func login(w http.ResponseWriter, r *http.Request) error { username := r.FormValue("username") password := r.FormValue("password") userLog.Info("Log in: %v/%v", username, password) query := DB.QueryRow("SELECT id, username, password FROM users WHERE username = $1", username) var user User err := query.Scan(&user.Id, &user.Username, &user.password) if err != nil { web.FlashWarning(r, "No such user found") http.Redirect(w, r, "/login", http.StatusFound) return nil } if string(user.password) == password { session := web.Session(r) session.Values["userId"] = user.Id web.FlashInfo(r, fmt.Sprintf("Logged in as %v", user.Username)) if dest, ok := session.Values["loginDestination"]; ok { http.Redirect(w, r, dest.(string), http.StatusFound) } else { http.Redirect(w, r, "/user", http.StatusFound) } return nil } web.FlashWarning(r, "Incorrect username or password") http.Redirect(w, r, "/login", http.StatusFound) return nil }
func logout(w http.ResponseWriter, r *http.Request) error { session := web.Session(r) delete(session.Values, "userId") web.FlashInfo(r, "You have been logged out") http.Redirect(w, r, "/login", http.StatusFound) return nil }
func (s Subject) SaveQuestions(r *http.Request, subject *Subject, form url.Values) error { // Parse the form values into a map for each question questionData := parseQuestionForm(form) allQuestions, _ := s.Questions() saver := questions.DataSaver{} for _, question := range allQuestions { data := questionData[int(question.Id)] value, err := question.QuestionType().Parse(data) if err != nil { web.FlashError(r, fmt.Sprintf("Could not save %v: %v", question.Name, err)) continue } ToSave := questions.Data{subject.Id, question, value} err = saver.SaveInstant(ToSave) if err != nil { web.FlashError(r, err.Error()) } else { web.FlashInfo(r, fmt.Sprint(question.Name, value.Interface())) } } return nil }