,
Alerts: len(alerts),
AlertText: alerts,
UserImage: userImg,
}
page := struct {
Header gen.HeaderHTML
Body gen.User
}{
*header,
userInfo,
}
err = templates.ExecuteTemplate(w, "user.html", page)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func ReserveFormHandler(w http.ResponseWriter, r *http.Request) error {
l, err := util.ValidReserveURL(r)
if err != nil {
return err
}
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, _, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if user == "" {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
listing, err := gen.ReturnIndividualListing(db, l)
if err != nil {
return err
}
seats := make([]int, 0)
for i := 1; i <= listing.Seats; i++ {
seats = append(seats, i)
}
driver, err := gen.ReturnUserInfo(db, listing.Driver)
reserve := &gen.ReserveHTML{
ListingId: listing.Id,
Driver: driver.Name,
Seats: seats,
}
err = templates.ExecuteTemplate(w, "reserve.html", reserve)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func LoginFormHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
_, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if userId != 0 {
http.Redirect(w, r, "https://5sur.com/", 303)
return nil
}
userIp := ""
if ipProxy := r.Header.Get("X-Real-IP"); len(ipProxy) > 0 {
userIp = ipProxy
} else {
userIp, _, _ = net.SplitHostPort(r.RemoteAddr)
}
attempts, err := gen.CheckAttempts(db, userIp)
if err != nil {
return err
}
var script, captcha template.HTML
if attempts > 2 {
script = `<script src='https://www.google.com/recaptcha/api.js'></script>`
captcha = `<div class="g-recaptcha" data-sitekey="6LfejAATAAAAAK1DA4l33OntwJy9LZz1GK3F2Egr"></div>`
}
registerData := &gen.LoginHTML{
Title: "Ingresar",
Script: script,
Captcha: captcha,
}
err = templates.ExecuteTemplate(w, "login.html", registerData)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func ReserveHandler(w http.ResponseWriter, r *http.Request) error {
//Check POST data
values, err := util.ValidReservePost(r)
if err != nil {
return err
}
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if user == "" {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
err = gen.CreateReservation(db, userId, values.ListingId, values.Seats, r.FormValue("Message"))
if err != nil {
return err
}
Page := struct {
Title string
MessageTitle string
Message string
}{
"Reservar",
"Has entrado a la lista de reservaciones",
"Atento: tu viaje no esta garantizado hasta que el conductor te acepte. Te notificaremos cuando esto suceda.",
}
err = templates.ExecuteTemplate(w, "formSubmit.html", Page)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func CityHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
cities, err := gen.ReturnFilter(db)
if err != nil {
return err
}
jsonCities, err := json.MarshalIndent(cities, "", " ")
if err != nil {
return util.NewError(err, "Json conversion failed", 500)
}
w.Header().Set("Content-Type", "application/json")
fmt.Fprint(w, string(jsonCities))
return nil
}
func RateSubmitHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
_, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if userId == 0 {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
userRate, positive, comment, public, err := util.ValidRatePost(r)
if err != nil {
return err
}
err = gen.SubmitRating(db, userId, userRate, positive, comment, public)
if err != nil {
return err
}
Page := struct {
Title string
MessageTitle string
Message string
}{
"Dar puntaje",
"",
"Rating entregado!",
}
err = templates.ExecuteTemplate(w, "formSubmit.html", Page)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func PasswordChangeHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
err = util.ValidChangePasswordSubmit(r)
if err != nil {
return err
}
err = gen.ChangePassword(db, r.FormValue("User"), r.FormValue("Token"), r.FormValue("Password"))
if err != nil {
return err
}
http.Redirect(w, r, "https://5sur.com/login", 303)
return nil
}
func DashSettingsHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
user, userId, userImg, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if userId == 0 {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
alerts, err := gen.GetAlerts(db, userId)
if err != nil {
return err
}
header := &gen.HeaderHTML{
Title: "Dashboard",
Username: user,
Alerts: len(alerts),
AlertText: alerts,
UserImage: userImg,
}
page := struct {
Header gen.HeaderHTML
}{
*header,
}
err = templates.ExecuteTemplate(w, "dashSettings.html", page)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func UserHandler(w http.ResponseWriter, r *http.Request) error {
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
splits := strings.Split(r.URL.Path, "/")
user, err := gen.ReturnUserInfo(db, splits[3])
if err != nil {
return err
}
formatted, err := json.MarshalIndent(user, "", " ")
if err != nil {
return util.NewError(err, "Json conversion failed", 500)
}
fmt.Fprint(w, string(formatted))
return nil
}
func UploadFormHandler(w http.ResponseWriter, r *http.Request) error {
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, _, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if user == "" {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
err = templates.ExecuteTemplate(w, "upload.html", "")
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func EmailPrefSubmitHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
_, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if userId == 0 {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
err = util.SetEmailPref(db, r, userId)
if err != nil {
return err
}
Page := struct {
Title string
MessageTitle string
Message string
}{
"Preferencias email",
"",
"Preferencias guardadas",
}
err = templates.ExecuteTemplate(w, "formSubmit.html", Page)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func AccountAuthHandler(w http.ResponseWriter, r *http.Request) error {
// Query string validation
token, err := util.ValidAuthQuery(r.URL) // Returns util.QueryFields
if err != nil {
return err
}
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// Authenticate and create the user account
_, err = gen.CreateUser(db, token)
if err != nil {
return err
}
http.Redirect(w, r, "https://5sur.com/login", 303)
return nil
}
func LogoutHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
_, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
// Create gen.InvalidateCookie
err, expiredCookie := util.DeleteCookie(db, userId, false)
if err != nil {
return err
}
http.SetCookie(w, &expiredCookie)
http.Redirect(w, r, "https://5sur.com/", 303)
return nil
}
func UploadDeleteFormHandler(w http.ResponseWriter, r *http.Request) error {
// Database initialization
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
if user == "" {
return util.NewError(nil, "Se requiere ingreso a la cuenta", 401)
}
picture, err := gen.ReturnUserPicture(db, userId, "100")
if err != nil {
return err
}
body := struct {
User int
Picture string
}{
userId,
picture,
}
err = templates.ExecuteTemplate(w, "deletePicture.html", body)
if err != nil {
return util.NewError(err, "No se cargó la página", 500)
}
return nil
}
func LogoutHandler(w http.ResponseWriter, r *http.Request) error {
db, err := util.OpenDb()
if err != nil {
return err
}
defer db.Close()
// User authentication
_, userId, err := util.CheckAppCookie(r, db) // return "" if not logged in
if err != nil {
return err
}
// Create gen.InvalidateCookie
err, expiredCookie := util.DeleteCookie(db, userId, true)
if err != nil {
return err
}
http.SetCookie(w, &expiredCookie)
w.WriteHeader(200)
fmt.Fprint(w, "You logged out")
return nil
}