func signInHandler(ctx *app.Context) {
modal := ctx.FormValue("modal") != ""
d := data(ctx)
if !modal && !d.allowDirectSignIn() && d.hasEnabledSocialSignin() {
// Redirect to the only available social sign-in
ctx.MustRedirectReverse(false, d.enabledSocialAccountTypes()[0].HandlerName)
return
}
from := ctx.FormValue(app.SignInFromParameterName)
signIn := SignIn{From: from}
form := form.New(ctx, &signIn)
if d.allowDirectSignIn() && form.Submitted() && form.IsValid() {
ctx.MustSignIn(asGondolaUser(reflect.ValueOf(signIn.User)))
ctx.RedirectBack()
return
}
user, _ := newEmptyUser(ctx)
data := map[string]interface{}{
"SocialAccountTypes": d.enabledSocialAccountTypes(),
"From": from,
"SignInForm": form,
"SignUpForm": SignUpForm(ctx, user),
"AllowDirectSignIn": d.allowDirectSignIn(),
"AllowRegistration": d.allowRegistration(),
}
tmpl := SignInTemplateName
if modal && SignInModalTemplateName != "" {
tmpl = SignInModalTemplateName
}
ctx.MustExecute(tmpl, data)
}
func jsSignInHandler(ctx *app.Context) {
d := data(ctx)
if !d.allowDirectSignIn() {
ctx.NotFound("")
return
}
signIn := SignIn{}
form := form.New(ctx, &signIn)
if form.Submitted() && form.IsValid() {
user := reflect.ValueOf(signIn.User)
ctx.MustSignIn(asGondolaUser(user))
writeJSONEncoded(ctx, user)
return
}
FormErrors(ctx, form)
}
func ResetHandler(ctx *app.Context) {
d := data(ctx)
if !d.allowDirectSignIn() {
ctx.NotFound("")
return
}
payload := ctx.FormValue("p")
var valid bool
var expired bool
var f *form.Form
var user reflect.Value
var err error
var done bool
if payload != "" {
user, err = decodeResetPayload(ctx, payload)
if err == nil && user.IsValid() {
valid = true
} else {
if err == errResetExpired {
expired = true
}
}
}
if valid {
passwordForm := &PasswordForm{User: user}
f = form.New(ctx, passwordForm)
if f.Submitted() && f.IsValid() {
ctx.Orm().MustSave(user.Interface())
ctx.MustSignIn(asGondolaUser(user))
done = true
}
}
data := map[string]interface{}{
"Valid": valid,
"Expired": expired,
"Done": done,
"User": user,
"PasswordForm": f,
"Payload": payload,
}
ctx.MustExecute(ResetTemplateName, data)
}
func SignUpForm(ctx *app.Context, user reflect.Value) *form.Form {
passwordForm := &PasswordForm{User: user}
acceptForm := &AcceptForm{Accept: true}
return form.New(ctx, user.Interface(), passwordForm, acceptForm)
}
func forgotHandler(ctx *app.Context) {
d := data(ctx)
if !d.allowDirectSignIn() {
ctx.NotFound("")
return
}
var user User
var isEmail bool
var sent bool
var fields struct {
Username string `form:",singleline,label=Username or Email"`
ValidateUsername func(*app.Context) error
}
fields.ValidateUsername = func(c *app.Context) error {
username := Normalize(fields.Username)
isEmail = strings.Contains(username, "@")
var field string
if isEmail {
field = "User.NormalizedEmail"
} else {
field = "User.NormalizedUsername"
}
userVal, userIface := newEmptyUser(ctx)
ok := c.Orm().MustOne(orm.Eq(field, username), userIface)
if !ok {
if isEmail {
return i18n.Errorf("address %q does not belong to any registered user", username)
}
return i18n.Errorf("username %q does not belong to any registered user", username)
}
user = getUserValue(userVal, "User").(User)
if user.Email == "" {
return i18n.Errorf("username %q does not have any registered emails", username)
}
return nil
}
f := form.New(ctx, &fields)
if f.Submitted() && f.IsValid() {
se, err := ctx.App().EncryptSigner(Salt)
if err != nil {
panic(err)
}
values := make(url.Values)
values.Add("u", strconv.FormatInt(user.Id(), 36))
values.Add("t", strconv.FormatInt(time.Now().Unix(), 36))
values.Add("n", stringutil.Random(64))
payload := values.Encode()
p, err := se.EncryptSign([]byte(payload))
if err != nil {
panic(err)
}
abs := ctx.URL()
reset := fmt.Sprintf("%s://%s%s?p=%s", abs.Scheme, abs.Host, ctx.MustReverse(ResetHandlerName), p)
data := map[string]interface{}{
"URL": reset,
}
from := mail.DefaultFrom()
if from == "" {
from = fmt.Sprintf("no-reply@%s", abs.Host)
}
msg := &mail.Message{
To: user.Email,
From: from,
Subject: fmt.Sprintf(ctx.T("Reset your %s password"), d.opts.SiteName),
}
ctx.MustSendMail("reset_password.txt", data, msg)
sent = true
}
data := map[string]interface{}{
"ForgotForm": f,
"IsEmail": isEmail,
"Sent": sent,
"User": user,
}
ctx.MustExecute(ForgotTemplateName, data)
}
