func login(c *api.Context, w http.ResponseWriter, r *http.Request) { if !CheckBrowserCompatability(c, r) { return } params := mux.Vars(r) teamName := params["team"] var team *model.Team if tResult := <-api.Srv.Store.Team().GetByName(teamName); tResult.Err != nil { l4g.Error("Couldn't find team name=%v, err=%v", teamName, tResult.Err.Message) http.Redirect(w, r, api.GetProtocol(r)+"://"+r.Host, http.StatusTemporaryRedirect) return } else { team = tResult.Data.(*model.Team) } // We still might be able to switch to this team because we've logged in before _, session := api.FindMultiSessionForTeamId(r, team.Id) if session != nil { w.Header().Set(model.HEADER_TOKEN, session.Token) http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/channels/town-square", http.StatusTemporaryRedirect) return } page := NewHtmlTemplatePage("login", "Login") page.Props["TeamDisplayName"] = team.DisplayName page.Props["TeamName"] = team.Name if team.AllowOpenInvite { page.Props["InviteId"] = team.InviteId } page.Render(c, w) }
func login(c *api.Context, w http.ResponseWriter, r *http.Request) { if !CheckBrowserCompatability(c, r) { return } params := mux.Vars(r) teamName := params["team"] var team *model.Team if tResult := <-api.Srv.Store.Team().GetByName(teamName); tResult.Err != nil { l4g.Error(utils.T("web.login.error"), teamName, tResult.Err.Message) http.Redirect(w, r, api.GetProtocol(r)+"://"+r.Host, http.StatusTemporaryRedirect) return } else { team = tResult.Data.(*model.Team) } // We still might be able to switch to this team because we've logged in before _, session := api.FindMultiSessionForTeamId(r, team.Id) if session != nil { w.Header().Set(model.HEADER_TOKEN, session.Token) lastViewChannelName := "town-square" if lastViewResult := <-api.Srv.Store.Preference().Get(session.UserId, model.PREFERENCE_CATEGORY_LAST, model.PREFERENCE_NAME_LAST_CHANNEL); lastViewResult.Err == nil { if lastViewChannelResult := <-api.Srv.Store.Channel().Get(lastViewResult.Data.(model.Preference).Value); lastViewChannelResult.Err == nil { lastViewChannelName = lastViewChannelResult.Data.(*model.Channel).Name } } http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/channels/"+lastViewChannelName, http.StatusTemporaryRedirect) return } page := NewHtmlTemplatePage("login", c.T("web.login.login_title"), c.Locale) page.Props["TeamDisplayName"] = team.DisplayName page.Props["TeamName"] = team.Name if team.AllowOpenInvite { page.Props["InviteId"] = team.InviteId } page.Render(c, w) }
func checkSessionSwitch(c *api.Context, w http.ResponseWriter, r *http.Request, teamName string) *model.Team { var team *model.Team if result := <-api.Srv.Store.Team().GetByName(teamName); result.Err != nil { c.Err = result.Err return nil } else { team = result.Data.(*model.Team) } // We are logged into a different team. Lets see if we have another // session in the cookie that will give us access. if c.Session.TeamId != team.Id { index, session := api.FindMultiSessionForTeamId(r, team.Id) if session == nil { // redirect to login http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/?redirect="+url.QueryEscape(r.URL.Path), http.StatusTemporaryRedirect) } else { c.Session = *session c.SessionTokenIndex = index } } return team }
func getChannel(c *api.Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) name := params["channelname"] teamName := params["team"] var team *model.Team if result := <-api.Srv.Store.Team().GetByName(teamName); result.Err != nil { c.Err = result.Err return } else { team = result.Data.(*model.Team) } // We are logged into a different team. Lets see if we have another // session in the cookie that will give us access. if c.Session.TeamId != team.Id { index, session := api.FindMultiSessionForTeamId(r, team.Id) if session == nil { // redirect to login http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/?redirect="+url.QueryEscape(r.URL.Path), http.StatusTemporaryRedirect) } else { c.Session = *session c.SessionTokenIndex = index } } userChan := api.Srv.Store.User().Get(c.Session.UserId) var channelId string if result := <-api.Srv.Store.Channel().CheckPermissionsToByName(c.Session.TeamId, name, c.Session.UserId); result.Err != nil { c.Err = result.Err return } else { channelId = result.Data.(string) } var user *model.User if ur := <-userChan; ur.Err != nil { c.Err = ur.Err c.RemoveSessionCookie(w, r) l4g.Error("Error in getting users profile for id=%v forcing logout", c.Session.UserId) return } else { user = ur.Data.(*model.User) } if len(channelId) == 0 { if strings.Index(name, "__") > 0 { // It's a direct message channel that doesn't exist yet so let's create it ids := strings.Split(name, "__") otherUserId := "" if ids[0] == c.Session.UserId { otherUserId = ids[1] } else { otherUserId = ids[0] } if sc, err := api.CreateDirectChannel(c, otherUserId); err != nil { api.Handle404(w, r) return } else { channelId = sc.Id } } else { // We will attempt to auto-join open channels if cr := <-api.Srv.Store.Channel().GetByName(c.Session.TeamId, name); cr.Err != nil { http.Redirect(w, r, c.GetTeamURL()+"/channels/town-square", http.StatusFound) } else { channel := cr.Data.(*model.Channel) if channel.Type == model.CHANNEL_OPEN { api.JoinChannel(c, channel.Id, "") if c.Err != nil { return } channelId = channel.Id } else { http.Redirect(w, r, c.GetTeamURL()+"/channels/town-square", http.StatusFound) } } } } page := NewHtmlTemplatePage("channel", "") page.Props["Title"] = name + " - " + team.DisplayName + " " + page.ClientCfg["SiteName"] page.Props["TeamDisplayName"] = team.DisplayName page.Props["TeamName"] = team.Name page.Props["TeamType"] = team.Type page.Props["TeamId"] = team.Id page.Props["ChannelName"] = name page.Props["ChannelId"] = channelId page.Props["UserId"] = c.Session.UserId page.Team = team page.User = user page.Render(c, w) }