// RegisterHandler registers a new user
func RegisterHandler(w http.ResponseWriter, r *http.Request) {
if r.Method == "POST" {
name := strings.TrimSpace(r.FormValue("name"))
email := strings.TrimSpace(r.FormValue("email"))
password := r.FormValue("password")
// If email or password are blank then redirect to register page
// TODO: provide a sensible error to people so they understand what
// they did wrong.
if email == "" || password == "" {
render.Redirect(w, r, "/register")
return
}
// Check to see if person already exists by attempting to log them in.
passwordHash := crypto.PasswordHash(password)
user, err := Authenticate(email, password, w, r)
// If they do exist, redirect them home else create a new user and
// log them into the site.
if user != nil {
render.Redirect(w, r, "/")
return
}
key := crypto.UniqueHash(name)
user = &User{Key: key, Name: name, Email: email, Password: passwordHash}
err = repo.Insert(user)
render.Check(err, w)
// Auth user and redirect them
user, _ = Authenticate(email, password, w, r)
render.Redirect(w, r, "/")
return
}
render.Render(w, r, "auth_register", nil)
}
// LoginHandler logs a user in
func LoginHandler(w http.ResponseWriter, r *http.Request) {
if r.Method == "POST" {
email := strings.TrimSpace(r.FormValue("email"))
password := r.FormValue("password")
u, err := Authenticate(email, password, w, r)
if err != nil {
u = &User{Email: email}
render.RenderTemplate(w, "auth_register", map[string]interface{}{
"request": r,
"user": u,
})
return
}
render.Redirect(w, r, "/")
return
}
render.RenderTemplate(w, "auth_login", nil)
}
// LoginRequired allows you to check for a logged in user on any handler
func LoginRequired(fn func(http.ResponseWriter, *http.Request)) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
key, err := GetAuthenticatedUserKey(r)
_, err = repo.Get(key)
if err != nil {
Deauthenticate(w, r)
}
if IsAuthenticated(r) {
fn(w, r)
return
}
if render.IsJSONRequest(r) {
render.RenderJSON(w, map[string]interface{}{
"error": "User not authenticated",
})
} else {
render.Redirect(w, r, "/register")
}
}
}
func oneOnOneHandler(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
hash := vars["hash"]
user1, _ := auth.GetAuthenticatedUser(r)
user2, err := authRepo.Get(hash)
render.Check(err, w)
// Create a one-on-one room between the logged in user and the clicked on
// user if the room doesn't already exist.
room, err := roomRepo.LoadOneOnOne(user1.Key, user2.Key)
if err != nil {
roomHash := rooms.GenerateOneOnOneHash(user1.Key, user2.Key)
room = &rooms.Room{Hash: roomHash, Name: roomHash, Kind: rooms.OneOnOne, Folder: "", Created: time.Now()}
err = roomRepo.Save(room)
render.Check(err, w)
rooms.JoinRoom(roomHash, user1.Key)
rooms.JoinRoom(roomHash, user2.Key)
}
render.Redirect(w, r, "/r/"+room.Hash)
}
func roomHandler(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
hash := vars["hash"]
userHash, _ := auth.GetAuthenticatedUserKey(r)
room, err := roomRepo.Load(hash)
render.Check(err, w)
// If this is a private one-on-one room check whether the logged
// in user is part of that room. If not, then they shouldn't be
// able to view this room.
if room.Kind == rooms.OneOnOne {
_, err := roomMemberRepo.Load(room.Hash, userHash)
if err != nil {
render.Redirect(w, r, "/")
return
}
}
messages, err := messageRepo.List(hash, 20)
render.Check(err, w)
members, err := roomMemberRepo.ListMembers(room.Hash)
render.Check(err, w)
isMember, _ := roomMemberRepo.Load(room.Hash, userHash)
render.Render(w, r, "room", map[string]interface{}{
"request": r,
"room": room,
"messages": messages,
"members": members,
"isMember": isMember,
})
}