// PostLogin performs login.
func PostLogin(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
db := context.Get(r, "db").(*sqlx.DB)
cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore)
email := r.FormValue("Email")
password := r.FormValue("Password")
u := model.NewUserStore(db)
user, err := u.GetUserByEmailAndPassword(nil, email, password)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
session, _ := cookieStore.Get(r, "mqserver-session")
session.Values["user"] = user
err = session.Save(r, w)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
http.Redirect(w, r, "/", 302)
}
func PutUsersID(w http.ResponseWriter, r *http.Request) {
userId, err := getIdFromPath(w, r)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
db := context.Get(r, "db").(*sqlx.DB)
cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore)
session, _ := cookieStore.Get(r, "mqserver-session")
currentUser := session.Values["user"].(*model.UserRow)
if currentUser.ID != userId {
err := errors.New("Modifying other user is not allowed.")
libhttp.HandleErrorJson(w, err)
return
}
email := r.FormValue("Email")
password := r.FormValue("Password")
passwordAgain := r.FormValue("PasswordAgain")
u := model.NewUserStore(db)
currentUser, err = u.UpdateEmailAndPasswordById(nil, currentUser.ID, email, password, passwordAgain)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
// Update currentUser stored in session.
session.Values["user"] = currentUser
err = session.Save(r, w)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
http.Redirect(w, r, "/", 302)
}
func GetLoginWithoutSession(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
tmpl, err := template.ParseFiles("templates/users/users-external.html.tmpl", "templates/users/login.html.tmpl")
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
tmpl.Execute(w, nil)
}
func PostSignup(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
db := context.Get(r, "db").(*sqlx.DB)
email := r.FormValue("Email")
password := r.FormValue("Password")
passwordAgain := r.FormValue("PasswordAgain")
_, err := model.NewUserStore(db).Signup(nil, email, password, passwordAgain)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
// Perform login
PostLogin(w, r)
}
func GetHome(w http.ResponseWriter, r *http.Request, params httprouter.Params) {
w.Header().Set("Content-Type", "text/html")
currentUser := &model.UserRow{}
data := struct {
CurrentUser *model.UserRow
}{
currentUser,
}
tmpl, err := template.ParseFiles("templates/dashboard.html.tmpl", "templates/home.html.tmpl")
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
tmpl.Execute(w, data)
}
func DeleteUsersID(w http.ResponseWriter, r *http.Request) {
err := errors.New("DELETE method is not implemented.")
libhttp.HandleErrorJson(w, err)
return
}