//SignInPost handles POST /signin route, authenticates user
func SignInPost(c *gin.Context) {
session := sessions.Default(c)
user := &models.User{}
if err := c.Bind(user); err != nil {
session.AddFlash("Please, fill out form correctly.")
session.Save()
c.Redirect(http.StatusFound, "/signin")
return
}
userDB, _ := models.GetUserByEmail(user.Email)
if userDB.ID == 0 {
logrus.Errorf("Login error, IP: %s, Email: %s", c.ClientIP(), user.Email)
session.AddFlash("Email or password incorrect")
session.Save()
c.Redirect(http.StatusFound, "/signin")
return
}
if err := bcrypt.CompareHashAndPassword([]byte(userDB.Password), []byte(user.Password)); err != nil {
logrus.Errorf("Login error, IP: %s, Email: %s", c.ClientIP(), user.Email)
session.AddFlash("Email or password incorrect")
session.Save()
c.Redirect(http.StatusFound, "/signin")
return
}
session.Set("UserID", userDB.ID)
session.Save()
c.Redirect(http.StatusFound, "/")
}
//SignUpPost handles POST /signup route, creates new user
func SignUpPost(c *gin.Context) {
session := sessions.Default(c)
user := &models.User{}
if err := c.Bind(user); err != nil {
session.AddFlash(err.Error())
session.Save()
c.Redirect(http.StatusFound, "/signup")
return
}
userDB, _ := models.GetUserByEmail(user.Email)
if userDB.ID != 0 {
session.AddFlash("User exists")
session.Save()
c.Redirect(http.StatusFound, "/signup")
return
}
//create user
err := user.HashPassword()
if err != nil {
session.AddFlash("Error whilst registering user.")
session.Save()
logrus.Errorf("Error whilst registering user: %v", err)
c.Redirect(http.StatusFound, "/signup")
return
}
if err := user.Insert(); err != nil {
session.AddFlash("Error whilst registering user.")
session.Save()
logrus.Errorf("Error whilst registering user: %v", err)
c.Redirect(http.StatusFound, "/signup")
return
}
session.Set("UserID", user.ID)
session.Save()
c.Redirect(http.StatusFound, "/")
return
}