// URL: /signin
// 处理用户登录,如果登录成功,设置Cookie
func signinHandler(w http.ResponseWriter, r *http.Request) {
next := r.FormValue("next")
form := wtforms.NewForm(
wtforms.NewHiddenField("next", next),
wtforms.NewTextField("username", "用户名", "", &wtforms.Required{}),
wtforms.NewPasswordField("password", "密码", &wtforms.Required{}),
)
if r.Method == "POST" {
if form.Validate(r) {
c := db.C("users")
user := User{}
err := c.Find(bson.M{"username": form.Value("username")}).One(&user)
if err != nil {
form.AddError("username", "该用户不存在")
renderTemplate(w, r, "account/signin.html", map[string]interface{}{"form": form})
return
}
if !user.IsActive {
form.AddError("username", "邮箱没有经过验证,如果没有收到邮件,请联系管理员")
renderTemplate(w, r, "account/signin.html", map[string]interface{}{"form": form})
return
}
if user.Password != encryptPassword(form.Value("password")) {
form.AddError("password", "密码和用户名不匹配")
renderTemplate(w, r, "account/signin.html", map[string]interface{}{"form": form})
return
}
session, _ := store.Get(r, "user")
session.Values["username"] = user.Username
session.Save(r, w)
if form.Value("next") == "" {
http.Redirect(w, r, "/", http.StatusFound)
} else {
http.Redirect(w, r, next, http.StatusFound)
}
return
}
}
renderTemplate(w, r, "account/signin.html", map[string]interface{}{"form": form})
}
// URL: /reset/{code}
// 用户点击邮件中的链接,根据code找到对应的用户,设置新密码,修改完成后清除code
func resetPasswordHandler(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
code := vars["code"]
var user User
c := db.C("users")
err := c.Find(bson.M{"resetcode": code}).One(&user)
if err != nil {
message(w, r, "重设密码", `无效的重设密码标记,可能你已经重新设置过了或者链接已经失效,请通过<a href="/forgot_password">忘记密码</a>进行重设密码`, "error")
return
}
form := wtforms.NewForm(
wtforms.NewPasswordField("new_password", "新密码", wtforms.Required{}),
wtforms.NewPasswordField("confirm_password", "确认新密码", wtforms.Required{}),
)
if r.Method == "POST" && form.Validate(r) {
if form.Value("new_password") == form.Value("confirm_password") {
c.Update(
bson.M{"_id": user.Id_},
bson.M{
"$set": bson.M{
"password": encryptPassword(form.Value("new_password")),
"resetcode": "",
},
},
)
message(w, r, "重设密码成功", `密码重设成功,你现在可以 <a href="/signin" class="btn btn-primary">登录</a> 了`, "success")
return
} else {
form.AddError("confirm_password", "密码不匹配")
}
}
renderTemplate(w, r, "account/reset_password.html", map[string]interface{}{"form": form, "code": code, "account": user.Username})
}
// URL /profile
// 用户设置页面,显示用户设置,用户头像,密码修改
func profileHandler(w http.ResponseWriter, r *http.Request) {
user, ok := currentUser(r)
if !ok {
http.Redirect(w, r, "/signin?next=/profile", http.StatusFound)
return
}
profileForm := wtforms.NewForm(
wtforms.NewTextField("email", "电子邮件", user.Email, wtforms.Email{}),
wtforms.NewTextField("website", "个人网站", user.Website),
wtforms.NewTextField("location", "所在地", user.Location),
wtforms.NewTextField("tagline", "签名", user.Tagline),
wtforms.NewTextArea("bio", "个人简介", user.Bio),
)
if r.Method == "POST" {
if profileForm.Validate(r) {
c := db.C("users")
c.Update(bson.M{"_id": user.Id_}, bson.M{"$set": bson.M{"website": profileForm.Value("website"),
"location": profileForm.Value("location"),
"tagline": profileForm.Value("tagline"),
"bio": profileForm.Value("bio"),
}})
http.Redirect(w, r, "/profile", http.StatusFound)
return
}
}
changePasswordForm := wtforms.NewForm(
wtforms.NewPasswordField("current_password", "当前密码"),
wtforms.NewPasswordField("new_password", "新密码"),
wtforms.NewPasswordField("confirm_password", "新密码确认"),
)
renderTemplate(w, r, "account/profile.html", map[string]interface{}{"user": user, "profileForm": profileForm, "changePasswordForm": changePasswordForm})
}
// URL: /signup
// 处理用户注册,要求输入用户名,密码和邮箱
func signupHandler(w http.ResponseWriter, r *http.Request) {
form := wtforms.NewForm(
wtforms.NewTextField("username", "用户名", "", wtforms.Required{}, wtforms.Regexp{Expr: `^[a-zA-Z0-9_]{3,16}$`, Message: "请使用a-z, A-Z, 0-9以及下划线, 长度3-16之间"}),
wtforms.NewPasswordField("password", "密码", wtforms.Required{}),
wtforms.NewTextField("email", "电子邮件", "", wtforms.Required{}, wtforms.Email{}),
)
if r.Method == "POST" {
if form.Validate(r) {
c := db.C("users")
result := User{}
// 检查用户名
err := c.Find(bson.M{"username": form.Value("username")}).One(&result)
if err == nil {
form.AddError("username", "该用户名已经被注册")
renderTemplate(w, r, "account/signup.html", map[string]interface{}{"form": form})
return
}
// 检查邮箱
err = c.Find(bson.M{"email": form.Value("email")}).One(&result)
if err == nil {
form.AddError("email", "电子邮件地址已经被注册")
renderTemplate(w, r, "account/signup.html", map[string]interface{}{"form": form})
return
}
c2 := db.C("status")
var status Status
c2.Find(nil).One(&status)
id := bson.NewObjectId()
validateCode := uuid()
index := status.UserIndex + 1
err = c.Insert(&User{
Id_: id,
Username: form.Value("username"),
Password: encryptPassword(form.Value("password")),
Email: form.Value("email"),
ValidateCode: validateCode,
IsActive: true,
JoinedAt: time.Now(),
Index: index,
})
if err != nil {
panic(err)
}
c2.Update(bson.M{"_id": status.Id_}, bson.M{"$inc": bson.M{"userindex": 1}})
// 发送邮件
/*
subject := "欢迎加入Golang 中国"
message2 := `欢迎加入Golang 中国。请访问下面地址激活你的帐户。
<a href="%s/activate/%s">%s/activate/%s</a>
如果你没有注册,请忽略这封邮件。
©2012 Golang 中国`
message2 = fmt.Sprintf(message2, config["host"], validateCode, config["host"], validateCode)
sendMail(subject, message2, []string{form.Value("email")})
message(w, r, "注册成功", "请查看你的邮箱进行验证,如果收件箱没有,请查看垃圾邮件,如果还没有,请给[email protected]发邮件,告知你的用户名。", "success")
*/
message(w, r, "注册成功", fmt.Sprintf(`感谢您的注册,您已经成为Golang中国第 <strong>%d</strong>位用户,<a href="/signin">登录</a>。`, index), "success")
return
}
}
renderTemplate(w, r, "account/signup.html", map[string]interface{}{"form": form})
}