Exemplo n.º 1
0
func handleGMProfile(resp http.ResponseWriter, req *http.Request) {
	user_id, _ := public.GetSessionGMId(req)

	req.Header.Set(public.GM_PERMITTED_HEADER_KEY, user_id.Hex())

	handleUserProfile(resp, req)
}
Exemplo n.º 2
0
func handleGMLogin(resp http.ResponseWriter, req *http.Request) {
	email := public.EmailFilter(req.FormValue("email"))
	password := req.FormValue("password")

	if len(email) <= 0 || len(password) <= 0 {
		r := public.SimpleResult{
			Message:     "Error",
			Description: "Incorrect email or password",
		}
		public.ResponseStatusAsJson(resp, 403, &r)
		return
	}

	//Check login status
	if _, err := public.GetSessionGMId(req); err == nil {
		r := public.SimpleResult{
			Message:     "Already Login",
			Description: email,
		}
		public.ResponseOkAsJson(resp, &r)
		return
	}

	userDb := public.GetNewUserDatabase()
	defer userDb.Session.Close()

	profiles := userDb.C(USER_DB_PROFILE_COLLECTION)
	q := profiles.Find(bson.M{"email": email})
	user := db.User{}
	if q.One(&user) == nil {
		//Check password
		if bcrypt.CompareHashAndPassword([]byte(user.AuthInfo.BcyptHash), []byte(password)) != nil {
			r := public.SimpleResult{
				Message:     "Error",
				Description: "Incorrect email or password",
			}
			public.ResponseStatusAsJson(resp, 403, &r)
			return
		}

		//Check whether is GM
		admin := userDb.C(USER_DB_GM_COLLECTION)
		admin_q := admin.Find(bson.M{"userid": user.Id})
		if n, _ := admin_q.Count(); n <= 0 {
			//Not GM
			public.ResponseStatusAsJson(resp, 403, &public.SimpleResult{
				Message:     "Error",
				Description: "Not GM, YOU SHALL NOT PASS",
			})
			return
		}

		if err := public.SetGMSessionValue(req, resp, public.GM_ID_SESSION_KEY, user.Id.Hex()); err != nil {
			public.LogE.Printf("Error setting session user id: %s\n", err.Error())
		}
		r := public.SimpleResult{
			Message:     "Login Successed",
			Description: email,
		}
		public.ResponseOkAsJson(resp, &r)
	} else {
		r := public.SimpleResult{
			Message:     "Error",
			Description: "Incorrect email or password",
		}
		public.ResponseStatusAsJson(resp, 403, &r)
		return
	}
}