func (controller *usersController) newPost(rw http.ResponseWriter, req *http.Request) (int, error) { err := req.ParseForm() if err != nil { return http.StatusInternalServerError, err } decoder := schema.NewDecoder() // Ignore unknown keys to prevent errors from the CSRF token. decoder.IgnoreUnknownKeys(true) formUser := new(viewmodels.UsersEditViewModel) err = decoder.Decode(formUser, req.PostForm) if err != nil { return http.StatusInternalServerError, err } valErrors := validateUserForm(formUser, false) if len(valErrors) > 0 { isAuthenticated, user := getCurrentUser(rw, req, controller.authorizer) vm := viewmodels.NewUserViewModel(formUser, controller.roles, isAuthenticated, user, valErrors) vm.CsrfField = csrf.TemplateField(req) return http.StatusOK, controller.newTemplate.Execute(rw, vm) } var user httpauth.UserData user.Username = formUser.Username user.Email = formUser.Email password := formUser.Password user.Role = formUser.Role err = controller.authorizer.Register(rw, req, user, password) if err != nil { return http.StatusInternalServerError, err } http.Redirect(rw, req, "/settings/users", http.StatusSeeOther) return http.StatusSeeOther, nil }
func (controller *usersController) newGet(rw http.ResponseWriter, req *http.Request) (int, error) { isAuthenticated, user := getCurrentUser(rw, req, controller.authorizer) userEdit := new(viewmodels.UsersEditViewModel) userEdit.Role = "user" vm := viewmodels.NewUserViewModel(userEdit, controller.roles, isAuthenticated, user, make(map[string]string)) vm.CsrfField = csrf.TemplateField(req) return http.StatusOK, controller.newTemplate.Execute(rw, vm) }