예제 #1
0
func SignupActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	session, validAuth, httperr := auth.CheckSession(r)
	if !validAuth || !auth.ValidCSRF(r, session, false) || httperr != nil {
		http.Redirect(w, r, paths.SignupPath, http.StatusUnauthorized)
		return
	}

	ss := auth.GetSetSession(w, r, session)
	if ss == nil {
		views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError)
		return
	}

	reg := &Signup{
		First:  r.PostFormValue("_fname"),
		Last:   r.PostFormValue("_lname"),
		Email:  r.PostFormValue("_email"),
		School: r.PostFormValue("_school"),
		State:  r.PostFormValue("_state"),
	}

	if err := reg.validate(); err != nil {
		views.RenderTemplate(w, r, reload.Signup, http.StatusOK,
			&SignupData{
				ss.CSRFToken,
				err.Error(),
			})
		return
	}

	reg.Store()

	http.Redirect(w, r, paths.ThankYouPath, http.StatusFound)
}
예제 #2
0
// LoginActionHandler handles POST requests to "/login/"
func LoginActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	// The CSRF token check is inside AuthenticateUser.
	status, data, err := auth.AuthenticateUser(w, r)

	// Errors from AuthenticateUser or a status of InvalidAuth indicate that
	// the user is not authenticated, and we should handle the response
	// accordingly.
	if err != nil {
		switch err.Err {
		// Re-render with error information.
		case auth.ErrBadUsername, auth.ErrBadPassword, auth.ErrInvalidLogin,
			auth.ErrTooManyRequests, auth.ErrInvalidCSRFToken:
			views.RenderTemplate(w, r, reload.Login, err.Status, data)
		default:
			views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, err)
		}

		return
	}

	if status == auth.ValidAuth {
		// It's okay to send the user to their original destination.
		http.Redirect(w, r, data.Redir, http.StatusFound)
		return
	} else {
		views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError)
		return
	}

	http.Redirect(w, r, paths.LoginPath, http.StatusOK)
}
예제 #3
0
// LoginViewHandler handles GET requests to "/login/"
func LoginViewHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	// Specific headers for our login page.
	w.Header().Set("pragma", "no-cache")
	w.Header().Set("cache-control", "no-cache, no-store")
	w.Header().Set("expires", "Mon, 01-Jan-1990 00:00:00 GMT")

	session, validAuth, httperr := auth.CheckSession(r)
	if httperr != nil {
		views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, httperr)
	}

	// If the user is logged in then just redirect to the dashboard.
	// This is why the logic may look a little backwards.
	if validAuth {
		http.Redirect(w, r, paths.DashboardPath, http.StatusFound)
		return
	}

	ss := auth.GetSetSession(w, r, session)
	if ss == nil {
		views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError)
		return
	}

	views.RenderTemplate(w, r, reload.Login, http.StatusOK, &dt.LoginData{r.Host, ss.CSRFToken, "", ""})
}
예제 #4
0
func SignupViewHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

	session, _, httperr := auth.CheckSession(r)
	if httperr != nil {
		views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, httperr)
	}

	ss := auth.GetSetSession(w, r, session)
	if ss == nil {
		views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError)
		return
	}

	views.RenderTemplate(w, r, reload.Signup, http.StatusOK, &SignupData{ss.CSRFToken, ""})
}
예제 #5
0
// LogoutActionHandler handles POST requests to "/logout/"
func LogoutActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	session, validAuth, httperr := auth.CheckSession(r)
	if httperr != nil {
		views.RenderTemplate(w, r, reload.ErrorPage, httperr.Status, httperr)
		return
	}

	if !validAuth || !auth.ValidCSRF(r, session, false) {
		http.Redirect(w, r, paths.LoginPath, http.StatusFound)
		return
	}

	if !auth.DestroySession(w, r) {
		glog.Errorln(auth.ErrUnableToLogOut)
		views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, auth.ErrUnableToLogOut)
		return
	}

	http.Redirect(w, r, paths.IndexPath, http.StatusFound)
}
예제 #6
0
// AboutViewHandler handles GET requests to "/about/"
func AboutViewHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	views.RenderTemplate(w, r, reload.About, http.StatusOK, nil)
}