Example #1
0
func SettingsPost(w http.ResponseWriter, r *http.Request) {
	// /settings POST method handler.
	// Validates the form,

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)

	if username != "" {
		pass, _ := database.GetPassword(db, username)

		newPassword := r.FormValue("new")
		repeat := r.FormValue("repeat")
		oldPassword := r.FormValue("old")

		if password.Authenticate(oldPassword, pass) && len(newPassword) > 5 && newPassword == repeat {
			hashed := password.NewPassword(newPassword)
			database.ChangePassword(db, username, hashed)
			log.Printf("USER (%s) CHANGED PASSWORD\n", username)
		}
	}

	http.Redirect(w, r, "/login", http.StatusFound)
}
Example #2
0
func RegisterPost(w http.ResponseWriter, r *http.Request) {
	// /register POST method handler.
	// Validates the form,
	// check's if username is availible,
	// and then creates a user and redirects to
	// /login .

	db := database.GetConnection()

	var user models.User
	// Model out of form data.
	user.Email = r.FormValue("email")
	user.Email = strings.ToLower(user.Email)
	user.Password = r.FormValue("password")
	user.Firstname = r.FormValue("firstname")
	if len(user.Firstname) > 0 {
		user.Firstname = strings.ToUpper(user.Firstname[0:1]) + strings.ToLower(user.Firstname[1:])
	}
	user.Lastname = r.FormValue("lastname")
	if len(user.Lastname) > 0 {
		user.Lastname = strings.ToUpper(user.Lastname[0:1]) + strings.ToLower(user.Lastname[1:])
	}

	repeat := r.FormValue("repeat")

	var old models.RegisterContext
	// Model for return form.
	// In case there the data wasn't valid
	old.Firstname = user.Firstname
	old.Lastname = user.Lastname
	old.Email = user.Email
	old.Flag = user.UserValidate(repeat)

	if old.Flag != "" {
		templates.Render(w, "register", old)
		return
	}

	pass, _ := database.GetPassword(db, user.Email)
	// Checks if user exists.
	if pass != "" {
		old.Flag = "Vartotojas su šiuo el. pašto adresu jau egzistuoja."
		templates.Render(w, "register", old)
		return
	}

	user.Password = password.NewPassword(user.Password)
	database.CreateUser(db, &user)
	// Creates a user in the db.
	http.Redirect(w, r, "/login", http.StatusFound)
	log.Printf("USER CREATED (%s)\n", user.Email)
}
Example #3
0
func ForgotPost(w http.ResponseWriter, r *http.Request) {
	forgotKey := r.URL.RawQuery
	db := database.GetConnection()
	if forgotKey == "" {
		// Initial forgot submit.
		email := r.FormValue("email")
		pk, _ := database.GetPkAdmin(db, email)
		if pk != -1 {
			if !database.RecoveryExists(db, pk) {
				// Send out an email.
				key := utils.GenRecoveryKey()
				msg := utils.Message{email,
					"Slaptažodio atkūrimas",
					fmt.Sprintf("Norėdami atkurti slaptažodį eikite į:\n\nhttp://futbolas.aivaras.in/forgot/?%s\n\nŠi nuoroda galios dvi dienas.", key)}
				go recovery(db, msg, pk, key)
				log.Printf("An email was sent to %s\n", email)
				templates.Render(w, "forgot", nil)
			} else {
				// The recovery already exists.
				templates.Render(w, "forgot", nil)
			}
		} else {
			//  User non existing.
			templates.Render(w, "forgot", nil)
		}
	} else {
		// Actual recovery.
		newPassword := r.FormValue("new")
		repeat := r.FormValue("repeat")
		if len(newPassword) < 6 || newPassword != repeat {
			// Bad password
			templates.Render(w, "recover", forgotKey)
		} else {
			hashed := password.NewPassword(newPassword)
			database.DoRecover(db, forgotKey, hashed)
			http.Redirect(w, r, "/login", http.StatusFound)
			log.Printf("KEY (%s) RESET PASSWORD\n", forgotKey)
		}
	}
}