func SignupActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { session, validAuth, httperr := auth.CheckSession(r) if !validAuth || !auth.ValidCSRF(r, session, false) || httperr != nil { http.Redirect(w, r, paths.SignupPath, http.StatusUnauthorized) return } ss := auth.GetSetSession(w, r, session) if ss == nil { views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError) return } reg := &Signup{ First: r.PostFormValue("_fname"), Last: r.PostFormValue("_lname"), Email: r.PostFormValue("_email"), School: r.PostFormValue("_school"), State: r.PostFormValue("_state"), } if err := reg.validate(); err != nil { views.RenderTemplate(w, r, reload.Signup, http.StatusOK, &SignupData{ ss.CSRFToken, err.Error(), }) return } reg.Store() http.Redirect(w, r, paths.ThankYouPath, http.StatusFound) }
// LogoutActionHandler handles POST requests to "/logout/" func LogoutActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { session, validAuth, httperr := auth.CheckSession(r) if httperr != nil { views.RenderTemplate(w, r, reload.ErrorPage, httperr.Status, httperr) return } if !validAuth || !auth.ValidCSRF(r, session, false) { http.Redirect(w, r, paths.LoginPath, http.StatusFound) return } if !auth.DestroySession(w, r) { glog.Errorln(auth.ErrUnableToLogOut) views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, auth.ErrUnableToLogOut) return } http.Redirect(w, r, paths.IndexPath, http.StatusFound) }