// PostLogin performs login.
func PostLogin(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
db := context.Get(r, "db").(*sqlx.DB)
cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore)
email := r.FormValue("Email")
password := r.FormValue("Password")
u := dal.NewUser(db)
user, err := u.GetUserByEmailAndPassword(nil, email, password)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
session, _ := cookieStore.Get(r, "fpc-session")
session.Values["user"] = user
err = session.Save(r, w)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
http.Redirect(w, r, "/home", 302)
}
func PutUsersID(w http.ResponseWriter, r *http.Request) {
userId, err := getIdFromPath(w, r)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
db := context.Get(r, "db").(*sqlx.DB)
cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore)
session, _ := cookieStore.Get(r, "fpc-session")
currentUser := session.Values["user"].(*dal.UserRow)
if currentUser.ID != userId {
err := errors.New("Modifying other user is not allowed.")
libhttp.HandleErrorJson(w, err)
return
}
email := r.FormValue("Email")
password := r.FormValue("Password")
passwordAgain := r.FormValue("PasswordAgain")
u := dal.NewUser(db)
currentUser, err = u.UpdateEmailAndPasswordById(nil, currentUser.ID, email, password, passwordAgain)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
// Update currentUser stored in session.
session.Values["user"] = currentUser
err = session.Save(r, w)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
http.Redirect(w, r, "/", 302)
}
func GetLoginWithoutSession(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
tmpl, err := template.ParseFiles("templates/users/login-signup-parent.html.tmpl", "templates/users/login.html.tmpl")
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
tmpl.Execute(w, nil)
}
func PostProduct(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
db := context.Get(r, "db").(*sqlx.DB)
name := r.FormValue("Name")
roastDate, err := time.Parse("2006-01-02 03:04", r.FormValue("RoastDate"))
description := r.FormValue("Description")
price, err := strconv.ParseFloat(r.FormValue("Price"), 64)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
_, err = dal.NewProduct(db).InsertNewProduct(nil, name, description, roastDate, price)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
http.Redirect(w, r, "/schedule", 302)
}
func PostSignup(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
db := context.Get(r, "db").(*sqlx.DB)
email := r.FormValue("Email")
password := r.FormValue("Password")
passwordAgain := r.FormValue("PasswordAgain")
_, err := dal.NewUser(db).Signup(nil, email, password, passwordAgain)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
// Perform login
PostLogin(w, r)
}
func GetSchedule(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
db := context.Get(r, "db").(*sqlx.DB)
p := dal.NewProduct(db)
products, err := p.AllProducts(nil)
data := struct {
ProductRows []*dal.ProductRow
}{
products,
}
tmpl, err := template.ParseFiles("templates/schedule.html.tmpl", "templates/home.html.tmpl")
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
tmpl.Execute(w, data)
}
func DeleteUsersID(w http.ResponseWriter, r *http.Request) {
err := errors.New("DELETE method is not implemented.")
libhttp.HandleErrorJson(w, err)
return
}