Exemple #1
0
// Reset implemented user password reset.
func (this *ForgotRouter) ResetPost() {
	this.TplNames = "auth/reset.html"

	code := this.GetString(":code")
	this.Data["Code"] = code

	var user models.User

	if auth.VerifyUserResetPwdCode(&user, code) {
		this.Data["Success"] = true

		form := auth.ResetPwdForm{}
		if this.ValidFormSets(&form) == false {
			return
		}

		user.IsActive = true
		user.Rands = models.GetUserSalt()

		if err := auth.SaveNewPassword(&user, form.Password); err != nil {
			beego.Error("ResetPost Save New Password: "******"/login", 302, "ResetSuccess")

	} else {
		this.Data["Success"] = false
	}
}
Exemple #2
0
// Logout implemented user logout page.
func (this *LoginRouter) Logout() {
	auth.LogoutUser(this.Ctx)

	// write flash message
	this.FlashWrite("HasLogout", "true")

	this.Redirect("/login", 302)
}
Exemple #3
0
func (this *BaseAdminRouter) NestPrepare() {
	if this.CheckActiveRedirect() {
		return
	}

	// if user isn't admin, then logout user
	if !this.User.IsAdmin {
		auth.LogoutUser(this.Ctx)
		// write flash message, use .flash.NotPermit
		this.FlashWrite("NotPermit", "true")
		this.Redirect("/login", 302)
		return
	}

	// it's admin and current in admin page
	this.Data["IsAdminPage"] = true

	if app, ok := this.AppController.(ModelPreparer); ok {
		app.ModelPrepare()
		return
	}
}
Exemple #4
0
// Prepare implemented Prepare method for baseRouter.
func (this *BaseRouter) Prepare() {
	if setting.EnforceRedirect {
		// if the host not matching app settings then redirect to AppUrl
		if this.Ctx.Request.Host != setting.AppHost {
			this.Redirect(setting.AppUrl, 302)
			return
		}
	}

	// page start time
	this.Data["PageStartTime"] = time.Now()

	// start session
	this.StartSession()

	// check flash redirect, if match url then end, else for redirect return
	if match, redir := this.CheckFlashRedirect(this.Ctx.Request.RequestURI); redir {
		return
	} else if match {
		this.EndFlashRedirect()
	}

	switch {
	// save logined user if exist in session
	case auth.GetUserFromSession(&this.User, this.CruSession):
		this.IsLogin = true
	// save logined user if exist in remember cookie
	case auth.LoginUserFromRememberCookie(&this.User, this.Ctx):
		this.IsLogin = true
	}

	if this.IsLogin {
		this.IsLogin = true
		this.Data["User"] = &this.User
		this.Data["IsLogin"] = this.IsLogin

		// if user forbided then do logout
		if this.User.IsForbid {
			auth.LogoutUser(this.Ctx)
			this.FlashRedirect("/login", 302, "UserForbid")
			return
		}
	}

	// Setting properties.
	this.Data["AppName"] = setting.AppName
	this.Data["AppVer"] = setting.AppVer
	this.Data["AppUrl"] = setting.AppUrl
	this.Data["AppLogo"] = setting.AppLogo
	this.Data["AvatarURL"] = setting.AvatarURL
	this.Data["IsProMode"] = setting.IsProMode
	this.Data["SearchEnabled"] = setting.SearchEnabled
	this.Data["NativeSearch"] = setting.NativeSearch
	this.Data["SphinxEnabled"] = setting.SphinxEnabled

	// Redirect to make URL clean.
	if this.setLang() {
		i := strings.Index(this.Ctx.Request.RequestURI, "?")
		this.Redirect(this.Ctx.Request.RequestURI[:i], 302)
		return
	}

	// read flash message
	beego.ReadFromRequest(&this.Controller)

	// pass xsrf helper to template context
	xsrfToken := this.Controller.XSRFToken()
	this.Data["xsrf_token"] = xsrfToken
	this.Data["xsrf_html"] = template.HTML(this.Controller.XSRFFormHTML())

	// if method is GET then auto create a form once token
	if this.Ctx.Request.Method == "GET" {
		this.FormOnceCreate()
	}

	if app, ok := this.AppController.(NestPreparer); ok {
		app.NestPrepare()
	}
}