// Reset implemented user password reset. func (this *ForgotRouter) ResetPost() { this.TplNames = "auth/reset.html" code := this.GetString(":code") this.Data["Code"] = code var user models.User if auth.VerifyUserResetPwdCode(&user, code) { this.Data["Success"] = true form := auth.ResetPwdForm{} if this.ValidFormSets(&form) == false { return } user.IsActive = true user.Rands = models.GetUserSalt() if err := auth.SaveNewPassword(&user, form.Password); err != nil { beego.Error("ResetPost Save New Password: "******"/login", 302, "ResetSuccess") } else { this.Data["Success"] = false } }
// Logout implemented user logout page. func (this *LoginRouter) Logout() { auth.LogoutUser(this.Ctx) // write flash message this.FlashWrite("HasLogout", "true") this.Redirect("/login", 302) }
func (this *BaseAdminRouter) NestPrepare() { if this.CheckActiveRedirect() { return } // if user isn't admin, then logout user if !this.User.IsAdmin { auth.LogoutUser(this.Ctx) // write flash message, use .flash.NotPermit this.FlashWrite("NotPermit", "true") this.Redirect("/login", 302) return } // it's admin and current in admin page this.Data["IsAdminPage"] = true if app, ok := this.AppController.(ModelPreparer); ok { app.ModelPrepare() return } }
// Prepare implemented Prepare method for baseRouter. func (this *BaseRouter) Prepare() { if setting.EnforceRedirect { // if the host not matching app settings then redirect to AppUrl if this.Ctx.Request.Host != setting.AppHost { this.Redirect(setting.AppUrl, 302) return } } // page start time this.Data["PageStartTime"] = time.Now() // start session this.StartSession() // check flash redirect, if match url then end, else for redirect return if match, redir := this.CheckFlashRedirect(this.Ctx.Request.RequestURI); redir { return } else if match { this.EndFlashRedirect() } switch { // save logined user if exist in session case auth.GetUserFromSession(&this.User, this.CruSession): this.IsLogin = true // save logined user if exist in remember cookie case auth.LoginUserFromRememberCookie(&this.User, this.Ctx): this.IsLogin = true } if this.IsLogin { this.IsLogin = true this.Data["User"] = &this.User this.Data["IsLogin"] = this.IsLogin // if user forbided then do logout if this.User.IsForbid { auth.LogoutUser(this.Ctx) this.FlashRedirect("/login", 302, "UserForbid") return } } // Setting properties. this.Data["AppName"] = setting.AppName this.Data["AppVer"] = setting.AppVer this.Data["AppUrl"] = setting.AppUrl this.Data["AppLogo"] = setting.AppLogo this.Data["AvatarURL"] = setting.AvatarURL this.Data["IsProMode"] = setting.IsProMode this.Data["SearchEnabled"] = setting.SearchEnabled this.Data["NativeSearch"] = setting.NativeSearch this.Data["SphinxEnabled"] = setting.SphinxEnabled // Redirect to make URL clean. if this.setLang() { i := strings.Index(this.Ctx.Request.RequestURI, "?") this.Redirect(this.Ctx.Request.RequestURI[:i], 302) return } // read flash message beego.ReadFromRequest(&this.Controller) // pass xsrf helper to template context xsrfToken := this.Controller.XSRFToken() this.Data["xsrf_token"] = xsrfToken this.Data["xsrf_html"] = template.HTML(this.Controller.XSRFFormHTML()) // if method is GET then auto create a form once token if this.Ctx.Request.Method == "GET" { this.FormOnceCreate() } if app, ok := this.AppController.(NestPreparer); ok { app.NestPrepare() } }