// PostLogin performs login.
func PostLogin(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
db := context.Get(r, "db").(*sqlx.DB)
cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore)
email := r.FormValue("Email")
password := r.FormValue("Password")
u := dal.NewUser(db)
user, err := u.GetUserByEmailAndPassword(nil, email, password)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
session, _ := cookieStore.Get(r, "fpc-session")
session.Values["user"] = user
err = session.Save(r, w)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
http.Redirect(w, r, "/home", 302)
}
func PostSignup(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
db := context.Get(r, "db").(*sqlx.DB)
email := r.FormValue("Email")
password := r.FormValue("Password")
passwordAgain := r.FormValue("PasswordAgain")
_, err := dal.NewUser(db).Signup(nil, email, password, passwordAgain)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
// Perform login
PostLogin(w, r)
}
func PutUsersID(w http.ResponseWriter, r *http.Request) {
userId, err := getIdFromPath(w, r)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
db := context.Get(r, "db").(*sqlx.DB)
cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore)
session, _ := cookieStore.Get(r, "fpc-session")
currentUser := session.Values["user"].(*dal.UserRow)
if currentUser.ID != userId {
err := errors.New("Modifying other user is not allowed.")
libhttp.HandleErrorJson(w, err)
return
}
email := r.FormValue("Email")
password := r.FormValue("Password")
passwordAgain := r.FormValue("PasswordAgain")
u := dal.NewUser(db)
currentUser, err = u.UpdateEmailAndPasswordById(nil, currentUser.ID, email, password, passwordAgain)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
// Update currentUser stored in session.
session.Values["user"] = currentUser
err = session.Save(r, w)
if err != nil {
libhttp.HandleErrorJson(w, err)
return
}
http.Redirect(w, r, "/", 302)
}