//@URL: /sess @method: POST
func (s *SessController) Post() {
restweb.Logger.Debug("User Login")
uid := s.Input.Get("user[handle]")
pwd := s.Input.Get("user[password]")
userModel := model.UserModel{}
ret, err := userModel.Login(uid, pwd)
if err != nil {
restweb.Logger.Debug(err)
s.Error(err.Error(), 500)
return
}
if ret.Uid == "" {
s.W.WriteHeader(400)
} else {
s.SetSession("Uid", uid)
s.SetSession("Privilege", strconv.Itoa(ret.Privilege))
s.W.WriteHeader(201)
// remoteAddr := s.R.Header.Get("X-Real-IP") // if you set niginx as reverse proxy
remoteAddr := strings.Split(s.R.RemoteAddr, ":")[0] // otherwise
userModel.RecordIP(uid, remoteAddr, time.Now().Unix())
}
}
func (this *UserController) Password(w http.ResponseWriter, r *http.Request) {
class.Logger.Debug("User Password")
this.Init(w, r)
ok := 1
hint := make(map[string]string)
hint["uid"] = this.Uid
data := make(map[string]string)
data["oldPassword"] = r.FormValue("user[oldPassword]")
data["newPassword"] = r.FormValue("user[newPassword]")
data["confirmPassword"] = r.FormValue("user[confirmPassword]")
uid := this.Uid
pwd := data["oldPassword"]
userModel := model.UserModel{}
ret, err := userModel.Login(uid, pwd)
if err != nil {
http.Error(w, err.Error(), 500)
return
}
if ret.Uid == "" {
ok, hint["oldPassword"] = 0, "Old Password is Incorrect."
}
if len(data["newPassword"]) < 6 {
ok, hint["newPassword"] = 0, "Password should contain at least six characters."
}
if data["newPassword"] != data["confirmPassword"] {
ok, hint["confirmPassword"] = 0, "Confirmation mismatched."
}
if ok == 1 {
pwd = data["newPassword"]
err := userModel.Password(uid, pwd)
if err != nil {
http.Error(w, err.Error(), 400)
return
}
w.WriteHeader(200)
} else {
w.WriteHeader(400)
}
b, err := json.Marshal(&hint)
if err != nil {
http.Error(w, "json error", 400)
return
}
w.Write(b)
}
//@URL: /account @method: POST
func (uc *UserController) Password() {
restweb.Logger.Debug("User Password")
valid := restweb.Validation{}
uid := uc.Uid
// valid.AppendError("uid", uid)
oldPwd := uc.Input.Get("user[oldPassword]")
newPwd := uc.Input.Get("user[newPassword]")
confirmPwd := uc.Input.Get("user[confirmPassword]")
userModel := model.UserModel{}
ret, err := userModel.Login(uid, oldPwd)
if err != nil {
uc.Error(err.Error(), 500)
return
}
if ret.Uid == "" {
valid.AppendError("oldPassword", "Old Password is Incorrect.")
}
valid.MinSize(newPwd, 6, "newPassword")
valid.Equal(newPwd, confirmPwd, "confirmPassword")
if !valid.HasError {
err := userModel.Password(uid, newPwd)
if err != nil {
uc.Error(err.Error(), 400)
return
}
uc.W.WriteHeader(200)
} else {
uc.W.WriteHeader(400)
}
hint := valid.RenderErrMap()
b, _ := json.Marshal(&hint)
uc.W.Write(b)
}
func (this *UserController) Login(w http.ResponseWriter, r *http.Request) {
class.Logger.Debug("User Login")
this.Init(w, r)
uid := r.FormValue("user[handle]")
pwd := r.FormValue("user[password]")
userModel := model.UserModel{}
ret, err := userModel.Login(uid, pwd)
if err != nil {
class.Logger.Debug(err)
http.Error(w, err.Error(), 500)
return
}
if ret.Uid == "" {
w.WriteHeader(400)
} else {
this.SetSession(w, r, "Uid", uid)
this.SetSession(w, r, "Privilege", strconv.Itoa(ret.Privilege))
w.WriteHeader(200)
}
return
}
