Esempio n. 1
0
func Auth_Verify_GET(rw http.ResponseWriter, req *http.Request) {
	ac := req.FormValue("ac")
	reset_s := req.FormValue("r")
	email := req.FormValue("e")

	var userID int64
	var ak []byte
	var verified bool
	var isAdmin bool
	err := GetBackend(req).GetDatabase().QueryRow("SELECT node_id, ak, is_admin, email_verified FROM \"n_user\" WHERE email=$1 LIMIT 1", email).Scan(&userID, &ak, &isAdmin, &verified)
	log.Panice(err, "find ak for e. mail verify")

	if !webac.VerifyFor("verify-email/"+reset_s+"/"+email, ac, ak) {
		rw.WriteHeader(400)
		tpl.MustShow(req, "front/400", nil)
		return
	}

	if !verified {
		_, err = dbutil.UpdateKV(GetBackend(req).GetDatabase(), "n_user", dbutil.Set{"email_verified": true}, dbutil.Where{"node_id": userID})
		log.Panice(err)
	}

	if reset_s == "1" {
		_, err = rand.Read(ak)
		log.Panice(err)

		_, err = dbutil.UpdateKV(GetBackend(req).GetDatabase(), "n_user", dbutil.Set{"ak": ak}, dbutil.Where{"node_id": userID})
	}

	// log user in
	if reset_s == "0" {
		if verified {
			// non-reset links cannot be used to get a free login to an already-verified account
			rw.WriteHeader(400)
			tpl.MustShow(req, "front/400", nil)
			return
		}

		session.AddFlash(req, session.Flash{
			Severity: "success",
			Msg:      "Your e. mail address has been verified.",
		})
	} else {
		session.Set(req, "must_change_password", true)
	}
	session.Set(req, "user_id", int(userID))
	session.Set(req, "user_ak", ak)
	session.Set(req, "user_is_admin", isAdmin)
	session.Bump(req)

	miscctx.SeeOther(req, "/panel")
}
Esempio n. 2
0
func Handler(errorCode int) http.Handler {
	tplName := fmt.Sprintf("error/%d", errorCode)

	return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
		rw.WriteHeader(errorCode)
		tpl.MustShow(req, tplName, nil)
	})
}
Esempio n. 3
0
func (fstate *State) MustShow(tplName string, args map[string]interface{}) {
	if args == nil {
		args = map[string]interface{}{}
	}

	args["f"] = fstate.f
	args["errors"] = &fstate.Errors
	tpl.MustShow(fstate.req, tplName, args)
}
Esempio n. 4
0
func Auth_Register_GET(rw http.ResponseWriter, req *http.Request) {
	args := map[string]interface{}{}

	if registerCAPTCHAFlag.Value() {
		ct, ok := session.Get(req, "captchaTime")
		if !ok || !solvedRecently(ct.(time.Time)) {
			inst := GetBackend(req).GetCAPTCHA().NewInstance()
			captchaKey := GetBackend(req).GetCAPTCHA().Key(&inst)
			args["captchaKey"] = captchaKey
		}
	}

	tpl.MustShow(req, "auth/register", args)
}
Esempio n. 5
0
func Auth_Login_GET(rw http.ResponseWriter, req *http.Request) {
	tpl.MustShow(req, "auth/login", nil)
}
Esempio n. 6
0
func Auth_ChangeEmail_GET(rw http.ResponseWriter, req *http.Request) {
	tpl.MustShow(req, "auth/chemail", nil)
}
Esempio n. 7
0
func Auth_ChangePassword_GET(rw http.ResponseWriter, req *http.Request) {
	tpl.MustShow(req, "auth/chpw", map[string]interface{}{
		"must_change_password": session.Bool(req, "must_change_password", false),
	})
}
Esempio n. 8
0
func Auth_LostPW_GET(rw http.ResponseWriter, req *http.Request) {
	tpl.MustShow(req, "auth/lostpw", nil)
}