コード例 #1
0
ファイル: auth.go プロジェクト: vichetuc/lov3lyme
func ChangePasswordToken(w http.ResponseWriter, req *http.Request, ctx *models.Context) error {
	go models.RemoveOldPasswordTokens()
	// should not be logged in
	if ctx.User != nil {
		ctx.Session.AddFlash(models.F(models.SUCCESS, trans("You can change password normally!", ctx)))
		http.Redirect(w, req, reverse("index"), http.StatusSeeOther)
		return nil
	}
	uuid := req.URL.Query().Get(":uuid")
	if uuid == "" {
		return perform_status(w, req, http.StatusForbidden)
	}
	pt := &models.PasswordToken{}
	if err := ctx.C(PT).FindId(uuid).One(&pt); err != nil {
		ctx.Session.AddFlash(models.F(models.SUCCESS, trans("Password token expired!", ctx)))
		http.Redirect(w, req, reverse("index"), http.StatusSeeOther)
		return nil
	}

	if req.FormValue("csrf_token") != ctx.Session.Values["csrf_token"] {
		return perform_status(w, req, http.StatusForbidden)
	}
	new_pass := req.FormValue("password1")
	if len(new_pass) < 5 {
		ctx.Session.AddFlash(models.F(models.ERROR, trans("Passwords too short (5 chars or more)", ctx)))
		return ChangePasswordForm(w, req, ctx)
	}
	vfy_pass := req.FormValue("password2")
	if new_pass != vfy_pass {
		ctx.Session.AddFlash(models.F(models.ERROR, trans("Password did not match", ctx)))
		return ChangePasswordForm(w, req, ctx)
	}
	hpass, err := models.EncryptPassword(new_pass)
	if err != nil {
		return internal_error(w, req, err.Error())
	}
	// set new password to database
	if err := ctx.C(U).UpdateId(pt.User, bson.M{"$set": bson.M{"password": hpass}}); err != nil {
		ctx.Session.AddFlash(models.F(models.ERROR, trans("Problem changing password:"******"user"] = pt.User
	// delete password token
	if err := ctx.C(PT).RemoveId(pt.Uuid); err != nil {
		models.Log("error deleting password token: ", err.Error())
	}
	ctx.Session.AddFlash(models.F(models.SUCCESS, trans("Password changed succesfully!", ctx)))
	http.Redirect(w, req, reverse("index"), http.StatusSeeOther)
	return nil
}
コード例 #2
0
ファイル: auth.go プロジェクト: vichetuc/lov3lyme
func ChangePassword(w http.ResponseWriter, req *http.Request, ctx *models.Context) error {
	if ctx.User == nil {
		http.Redirect(w, req, reverse("login"), http.StatusSeeOther)
		return nil
	}
	if req.FormValue("csrf_token") != ctx.Session.Values["csrf_token"] {
		return perform_status(w, req, http.StatusForbidden)
	}
	old_pass := req.FormValue("password")
	u := models.User{}
	if err := ctx.C(U).Find(bson.M{"email": ctx.User.Email}).One(&u); err != nil {
		return perform_status(w, req, http.StatusNotFound)
	}
	if len(u.Password) > 0 { // if the account was not created with social auth
		err := bcrypt.CompareHashAndPassword(u.Password, []byte(old_pass))
		if err != nil {
			ctx.Session.AddFlash(models.F(models.ERROR, trans("Invalid Old Password", ctx)))
			return ChangePasswordForm(w, req, ctx)
		}
	}

	new_pass := req.FormValue("password1")
	if len(new_pass) < 5 {
		ctx.Session.AddFlash(models.F(models.ERROR, trans("Passwords too short (5 chars or more)", ctx)))
		return ChangePasswordForm(w, req, ctx)
	}
	vfy_pass := req.FormValue("password2")
	if new_pass != vfy_pass {
		ctx.Session.AddFlash(models.F(models.ERROR, trans("Password did not match", ctx)))
		return ChangePasswordForm(w, req, ctx)
	}
	hpass, err := models.EncryptPassword(new_pass)
	if err != nil {
		return internal_error(w, req, err.Error())
	}
	// set new password to database
	if err := ctx.C(U).UpdateId(ctx.User.Id, bson.M{"$set": bson.M{"password": hpass}}); err != nil {
		ctx.Session.AddFlash(models.F(models.ERROR, trans("Problem changing password:"******"Password changed succesfully!", ctx)))
	http.Redirect(w, req, reverse("index"), http.StatusSeeOther)
	return nil
}
コード例 #3
0
ファイル: auth.go プロジェクト: vichetuc/lov3lyme
func Register(w http.ResponseWriter, req *http.Request, ctx *models.Context) error {
	if ctx.User != nil {
		http.Redirect(w, req, reverse("logout"), http.StatusSeeOther)
		return nil
	}
	if req.FormValue("csrf_token") != ctx.Session.Values["csrf_token"] {
		return perform_status(w, req, http.StatusForbidden)
	}
	ctx.Data["title"] = "Register"
	r := (&models.UserForm).Load(req)
	ctx.Data["result"] = r
	if len(r.Errors) != 0 {
		return RegisterForm(w, req, ctx)
	}
	u := r.Value.(map[string]interface{})
	password1 := u["password1"].(string)
	if len(password1) < 5 {
		r.Errors["password1"] = errors.New("Passwords too short (5 chars or more)")
	}
	password2 := u["password2"].(string)
	if password2 != password1 {
		r.Errors["password2"] = errors.New("Passwords do not match")
	}
	gender := u["gender"].(string)
	if gender != "m" && gender != "f" {
		r.Errors["gender"] = errors.New("Please select Male or Female")
	}
	now := time.Now()
	oldest := time.Date(now.Year()-120, 1, 1, 0, 0, 0, 0, time.UTC)
	bDate := u["birthdate"].(time.Time)
	if bDate.Before(oldest) || bDate.After(now) {
		r.Errors["birthdate"] = errors.New("Invalid birth date")
	}
	if len(r.Errors) != 0 {
		return RegisterForm(w, req, ctx)
	}
	if r.Err != nil {
		ctx.Session.AddFlash(models.F(models.ERROR, trans("Problem registering user:"******"captchaId"), req.FormValue("captchaSolution")) {
		ctx.Session.AddFlash(models.F(models.ERROR, trans("The control numbers do not match!", ctx)))
		return RegisterForm(w, req, ctx)
	}
	pass, err := models.EncryptPassword(u["password1"].(string))
	if err != nil {
		return internal_error(w, req, err.Error()) // bcrypt errors on invalid costs
	}
	u["password"] = pass
	delete(u, "password1")
	delete(u, "password2")
	u["_id"] = bson.NewObjectId()
	u["avatar"] = gravatar.UrlSize(u["email"].(string), 80)
	if err := ctx.C("users").Insert(u); err != nil {
		ctx.Session.AddFlash(models.F(models.ERROR, trans("Problem registering user:"******"user"] = u["_id"]
	ctx.Session.AddFlash(models.F(models.SUCCESS, trans("Welcome to lov3ly.me!", ctx)))
	http.Redirect(w, req, reverse("index"), http.StatusSeeOther)
	return nil
}