// Reset implemented user password reset.
func (this *ForgotRouter) ResetPost() {
this.TplNames = "auth/reset.html"
code := this.GetString(":code")
this.Data["Code"] = code
var user models.User
if auth.VerifyUserResetPwdCode(&user, code) {
this.Data["Success"] = true
form := auth.ResetPwdForm{}
if this.ValidFormSets(&form) == false {
return
}
user.IsActive = true
user.Rands = models.GetUserSalt()
if err := auth.SaveNewPassword(&user, form.Password); err != nil {
beego.Error("ResetPost Save New Password: "******"/login", 302, "ResetSuccess")
} else {
this.Data["Success"] = false
}
}
// Logout implemented user logout page.
func (this *LoginRouter) Logout() {
auth.LogoutUser(this.Ctx)
// write flash message
this.FlashWrite("HasLogout", "true")
this.Redirect("/login", 302)
}
func (this *BaseAdminRouter) NestPrepare() {
if this.CheckActiveRedirect() {
return
}
// if user isn't admin, then logout user
if !this.User.IsAdmin {
auth.LogoutUser(this.Ctx)
// write flash message, use .flash.NotPermit
this.FlashWrite("NotPermit", "true")
this.Redirect("/login", 302)
return
}
// it's admin and current in admin page
this.Data["IsAdminPage"] = true
if app, ok := this.AppController.(ModelPreparer); ok {
app.ModelPrepare()
return
}
}
// Prepare implemented Prepare method for baseRouter.
func (this *BaseRouter) Prepare() {
if setting.EnforceRedirect {
// if the host not matching app settings then redirect to AppUrl
if this.Ctx.Request.Host != setting.AppHost {
this.Redirect(setting.AppUrl, 302)
return
}
}
// page start time
this.Data["PageStartTime"] = time.Now()
// start session
this.StartSession()
// check flash redirect, if match url then end, else for redirect return
if match, redir := this.CheckFlashRedirect(this.Ctx.Request.RequestURI); redir {
return
} else if match {
this.EndFlashRedirect()
}
switch {
// save logined user if exist in session
case auth.GetUserFromSession(&this.User, this.CruSession):
this.IsLogin = true
// save logined user if exist in remember cookie
case auth.LoginUserFromRememberCookie(&this.User, this.Ctx):
this.IsLogin = true
}
if this.IsLogin {
this.IsLogin = true
this.Data["User"] = &this.User
this.Data["IsLogin"] = this.IsLogin
// if user forbided then do logout
if this.User.IsForbid {
auth.LogoutUser(this.Ctx)
this.FlashRedirect("/login", 302, "UserForbid")
return
}
}
// Setting properties.
this.Data["AppName"] = setting.AppName
this.Data["AppVer"] = setting.AppVer
this.Data["AppUrl"] = setting.AppUrl
this.Data["AppLogo"] = setting.AppLogo
this.Data["AvatarURL"] = setting.AvatarURL
this.Data["IsProMode"] = setting.IsProMode
this.Data["SearchEnabled"] = setting.SearchEnabled
this.Data["NativeSearch"] = setting.NativeSearch
this.Data["SphinxEnabled"] = setting.SphinxEnabled
// Redirect to make URL clean.
if this.setLang() {
i := strings.Index(this.Ctx.Request.RequestURI, "?")
this.Redirect(this.Ctx.Request.RequestURI[:i], 302)
return
}
// read flash message
beego.ReadFromRequest(&this.Controller)
// pass xsrf helper to template context
xsrfToken := this.Controller.XSRFToken()
this.Data["xsrf_token"] = xsrfToken
this.Data["xsrf_html"] = template.HTML(this.Controller.XSRFFormHTML())
// if method is GET then auto create a form once token
if this.Ctx.Request.Method == "GET" {
this.FormOnceCreate()
}
if app, ok := this.AppController.(NestPreparer); ok {
app.NestPrepare()
}
}
