// checkAdminApproval will check the sessions of the user and see if the user is
// logged in. If the user is not logged in the function will return error. If the
// redirect is true the function also writes a redirect to the response headers.
//
// Member returned is standard read only. If written to, locking need to be done manually.
func checkMemberApproval(w http.ResponseWriter, r *http.Request, redirect bool) (member *git.Member, err error) {
if !auth.IsApprovedUser(r) {
if redirect {
http.Redirect(w, r, pages.FRONTPAGE, 307)
}
err = errors.New("The user is not logged in")
return
}
value, err := sessions.GetSessions(r, sessions.AuthSession, sessions.AccessTokenSessionKey)
if err != nil {
err = errors.New("Error getting access token from sessions")
if redirect {
http.Redirect(w, r, pages.FRONTPAGE, 307)
}
return
}
member, err = git.NewMember(value.(string), true)
if err != nil {
return nil, err
}
if !member.IsComplete() {
if redirect {
http.Redirect(w, r, pages.REGISTER_REDIRECT, 307)
}
err = errors.New("Member got an uncomplete profile, redirecting.")
return
}
return
}
// UpdateMemberHandler is a http handler for updating a users profile data.
func UpdateMemberHandler(w http.ResponseWriter, r *http.Request) {
if r.Method == "POST" {
if r.FormValue("name") == "" || r.FormValue("studentid") == "" || r.FormValue("email") == "" {
http.Redirect(w, r, pages.REGISTER_REDIRECT, 307)
return
}
if !auth.IsApprovedUser(r) {
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
value, err := sessions.GetSessions(r, sessions.AuthSession, sessions.AccessTokenSessionKey)
if err != nil {
log.Println("Error getting access token from sessions: ", err)
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
member, err := git.NewMember(value.(string), false)
if err != nil {
log.Println(err.Error())
http.Error(w, err.Error(), 500)
return
}
defer func() {
if err := member.Save(); err != nil {
member.Unlock()
log.Println("Error storing:", err)
}
}()
member.Name = r.FormValue("name")
studentid, err := strconv.Atoi(r.FormValue("studentid"))
if err != nil {
log.Println("studentid atoi error: ", err)
http.Redirect(w, r, pages.REGISTER_REDIRECT, 307)
return
}
member.StudentID = studentid
email, err := mail.ParseAddress(r.FormValue("email"))
if err != nil {
log.Println("Parsing email error: ", err)
http.Redirect(w, r, pages.REGISTER_REDIRECT, 307)
return
}
member.Email = email
http.Redirect(w, r, pages.HOMEPAGE, 307)
} else {
http.Error(w, "This is not the page you are looking for!\n", 404)
}
}
// ProfileHandler is a http handler which writes back a page about the
// users profile settings. The page can also be used to edit profile data.
func ProfileHandler(w http.ResponseWriter, r *http.Request) {
if !auth.IsApprovedUser(r) {
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
value, err := sessions.GetSessions(r, sessions.AuthSession, sessions.AccessTokenSessionKey)
if err != nil {
log.Println("Error getting access token from sessions: ", err)
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
m, err := git.NewMember(value.(string), true)
if err != nil {
log.Println(err.Error())
http.Error(w, err.Error(), 500)
return
}
// Level calculations
lvlPoint := levels.RequiredForLevel(m.Level - 1)
nextLvlPoint := levels.RequiredForLevel(m.Level)
diffPointsNextLvl := nextLvlPoint - lvlPoint
diffUser := diffPointsNextLvl - (m.TotalScore - lvlPoint)
percentDone := 100 - int(float64(diffUser)/float64(diffPointsNextLvl)*100)
if percentDone > 100 {
percentDone = 100
} else if percentDone < 0 {
percentDone = 0
}
view := ProfileView{
StdTemplate: StdTemplate{
Member: m,
OptinalHeadline: true,
},
PointsToNextLvl: diffUser,
PercentLvlComplete: percentDone,
MissingName: m.Name == "",
MissingStudentID: m.StudentID == 0,
MissingEmail: m.Email == nil,
}
execTemplate("profile.html", w, view)
}
func githubOauthHandler(w http.ResponseWriter, r *http.Request) {
if r.Method == "GET" {
Clientid := global.OAuthClientID
clientsecret := global.OAuthClientSecret
getvalues := r.URL.Query()
code := getvalues.Get("code")
errstr := getvalues.Get("error")
if len(errstr) > 0 {
log.Println("OAuth error: " + errstr)
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
postdata := []byte("client_id=" + Clientid + "&client_secret=" + clientsecret + "&code=" + code)
requrl := "https://github.com/login/oauth/access_token"
req, err := http.NewRequest("POST", requrl, bytes.NewBuffer(postdata))
if err != nil {
log.Println("Echange error with github: ", err)
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
log.Println("Echange error with github: ", err)
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
data, err := ioutil.ReadAll(resp.Body)
if err != nil {
log.Println("Read error: ", err)
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
q, err := url.ParseQuery(string(data))
if err != nil {
log.Println("Data error from github: ", err)
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
accessToken := q.Get("access_token")
errstr = q.Get("error")
approved := false
if len(errstr) > 0 {
log.Println("Access token error: " + errstr)
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
approved = true
scope := q.Get("scope")
if scope != "" {
m, err := git.NewMember(accessToken, false)
if err != nil {
log.Println("Could not open Member object:", err)
http.Redirect(w, r, pages.FRONTPAGE, 307)
return
}
m.Scope = scope
err = m.Save()
if err != nil {
m.Unlock()
}
}
sessions.SetSessions(w, r, sessions.AuthSession, sessions.ApprovedSessionKey, approved)
sessions.SetSessionsAndRedirect(w, r, sessions.AuthSession, sessions.AccessTokenSessionKey, accessToken, pages.HOMEPAGE)
} else {
http.Redirect(w, r, pages.FRONTPAGE, 400)
}
}
