func (controller *profileController) post(rw http.ResponseWriter, req *http.Request) (int, error) { err := req.ParseForm() if err != nil { return http.StatusInternalServerError, err } decoder := schema.NewDecoder() // Ignore unknown keys to prevent errors from the CSRF token. decoder.IgnoreUnknownKeys(true) formUser := new(viewmodels.ProfileEditViewModel) err = decoder.Decode(formUser, req.PostForm) if err != nil { return http.StatusInternalServerError, err } valErrors := validateProfileForm(formUser, true) if len(valErrors) > 0 { isAuthenticated, user := getCurrentUser(rw, req, controller.authorizer) vm := viewmodels.EditProfileViewModel(formUser, isAuthenticated, user, valErrors) vm.CsrfField = csrf.TemplateField(req) return http.StatusOK, controller.template.Execute(rw, vm) } // Update the user. err = controller.authorizer.Update(rw, req, "", formUser.Password, formUser.Email) if err != nil { return http.StatusInternalServerError, err } http.Redirect(rw, req, "/", http.StatusSeeOther) return http.StatusSeeOther, nil }
func (controller *profileController) get(rw http.ResponseWriter, req *http.Request) (int, error) { isAuthenticated, user := getCurrentUser(rw, req, controller.authorizer) // Get the user to edit editUser, err := controller.authBackend.User(user.Username) if err != nil { return http.StatusInternalServerError, err } userEdit := new(viewmodels.ProfileEditViewModel) userEdit.Email = editUser.Email vm := viewmodels.EditProfileViewModel(userEdit, isAuthenticated, user, make(map[string]string)) vm.CsrfField = csrf.TemplateField(req) return http.StatusOK, controller.template.Execute(rw, vm) }