Example #1
0
func signInHandler(ctx *app.Context) {
	modal := ctx.FormValue("modal") != ""
	d := data(ctx)
	if !modal && !d.allowDirectSignIn() && d.hasEnabledSocialSignin() {
		// Redirect to the only available social sign-in
		ctx.MustRedirectReverse(false, d.enabledSocialAccountTypes()[0].HandlerName)
		return
	}
	from := ctx.FormValue(app.SignInFromParameterName)
	signIn := SignIn{From: from}
	form := form.New(ctx, &signIn)
	if d.allowDirectSignIn() && form.Submitted() && form.IsValid() {
		ctx.MustSignIn(asGondolaUser(reflect.ValueOf(signIn.User)))
		ctx.RedirectBack()
		return
	}
	user, _ := newEmptyUser(ctx)
	data := map[string]interface{}{
		"SocialAccountTypes": d.enabledSocialAccountTypes(),
		"From":               from,
		"SignInForm":         form,
		"SignUpForm":         SignUpForm(ctx, user),
		"AllowDirectSignIn":  d.allowDirectSignIn(),
		"AllowRegistration":  d.allowRegistration(),
	}
	tmpl := SignInTemplateName
	if modal && SignInModalTemplateName != "" {
		tmpl = SignInModalTemplateName
	}
	ctx.MustExecute(tmpl, data)
}
Example #2
0
func jsSignInHandler(ctx *app.Context) {
	d := data(ctx)
	if !d.allowDirectSignIn() {
		ctx.NotFound("")
		return
	}
	signIn := SignIn{}
	form := form.New(ctx, &signIn)
	if form.Submitted() && form.IsValid() {
		user := reflect.ValueOf(signIn.User)
		ctx.MustSignIn(asGondolaUser(user))
		writeJSONEncoded(ctx, user)
		return
	}
	FormErrors(ctx, form)
}
Example #3
0
func ResetHandler(ctx *app.Context) {
	d := data(ctx)
	if !d.allowDirectSignIn() {
		ctx.NotFound("")
		return
	}
	payload := ctx.FormValue("p")
	var valid bool
	var expired bool
	var f *form.Form
	var user reflect.Value
	var err error
	var done bool
	if payload != "" {
		user, err = decodeResetPayload(ctx, payload)
		if err == nil && user.IsValid() {
			valid = true
		} else {
			if err == errResetExpired {
				expired = true
			}
		}
	}
	if valid {
		passwordForm := &PasswordForm{User: user}
		f = form.New(ctx, passwordForm)
		if f.Submitted() && f.IsValid() {
			ctx.Orm().MustSave(user.Interface())
			ctx.MustSignIn(asGondolaUser(user))
			done = true
		}
	}
	data := map[string]interface{}{
		"Valid":        valid,
		"Expired":      expired,
		"Done":         done,
		"User":         user,
		"PasswordForm": f,
		"Payload":      payload,
	}
	ctx.MustExecute(ResetTemplateName, data)
}
Example #4
0
func SignUpForm(ctx *app.Context, user reflect.Value) *form.Form {
	passwordForm := &PasswordForm{User: user}
	acceptForm := &AcceptForm{Accept: true}
	return form.New(ctx, user.Interface(), passwordForm, acceptForm)
}
Example #5
0
func forgotHandler(ctx *app.Context) {
	d := data(ctx)
	if !d.allowDirectSignIn() {
		ctx.NotFound("")
		return
	}
	var user User
	var isEmail bool
	var sent bool
	var fields struct {
		Username         string `form:",singleline,label=Username or Email"`
		ValidateUsername func(*app.Context) error
	}
	fields.ValidateUsername = func(c *app.Context) error {
		username := Normalize(fields.Username)
		isEmail = strings.Contains(username, "@")
		var field string
		if isEmail {
			field = "User.NormalizedEmail"
		} else {
			field = "User.NormalizedUsername"
		}
		userVal, userIface := newEmptyUser(ctx)
		ok := c.Orm().MustOne(orm.Eq(field, username), userIface)
		if !ok {
			if isEmail {
				return i18n.Errorf("address %q does not belong to any registered user", username)
			}
			return i18n.Errorf("username %q does not belong to any registered user", username)
		}
		user = getUserValue(userVal, "User").(User)
		if user.Email == "" {
			return i18n.Errorf("username %q does not have any registered emails", username)
		}
		return nil
	}
	f := form.New(ctx, &fields)
	if f.Submitted() && f.IsValid() {
		se, err := ctx.App().EncryptSigner(Salt)
		if err != nil {
			panic(err)
		}
		values := make(url.Values)
		values.Add("u", strconv.FormatInt(user.Id(), 36))
		values.Add("t", strconv.FormatInt(time.Now().Unix(), 36))
		values.Add("n", stringutil.Random(64))
		payload := values.Encode()
		p, err := se.EncryptSign([]byte(payload))
		if err != nil {
			panic(err)
		}
		abs := ctx.URL()
		reset := fmt.Sprintf("%s://%s%s?p=%s", abs.Scheme, abs.Host, ctx.MustReverse(ResetHandlerName), p)
		data := map[string]interface{}{
			"URL": reset,
		}
		from := mail.DefaultFrom()
		if from == "" {
			from = fmt.Sprintf("no-reply@%s", abs.Host)
		}
		msg := &mail.Message{
			To:      user.Email,
			From:    from,
			Subject: fmt.Sprintf(ctx.T("Reset your %s password"), d.opts.SiteName),
		}
		ctx.MustSendMail("reset_password.txt", data, msg)
		sent = true
	}
	data := map[string]interface{}{
		"ForgotForm": f,
		"IsEmail":    isEmail,
		"Sent":       sent,
		"User":       user,
	}
	ctx.MustExecute(ForgotTemplateName, data)
}