// PostLogin performs login. func PostLogin(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") db := context.Get(r, "db").(*sqlx.DB) cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore) email := r.FormValue("Email") password := r.FormValue("Password") u := model.NewUserStore(db) user, err := u.GetUserByEmailAndPassword(nil, email, password) if err != nil { libhttp.HandleErrorJson(w, err) return } session, _ := cookieStore.Get(r, "mqserver-session") session.Values["user"] = user err = session.Save(r, w) if err != nil { libhttp.HandleErrorJson(w, err) return } http.Redirect(w, r, "/", 302) }
func PutUsersID(w http.ResponseWriter, r *http.Request) { userId, err := getIdFromPath(w, r) if err != nil { libhttp.HandleErrorJson(w, err) return } db := context.Get(r, "db").(*sqlx.DB) cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore) session, _ := cookieStore.Get(r, "mqserver-session") currentUser := session.Values["user"].(*model.UserRow) if currentUser.ID != userId { err := errors.New("Modifying other user is not allowed.") libhttp.HandleErrorJson(w, err) return } email := r.FormValue("Email") password := r.FormValue("Password") passwordAgain := r.FormValue("PasswordAgain") u := model.NewUserStore(db) currentUser, err = u.UpdateEmailAndPasswordById(nil, currentUser.ID, email, password, passwordAgain) if err != nil { libhttp.HandleErrorJson(w, err) return } // Update currentUser stored in session. session.Values["user"] = currentUser err = session.Save(r, w) if err != nil { libhttp.HandleErrorJson(w, err) return } http.Redirect(w, r, "/", 302) }
func GetLoginWithoutSession(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") tmpl, err := template.ParseFiles("templates/users/users-external.html.tmpl", "templates/users/login.html.tmpl") if err != nil { libhttp.HandleErrorJson(w, err) return } tmpl.Execute(w, nil) }
func PostSignup(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") db := context.Get(r, "db").(*sqlx.DB) email := r.FormValue("Email") password := r.FormValue("Password") passwordAgain := r.FormValue("PasswordAgain") _, err := model.NewUserStore(db).Signup(nil, email, password, passwordAgain) if err != nil { libhttp.HandleErrorJson(w, err) return } // Perform login PostLogin(w, r) }
func GetHome(w http.ResponseWriter, r *http.Request, params httprouter.Params) { w.Header().Set("Content-Type", "text/html") currentUser := &model.UserRow{} data := struct { CurrentUser *model.UserRow }{ currentUser, } tmpl, err := template.ParseFiles("templates/dashboard.html.tmpl", "templates/home.html.tmpl") if err != nil { libhttp.HandleErrorJson(w, err) return } tmpl.Execute(w, data) }
func DeleteUsersID(w http.ResponseWriter, r *http.Request) { err := errors.New("DELETE method is not implemented.") libhttp.HandleErrorJson(w, err) return }