Esempio n. 1
0
func (s *Server) changePassword(w http.ResponseWriter, r *http.Request) {
	user, _ := getUser(r)
	decoder := &decoders.NewPassword{}
	if err := decoders.Decode(r, decoder); err != nil {
		s.abort(w, r, err)
		return
	}

	// validate old password first

	if !user.CheckPassword(decoder.OldPassword) {
		errors := decoders.Errors{
			"oldPassword": "******",
		}
		s.abort(w, r, errors)
		return
	}
	user.SetPassword(decoder.NewPassword)

	if err := s.DB.Users.UpdatePassword(user.Password, user.ID); err != nil {
		s.abort(w, r, err)
		return
	}
	s.Render.Text(w, http.StatusOK, "password updated")
}
Esempio n. 2
0
func (s *Server) recoverPassword(w http.ResponseWriter, r *http.Request) {
	// generate a temp password
	decoder := &decoders.RecoverPassword{}

	if err := decoders.Decode(r, decoder); err != nil {
		s.abort(w, r, err)
		return
	}

	user, err := s.DB.Users.GetByNameOrEmail(decoder.Identifier)
	if err != nil {

		if err == sql.ErrNoRows {
			errors := decoders.Errors{
				"identifier": "No user found matching this email or name",
			}
			s.abort(w, r, errors)
			return
		}
		s.abort(w, r, err)
		return
	}

	tempPassword := generateRandomPassword(6)

	user.SetPassword(tempPassword)

	if err := s.DB.Users.UpdatePassword(user.Password, user.ID); err != nil {
		s.abort(w, r, err)
		return
	}

	data := map[string]string{
		"name":         user.Name,
		"tempPassword": tempPassword,
		"host":         r.Host,
	}

	go func(to string, data map[string]string) {

		err := s.Mailer.SendFromTemplate(
			"*****@*****.**",
			[]string{to},
			"Your new password",
			"recover_password.tmpl",
			data,
		)
		if err != nil {
			s.Log.Error(err)
		}

	}(user.Email, data)

	s.Render.Text(w, http.StatusOK, "password sent")

}
Esempio n. 3
0
func (s *Server) login(w http.ResponseWriter, r *http.Request) {
	decoder := &decoders.Login{}
	if err := decoders.Decode(r, decoder); err != nil {
		s.abort(w, r, err)
		return
	}

	user, err := s.DB.Users.GetByNameOrEmail(decoder.Identifier)
	if err != nil {

		if err == sql.ErrNoRows {
			errors := decoders.Errors{
				"identifier": "No user found matching this name or email",
			}
			s.abort(w, r, errors)
			return
		}
		s.abort(w, r, err)
		return
	}

	if !user.CheckPassword(decoder.Password) {
		errors := decoders.Errors{
			"password": "******",
		}
		s.abort(w, r, errors)
		return
	}

	// get bookmarks & subscriptions
	if user.Bookmarks, err = s.DB.Bookmarks.SelectByUserID(user.ID); err != nil {
		s.abort(w, r, err)
		return
	}
	if user.Subscriptions, err = s.DB.Subscriptions.SelectByUserID(user.ID); err != nil {
		s.abort(w, r, err)
		return
	}

	// login user
	s.setAuthCookie(w, user.ID)

	// tbd: no need to return user!
	s.Render.JSON(w, http.StatusOK, user)

}
Esempio n. 4
0
func (s *Server) signup(w http.ResponseWriter, r *http.Request) {

	decoder := &decoders.Signup{}

	if err := decoders.Decode(r, decoder); err != nil {
		s.abort(w, r, err)
		return
	}

	errors := make(decoders.Errors)
	if exists, _ := s.DB.Users.IsEmail(decoder.Email, 0); exists {
		errors["email"] = "This email address is taken"
	}

	if exists, _ := s.DB.Users.IsName(decoder.Name); exists {
		errors["name"] = "This name is taken"
	}

	if len(errors) > 0 {
		s.abort(w, r, errors)
		return
	}

	// make new user

	user := &models.User{
		Name:  decoder.Name,
		Email: decoder.Email,
	}

	if err := user.SetPassword(decoder.Password); err != nil {
		s.abort(w, r, err)
		return
	}

	if err := s.DB.Users.Create(user); err != nil {
		s.abort(w, r, err)
		return
	}
	s.setAuthCookie(w, user.ID)
	// tbd: no need to return user!
	s.Render.JSON(w, http.StatusCreated, user)
}
Esempio n. 5
0
func changeEmail(s *Server, w http.ResponseWriter, r *http.Request) error {
	user, _ := getUser(r)
	decoder := &decoders.NewEmail{}
	if err := decoders.Decode(r, decoder); err != nil {
		return err
	}

	// does this email exist?
	if exists, _ := s.DB.Users.IsEmail(decoder.Email, user.ID); exists {
		errors := decoders.Errors{
			"email": "This email address is taken",
		}
		return errors
	}

	if err := s.DB.Users.UpdateEmail(decoder.Email, user.ID); err != nil {
		return err
	}
	return s.Render.Text(w, http.StatusOK, "email updated")
}
Esempio n. 6
0
func addChannel(s *Server, w http.ResponseWriter, r *http.Request) error {

	decoder := &decoders.NewChannel{}

	if err := decoders.Decode(r, decoder); err != nil {
		return err
	}

	user, _ := getUser(r)
	channel, err := s.DB.Channels.GetByURL(decoder.URL)
	isNewChannel := false

	if err != nil {
		if isErrNoRows(err) {
			isNewChannel = true
		} else {
			return err
		}
	}

	tx, err := s.DB.Begin()
	if err != nil {
		return err
	}

	if isNewChannel {

		channel = &models.Channel{
			URL: decoder.URL,
		}

		if err := s.Feedparser.Fetch(channel); err != nil {
			if err == feedparser.ErrInvalidFeed {
				err = decoders.Errors{
					"url": "Sorry, we were unable to handle this feed, or the feed did not appear to contain any podcasts.",
				}
			}
			return err
		}

		if err := s.DB.Channels.Create(channel); err != nil {
			return err
		}

		for _, p := range channel.Podcasts {
			p.ChannelID = channel.ID
			if err := s.DB.Podcasts.Create(p); err != nil {
				return err
			}
		}

	}

	if err := s.DB.Subscriptions.Create(channel.ID, user.ID); err != nil {
		return err
	}

	if err := tx.Commit(); err != nil {
		return err
	}

	var status int
	if isNewChannel {
		status = http.StatusCreated
	} else {
		status = http.StatusOK
	}

	return s.Render.JSON(w, status, channel)
}