func (c PortalController) authorized() (interface{}, bool) {
if secret, ok := c.Session["secret"]; ok {
remote, _, _ := net.SplitHostPort(c.Request.RemoteAddr)
forward := c.Request.Header.Get("X-Forwarded-For")
if forward != "" {
remote = forward
}
token, err := HitSystemToken(secret, remote)
if err != nil {
revel.WARN.Printf("authorized failed: %s", err.Error())
return nil, false
}
var account models.SystemAccount
account.ID = token.SystemAccountID
if err := db.First(&account).Error; err != nil {
return nil, false
}
c.RenderArgs["account"] = &account
return &token, true
}
return nil, false
}
func (c AuthController) PasswordPost() revel.Result {
revel.INFO.Printf("POST > /auth.password ...")
accountID, ok := c.Session["account"]
if !ok {
c.Flash.Error("please login first.")
return c.Redirect(routes.AuthController.Login())
}
var account models.SystemAccount
account.ID = models.DecodeID(accountID)
if err := db.First(&account).Error; err != nil {
c.Flash.Error("please login first: fake session.")
return c.Redirect(routes.AuthController.Login())
}
var old_password, new_password, new_password2 string
c.Params.Bind(&old_password, "old_password")
c.Params.Bind(&new_password, "new_password")
c.Params.Bind(&new_password2, "new_password2")
if new_password != new_password2 {
c.Flash.Error("new password not equal")
return c.Redirect(routes.AuthController.Password())
}
//! params validation check
c.Validation.Required(old_password)
c.Validation.Required(new_password)
if c.Validation.HasErrors() {
// Store the validation errors in the flash context and redirect.
c.Validation.Keep()
c.FlashParams()
return c.Redirect(routes.AuthController.Password())
}
tx := db.Begin()
account.Password = new_password
if err := tx.Model(&account).Update("password", models.SystemAccountCipher(&account).Password).Error; err != nil {
tx.Rollback()
c.Flash.Error("reset password:"******"auth.password updated success.")
return c.Redirect(routes.PortalController.Index())
}