Exemple #1
0
// checkAdminApproval will check the sessions of the user and see if the user is
// logged in. If the user is not logged in the function will return error. If the
// redirect is true the function also writes a redirect to the response headers.
//
// Member returned is standard read only. If written to, locking need to be done manually.
func checkMemberApproval(w http.ResponseWriter, r *http.Request, redirect bool) (member *git.Member, err error) {
	if !auth.IsApprovedUser(r) {
		if redirect {
			http.Redirect(w, r, pages.FRONTPAGE, 307)
		}
		err = errors.New("The user is not logged in")
		return
	}

	value, err := sessions.GetSessions(r, sessions.AuthSession, sessions.AccessTokenSessionKey)
	if err != nil {
		err = errors.New("Error getting access token from sessions")
		if redirect {
			http.Redirect(w, r, pages.FRONTPAGE, 307)
		}
		return
	}

	member, err = git.NewMember(value.(string), true)
	if err != nil {
		return nil, err
	}

	if !member.IsComplete() {
		if redirect {
			http.Redirect(w, r, pages.REGISTER_REDIRECT, 307)
		}
		err = errors.New("Member got an uncomplete profile, redirecting.")
		return
	}

	return
}
Exemple #2
0
// UpdateMemberHandler is a http handler for updating a users profile data.
func UpdateMemberHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method == "POST" {
		if r.FormValue("name") == "" || r.FormValue("studentid") == "" || r.FormValue("email") == "" {
			http.Redirect(w, r, pages.REGISTER_REDIRECT, 307)
			return
		}

		if !auth.IsApprovedUser(r) {
			http.Redirect(w, r, pages.FRONTPAGE, 307)
			return
		}

		value, err := sessions.GetSessions(r, sessions.AuthSession, sessions.AccessTokenSessionKey)
		if err != nil {
			log.Println("Error getting access token from sessions: ", err)
			http.Redirect(w, r, pages.FRONTPAGE, 307)
			return
		}

		member, err := git.NewMember(value.(string), false)
		if err != nil {
			log.Println(err.Error())
			http.Error(w, err.Error(), 500)
			return
		}

		defer func() {
			if err := member.Save(); err != nil {
				member.Unlock()
				log.Println("Error storing:", err)
			}
		}()

		member.Name = r.FormValue("name")
		studentid, err := strconv.Atoi(r.FormValue("studentid"))
		if err != nil {
			log.Println("studentid atoi error: ", err)
			http.Redirect(w, r, pages.REGISTER_REDIRECT, 307)
			return
		}

		member.StudentID = studentid

		email, err := mail.ParseAddress(r.FormValue("email"))
		if err != nil {
			log.Println("Parsing email error: ", err)
			http.Redirect(w, r, pages.REGISTER_REDIRECT, 307)
			return
		}
		member.Email = email

		http.Redirect(w, r, pages.HOMEPAGE, 307)
	} else {
		http.Error(w, "This is not the page you are looking for!\n", 404)
	}
}
Exemple #3
0
// ProfileHandler is a http handler which writes back a page about the
// users profile settings. The page can also be used to edit profile data.
func ProfileHandler(w http.ResponseWriter, r *http.Request) {
	if !auth.IsApprovedUser(r) {
		http.Redirect(w, r, pages.FRONTPAGE, 307)
		return
	}

	value, err := sessions.GetSessions(r, sessions.AuthSession, sessions.AccessTokenSessionKey)
	if err != nil {
		log.Println("Error getting access token from sessions: ", err)
		http.Redirect(w, r, pages.FRONTPAGE, 307)
		return
	}

	m, err := git.NewMember(value.(string), true)
	if err != nil {
		log.Println(err.Error())
		http.Error(w, err.Error(), 500)
		return
	}

	// Level calculations
	lvlPoint := levels.RequiredForLevel(m.Level - 1)
	nextLvlPoint := levels.RequiredForLevel(m.Level)
	diffPointsNextLvl := nextLvlPoint - lvlPoint
	diffUser := diffPointsNextLvl - (m.TotalScore - lvlPoint)
	percentDone := 100 - int(float64(diffUser)/float64(diffPointsNextLvl)*100)

	if percentDone > 100 {
		percentDone = 100
	} else if percentDone < 0 {
		percentDone = 0
	}

	view := ProfileView{
		StdTemplate: StdTemplate{
			Member:          m,
			OptinalHeadline: true,
		},
		PointsToNextLvl:    diffUser,
		PercentLvlComplete: percentDone,
		MissingName:        m.Name == "",
		MissingStudentID:   m.StudentID == 0,
		MissingEmail:       m.Email == nil,
	}
	execTemplate("profile.html", w, view)
}
Exemple #4
0
func githubOauthHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		Clientid := global.OAuthClientID
		clientsecret := global.OAuthClientSecret

		getvalues := r.URL.Query()

		code := getvalues.Get("code")
		errstr := getvalues.Get("error")

		if len(errstr) > 0 {
			log.Println("OAuth error: " + errstr)
			http.Redirect(w, r, pages.FRONTPAGE, 307)
			return
		}

		postdata := []byte("client_id=" + Clientid + "&client_secret=" + clientsecret + "&code=" + code)
		requrl := "https://github.com/login/oauth/access_token"
		req, err := http.NewRequest("POST", requrl, bytes.NewBuffer(postdata))
		if err != nil {
			log.Println("Echange error with github: ", err)
			http.Redirect(w, r, pages.FRONTPAGE, 307)
			return
		}
		req.Header.Set("Content-Type", "application/x-www-form-urlencoded")

		client := &http.Client{}
		resp, err := client.Do(req)
		if err != nil {
			log.Println("Echange error with github: ", err)
			http.Redirect(w, r, pages.FRONTPAGE, 307)
			return
		}

		data, err := ioutil.ReadAll(resp.Body)
		if err != nil {
			log.Println("Read error: ", err)
			http.Redirect(w, r, pages.FRONTPAGE, 307)
			return
		}

		q, err := url.ParseQuery(string(data))
		if err != nil {
			log.Println("Data error from github: ", err)
			http.Redirect(w, r, pages.FRONTPAGE, 307)
			return
		}

		accessToken := q.Get("access_token")
		errstr = q.Get("error")
		approved := false

		if len(errstr) > 0 {
			log.Println("Access token error: " + errstr)
			http.Redirect(w, r, pages.FRONTPAGE, 307)
			return
		}

		approved = true

		scope := q.Get("scope")

		if scope != "" {
			m, err := git.NewMember(accessToken, false)
			if err != nil {
				log.Println("Could not open Member object:", err)
				http.Redirect(w, r, pages.FRONTPAGE, 307)
				return
			}

			m.Scope = scope
			err = m.Save()
			if err != nil {
				m.Unlock()
			}
		}

		sessions.SetSessions(w, r, sessions.AuthSession, sessions.ApprovedSessionKey, approved)
		sessions.SetSessionsAndRedirect(w, r, sessions.AuthSession, sessions.AccessTokenSessionKey, accessToken, pages.HOMEPAGE)
	} else {
		http.Redirect(w, r, pages.FRONTPAGE, 400)
	}
}