func SignupActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
session, validAuth, httperr := auth.CheckSession(r)
if !validAuth || !auth.ValidCSRF(r, session, false) || httperr != nil {
http.Redirect(w, r, paths.SignupPath, http.StatusUnauthorized)
return
}
ss := auth.GetSetSession(w, r, session)
if ss == nil {
views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError)
return
}
reg := &Signup{
First: r.PostFormValue("_fname"),
Last: r.PostFormValue("_lname"),
Email: r.PostFormValue("_email"),
School: r.PostFormValue("_school"),
State: r.PostFormValue("_state"),
}
if err := reg.validate(); err != nil {
views.RenderTemplate(w, r, reload.Signup, http.StatusOK,
&SignupData{
ss.CSRFToken,
err.Error(),
})
return
}
reg.Store()
http.Redirect(w, r, paths.ThankYouPath, http.StatusFound)
}
// LoginViewHandler handles GET requests to "/login/"
func LoginViewHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
// Specific headers for our login page.
w.Header().Set("pragma", "no-cache")
w.Header().Set("cache-control", "no-cache, no-store")
w.Header().Set("expires", "Mon, 01-Jan-1990 00:00:00 GMT")
session, validAuth, httperr := auth.CheckSession(r)
if httperr != nil {
views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, httperr)
}
// If the user is logged in then just redirect to the dashboard.
// This is why the logic may look a little backwards.
if validAuth {
http.Redirect(w, r, paths.DashboardPath, http.StatusFound)
return
}
ss := auth.GetSetSession(w, r, session)
if ss == nil {
views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError)
return
}
views.RenderTemplate(w, r, reload.Login, http.StatusOK, &dt.LoginData{r.Host, ss.CSRFToken, "", ""})
}
func SignupViewHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
session, _, httperr := auth.CheckSession(r)
if httperr != nil {
views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, httperr)
}
ss := auth.GetSetSession(w, r, session)
if ss == nil {
views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError)
return
}
views.RenderTemplate(w, r, reload.Signup, http.StatusOK, &SignupData{ss.CSRFToken, ""})
}
// LogoutActionHandler handles POST requests to "/logout/"
func LogoutActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
session, validAuth, httperr := auth.CheckSession(r)
if httperr != nil {
views.RenderTemplate(w, r, reload.ErrorPage, httperr.Status, httperr)
return
}
if !validAuth || !auth.ValidCSRF(r, session, false) {
http.Redirect(w, r, paths.LoginPath, http.StatusFound)
return
}
if !auth.DestroySession(w, r) {
glog.Errorln(auth.ErrUnableToLogOut)
views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, auth.ErrUnableToLogOut)
return
}
http.Redirect(w, r, paths.IndexPath, http.StatusFound)
}
