//RegisterHandler url: /user/register
func RegisterHandler(w http.ResponseWriter, config Config, form UserRegisterForm, r render.Render, logger *log.Logger) {
if !form.Validate() {
r.JSON(http.StatusOK, J{"data": nil, "err": J{"code": 100, "msg": "invalid name"}})
return
}
priv := util.GetRandomString(10)
p1 := util.Md5(form.Pwd, priv)
SecKey := util.Md5(p1, config.AuthConfig.ConstSalt)
db, err := gorm.Open(config.DB.Type, config.DB.Uri)
if err != nil {
r.JSON(http.StatusInternalServerError, J{"data": nil, "err": J{"code": 201, "msg": "database open error."}})
return
}
defer db.Close()
NewUser := User{
Name: form.Name,
SecKey: SecKey,
Priv: priv,
}
//把新用户插入users表中
err = db.Table("users").Create(&NewUser).Error
if err != nil {
r.JSON(http.StatusInternalServerError, J{"data": nil, "err": J{"code": 202, "msg": "database insert error."}})
logger.Error(err)
return
}
r.JSON(http.StatusOK, J{"data": NewUser.Name, "err": nil})
}
//LoginHandler url: /user/login
func LoginHandler(w http.ResponseWriter, config Config, form UserLoginForm, r render.Render, logger *log.Logger) {
if !form.Validate() {
r.JSON(http.StatusOK, J{"data": nil, "err": J{"code": 101, "msg": "invalid form"}})
return
}
db, err := gorm.Open(config.DB.Type, config.DB.Uri)
if err != nil {
r.JSON(http.StatusInternalServerError, J{"data": nil, "err": J{"code": 201, "msg": "database open error."}})
return
}
userKey := UserKey{}
db.Table("users").Select("sec_key, priv").Where("name = ?", form.Name).First(&userKey)
if !userKey.Validate() {
r.JSON(http.StatusOK, J{"data": nil, "err": J{"code": 102, "msg": "unregistered user"}})
return
}
p1 := util.Md5(form.Pwd, userKey.Priv)
SecKey := util.Md5(p1, config.AuthConfig.ConstSalt)
if SecKey != userKey.SecKey {
r.JSON(http.StatusOK, J{"data": nil, "err": J{"code": 103, "msg": "invalid password"}})
return
}
http.SetCookie(w, &http.Cookie{
Name: "name",
Value: form.Name,
Path: "/",
Expires: time.Now().Add(time.Hour * 10000),
})
http.SetCookie(w, &http.Cookie{
Name: "fk",
Value: userKey.SecKey,
Path: "/",
Expires: time.Now().Add(time.Hour * 10000),
})
http.SetCookie(w, &http.Cookie{
Name: "p",
Value: userKey.Priv,
Path: "/",
Expires: time.Now().Add(time.Hour * 10000),
})
r.JSON(http.StatusOK, J{"data": form.Name, "err": nil})
}
//UploadBkimg url: /user/bkimg/upload
func UploadBkimg(img Bkimg, r render.Render, cookie UserCookie, config Config, logger *log.Logger) {
//检查cookie的有效性
if !cookie.Validate() {
r.Redirect("/", http.StatusUnauthorized)
logger.Info("Fail to auth whith cookie:", cookie)
return
}
//打开上传文件
file, err := img.Content.Open()
if err != nil {
r.Redirect("/", http.StatusInternalServerError)
return
}
//将文件内容全被读出来
b, err := ioutil.ReadAll(file)
if err != nil {
r.Redirect("/", http.StatusInternalServerError)
return
}
//检查该图片文件的类型,如果不是图片文件的话那么上传失败,返回。
_, format, err := image.Decode(bytes.NewReader(b))
switch err {
case image.ErrFormat:
r.Redirect("/", http.StatusOK)
return
case nil:
break
default:
r.Redirect("/", http.StatusInternalServerError)
logger.Info(err.Error())
return
}
//计算文件的md5,作为唯一表示以及文件名。
fileMd5 := util.Md5(b)
fileName := fileMd5 + "." + format
fileFullName := filepath.Join(config.Server.StaticHome, "img/bk", fileName)
//如果该文件存在那么直接跳到接入数据库
if fi, _ := os.Stat(fileFullName); fi != nil {
r.Redirect("/", http.StatusFound)
logger.Info("file exists:", fileFullName)
goto CommitToDB
}
err = ioutil.WriteFile(fileFullName, b, 0600)
if err != nil {
r.Redirect("/", http.StatusInternalServerError)
return
}
//将该图片文件的文件名存入users表的bkimg字段中。
CommitToDB:
db, err := gorm.Open(config.DB.Type, config.DB.Uri)
if err != nil {
r.Redirect("/", http.StatusInternalServerError)
return
}
if err = db.Table("users").Where(&cookie).Update("bkimg", fileName).Error; err != nil {
r.Redirect("/", http.StatusInternalServerError)
return
}
r.Redirect("/", http.StatusFound)
}