func SendMessageSubmitHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication _, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if userId == 0 { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } recipient, message, err := util.ValidMessagePost(r) if err != nil { return err } err = gen.MessageLimit(db, userId) if err != nil { return err } err = gen.SendMessage(db, userId, recipient, message) if err != nil { return err } http.Redirect(w, r, "https://5sur.com/dashboard/messages?i="+strconv.Itoa(recipient), 303) return nil }
func ListingsHandler(w http.ResponseWriter, r *http.Request) error { query, err := util.ValidListingQuery(r.URL) // Returns util.QueryFields if err != nil { return err } // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() listings, err := gen.ReturnListings(db, query.Origin, query.Destination, query.Date+" "+query.Time) if err != nil { return err } jsonListings, err := json.MarshalIndent(listings, "", " ") if err != nil { return util.NewError(nil, "Json conversion failed", 500) } w.Header().Set("Content-Type", "application/json") fmt.Fprint(w, string(jsonListings)) return nil }
func UploadHandler(w http.ResponseWriter, r *http.Request) error { // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, _, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if user == "" { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } // the FormFile function takes in the POST input id file file, header, err := r.FormFile("Picture") if err != nil { return util.NewError(nil, "Foto no encontrado", 400) } defer file.Close() err = util.SaveImage(db, user, file, header) if err != nil { return err } http.Redirect(w, r, "https://5sur.com/dashboard/settings", 303) return nil }
func EmailPrefHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication _, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if userId == 0 { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } prefs, err := util.ReturnEmailPref(db, userId) if err != nil { return err } err = templates.ExecuteTemplate(w, "emailPref.html", prefs) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func CreateSubmitHandler(w http.ResponseWriter, r *http.Request) error { // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if user == "" { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } createFormPost, err := util.ValidCreateSubmit(r) if err != nil { return err } listingId, err := gen.CreateListing(db, createFormPost.Date, userId, createFormPost.Origin, createFormPost.Destination, createFormPost.Seats, createFormPost.Fee) if err != nil { return err } http.Redirect(w, r, "https://5sur.com/dashboard/listings?i="+strconv.FormatInt(listingId, 10), 303) return nil }
func PasswordResetHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() err = gen.ResetPassword(db, r.FormValue("Email")) if err != nil { return err } Page := struct { Title string MessageTitle string Message string }{ "Restablecer contraseña", "", "Email para reestablecer contraseña ha sido mandado a " + r.FormValue("Email"), } err = templates.ExecuteTemplate(w, "formSubmit.html", Page) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func SendMessageHandler(w http.ResponseWriter, r *http.Request) error { recipientId, err := util.ValidMessageURL(r) if err != nil { return err } db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication _, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if userId == 0 { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } userInfo, err := gen.ReturnUserInfo(db, recipientId) if err != nil { return err } err = templates.ExecuteTemplate(w, "message.html", userInfo) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func CreateListingHandler(w http.ResponseWriter, r *http.Request) error { // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, _, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if user == "" { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } // HTML generation (also does listing-specific SQL calls) cities, err := gen.ReturnFilter(db) if err != nil { return err } err = templates.ExecuteTemplate(w, "create.html", cities) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func ReserveHandler(w http.ResponseWriter, r *http.Request) error { //Check POST data values, err := util.ValidReservePost(r) if err != nil { return err } // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, userId, err := util.CheckAppCookie(r, db) // return "" if not logged in if err != nil { return err } if user == "" { return util.NewError(nil, "Login required", 401) } err = gen.CreateReservation(db, userId, values.ListingId, values.Seats, r.FormValue("Message")) if err != nil { return err } w.WriteHeader(200) fmt.Fprint(w, "You registered, woo") return nil }
func LoginHandler(w http.ResponseWriter, r *http.Request) error { // POST validation if r.FormValue("Password") == "" || r.FormValue("Username") == "" { return util.NewError(nil, "Missing username or password", 400) } // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication authenticated, err := gen.CheckCredentials(db, r.FormValue("Username"), r.FormValue("Password")) if err != nil { return err } if authenticated { myCookie, err := util.CreateCookie(r.FormValue("Username"), db, true, true) // This also stores a hashed cookie in the database if err != nil { return err } http.SetCookie(w, &myCookie) w.WriteHeader(200) fmt.Fprint(w, "Logged in as "+r.FormValue("Username")) return nil } else { return util.NewError(nil, "Your username or password was incorrect", 400) } return nil }
func UploadDeleteHandler(w http.ResponseWriter, r *http.Request) error { // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if userId == 0 { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } if r.FormValue("User") != strconv.Itoa(userId) { return util.NewError(nil, "Foto no borrado", 400) } err = util.DeletePicture(db, user) if err != nil { return err } http.Redirect(w, r, "https://5sur.com/dashboard/settings", 303) return nil }
func RootHandler(w http.ResponseWriter, r *http.Request) error { // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, userId, userImg, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } alerts, err := gen.GetAlerts(db, userId) if err != nil { return err } header := &gen.HeaderHTML{ Username: user, Alerts: len(alerts), AlertText: alerts, UserImage: userImg, } cities, err := gen.ReturnFilter(db) if err != nil { return err } listings, err := gen.ReturnAllListings(db) if err != nil { return err } body := &gen.ListingsHTML{ Filter: cities, Listings: listings, Homepage: true, } page := struct { Header gen.HeaderHTML Body gen.ListingsHTML }{ *header, *body, } err = templates.ExecuteTemplate(w, "listings.html", page) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func DeleteAccountHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if user == "" { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } // put this in valid if r.FormValue("Password") == "" || r.FormValue("Password2") == "" { return util.NewError(nil, "Rellena el formulario completo por favor", 400) } if r.FormValue("Password") != r.FormValue("Password2") { return util.NewError(nil, "No coincide la contraseña", 400) } authenticated, err := gen.CheckCredentials(db, user, r.FormValue("Password")) if err != nil { return err } if !authenticated { return util.NewError(nil, "Contraseña incorrecta", 400) } err = gen.DeleteAccount(db, userId) if err != nil { return err } Page := struct { Title string MessageTitle string Message string }{ "Borrar cuenta", "", "Cuenta eliminada", } err = templates.ExecuteTemplate(w, "formSubmit.html", Page) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func RegistrationHandler(w http.ResponseWriter, r *http.Request) error { err := util.ValidRegister(r) if err != nil { return err } // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() err = gen.CheckUserInfo(db, r.FormValue("Username"), r.FormValue("Email")) if err != nil { return err } userIp := "" if ipProxy := r.Header.Get("X-Real-IP"); len(ipProxy) > 0 { userIp = ipProxy } else { userIp, _, _ = net.SplitHostPort(r.RemoteAddr) } human, err := gen.CheckCaptcha(r.FormValue("g-recaptcha-response"), userIp) if err != nil { return err } if !human { return util.NewError(nil, "Captcha invalido", 400) } err = gen.UserAuth(db, r.FormValue("Username"), r.FormValue("Password"), r.FormValue("Email")) if err != nil { return err } Page := struct { Title string MessageTitle string Message string }{ "Regístrate", "", "Email de confirmacion ha sido mandado a " + r.FormValue("Email"), } err = templates.ExecuteTemplate(w, "formSubmit.html", Page) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func RegisterFormHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() err = templates.ExecuteTemplate(w, "register.html", "") if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func UserHandler(w http.ResponseWriter, r *http.Request) error { // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, userId, userImg, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } alerts, err := gen.GetAlerts(db, userId) if err != nil { return err } splits := strings.Split(r.URL.Path, "/") userInfo, err := gen.ReturnUserInfo(db, splits[2]) if err != nil { return err } header := &gen.HeaderHTML{ Title: user, Username: user, Alerts: len(alerts), AlertText: alerts, UserImage: userImg, } page := struct { Header gen.HeaderHTML Body gen.User }{ *header, userInfo, } err = templates.ExecuteTemplate(w, "user.html", page) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func ReserveFormHandler(w http.ResponseWriter, r *http.Request) error { l, err := util.ValidReserveURL(r) if err != nil { return err } db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, _, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if user == "" { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } listing, err := gen.ReturnIndividualListing(db, l) if err != nil { return err } seats := make([]int, 0) for i := 1; i <= listing.Seats; i++ { seats = append(seats, i) } driver, err := gen.ReturnUserInfo(db, listing.Driver) reserve := &gen.ReserveHTML{ ListingId: listing.Id, Driver: driver.Name, Seats: seats, } err = templates.ExecuteTemplate(w, "reserve.html", reserve) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func LoginFormHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() _, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if userId != 0 { http.Redirect(w, r, "https://5sur.com/", 303) return nil } userIp := "" if ipProxy := r.Header.Get("X-Real-IP"); len(ipProxy) > 0 { userIp = ipProxy } else { userIp, _, _ = net.SplitHostPort(r.RemoteAddr) } attempts, err := gen.CheckAttempts(db, userIp) if err != nil { return err } var script, captcha template.HTML if attempts > 2 { script = `<script src='https://www.google.com/recaptcha/api.js'></script>` captcha = `<div class="g-recaptcha" data-sitekey="6LfejAATAAAAAK1DA4l33OntwJy9LZz1GK3F2Egr"></div>` } registerData := &gen.LoginHTML{ Title: "Ingresar", Script: script, Captcha: captcha, } err = templates.ExecuteTemplate(w, "login.html", registerData) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func ReserveHandler(w http.ResponseWriter, r *http.Request) error { //Check POST data values, err := util.ValidReservePost(r) if err != nil { return err } // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if user == "" { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } err = gen.CreateReservation(db, userId, values.ListingId, values.Seats, r.FormValue("Message")) if err != nil { return err } Page := struct { Title string MessageTitle string Message string }{ "Reservar", "Has entrado a la lista de reservaciones", "Atento: tu viaje no esta garantizado hasta que el conductor te acepte. Te notificaremos cuando esto suceda.", } err = templates.ExecuteTemplate(w, "formSubmit.html", Page) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func CityHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() cities, err := gen.ReturnFilter(db) if err != nil { return err } jsonCities, err := json.MarshalIndent(cities, "", " ") if err != nil { return util.NewError(err, "Json conversion failed", 500) } w.Header().Set("Content-Type", "application/json") fmt.Fprint(w, string(jsonCities)) return nil }
func RateSubmitHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication _, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if userId == 0 { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } userRate, positive, comment, public, err := util.ValidRatePost(r) if err != nil { return err } err = gen.SubmitRating(db, userId, userRate, positive, comment, public) if err != nil { return err } Page := struct { Title string MessageTitle string Message string }{ "Dar puntaje", "", "Rating entregado!", } err = templates.ExecuteTemplate(w, "formSubmit.html", Page) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func PasswordChangeHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() err = util.ValidChangePasswordSubmit(r) if err != nil { return err } err = gen.ChangePassword(db, r.FormValue("User"), r.FormValue("Token"), r.FormValue("Password")) if err != nil { return err } http.Redirect(w, r, "https://5sur.com/login", 303) return nil }
func DashSettingsHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() user, userId, userImg, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if userId == 0 { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } alerts, err := gen.GetAlerts(db, userId) if err != nil { return err } header := &gen.HeaderHTML{ Title: "Dashboard", Username: user, Alerts: len(alerts), AlertText: alerts, UserImage: userImg, } page := struct { Header gen.HeaderHTML }{ *header, } err = templates.ExecuteTemplate(w, "dashSettings.html", page) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func UserHandler(w http.ResponseWriter, r *http.Request) error { // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() splits := strings.Split(r.URL.Path, "/") user, err := gen.ReturnUserInfo(db, splits[3]) if err != nil { return err } formatted, err := json.MarshalIndent(user, "", " ") if err != nil { return util.NewError(err, "Json conversion failed", 500) } fmt.Fprint(w, string(formatted)) return nil }
func UploadFormHandler(w http.ResponseWriter, r *http.Request) error { // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, _, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if user == "" { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } err = templates.ExecuteTemplate(w, "upload.html", "") if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func EmailPrefSubmitHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication _, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if userId == 0 { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } err = util.SetEmailPref(db, r, userId) if err != nil { return err } Page := struct { Title string MessageTitle string Message string }{ "Preferencias email", "", "Preferencias guardadas", } err = templates.ExecuteTemplate(w, "formSubmit.html", Page) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func AccountAuthHandler(w http.ResponseWriter, r *http.Request) error { // Query string validation token, err := util.ValidAuthQuery(r.URL) // Returns util.QueryFields if err != nil { return err } // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // Authenticate and create the user account _, err = gen.CreateUser(db, token) if err != nil { return err } http.Redirect(w, r, "https://5sur.com/login", 303) return nil }
func LogoutHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication _, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } // Create gen.InvalidateCookie err, expiredCookie := util.DeleteCookie(db, userId, false) if err != nil { return err } http.SetCookie(w, &expiredCookie) http.Redirect(w, r, "https://5sur.com/", 303) return nil }
func UploadDeleteFormHandler(w http.ResponseWriter, r *http.Request) error { // Database initialization db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication user, userId, _, err := util.CheckCookie(r, db) // return "" if not logged in if err != nil { return err } if user == "" { return util.NewError(nil, "Se requiere ingreso a la cuenta", 401) } picture, err := gen.ReturnUserPicture(db, userId, "100") if err != nil { return err } body := struct { User int Picture string }{ userId, picture, } err = templates.ExecuteTemplate(w, "deletePicture.html", body) if err != nil { return util.NewError(err, "No se cargó la página", 500) } return nil }
func LogoutHandler(w http.ResponseWriter, r *http.Request) error { db, err := util.OpenDb() if err != nil { return err } defer db.Close() // User authentication _, userId, err := util.CheckAppCookie(r, db) // return "" if not logged in if err != nil { return err } // Create gen.InvalidateCookie err, expiredCookie := util.DeleteCookie(db, userId, true) if err != nil { return err } http.SetCookie(w, &expiredCookie) w.WriteHeader(200) fmt.Fprint(w, "You logged out") return nil }