func SettingsPost(w http.ResponseWriter, r *http.Request) {
// /settings POST method handler.
// Validates the form,
db := database.GetConnection()
sessionid := cookies.GetCookieVal(r, "sessionid")
username := cookies.UsernameFromCookie(sessionid)
if username != "" {
pass, _ := database.GetPassword(db, username)
newPassword := r.FormValue("new")
repeat := r.FormValue("repeat")
oldPassword := r.FormValue("old")
if password.Authenticate(oldPassword, pass) && len(newPassword) > 5 && newPassword == repeat {
hashed := password.NewPassword(newPassword)
database.ChangePassword(db, username, hashed)
log.Printf("USER (%s) CHANGED PASSWORD\n", username)
}
}
http.Redirect(w, r, "/login", http.StatusFound)
}
func LoginPost(w http.ResponseWriter, r *http.Request) {
// /login handler for POST request.
// Tries to validate user.
// If email / password is OK,
// new sessionid cookie is set and user is redirected to / .
db := database.GetConnection()
username := r.FormValue("username")
username = strings.ToLower(username)
pass := r.FormValue("password")
remember := r.FormValue("remember") == "1"
hashed, _ := database.GetPassword(db, username)
if password.Authenticate(pass, hashed) {
// Valid password.
sessionid := cookies.GenerateSessionId(username)
cookies.SetSessionId(w, sessionid, remember)
http.Redirect(w, r, "/", http.StatusFound)
log.Printf("LOGGED IN (%s)\n", username)
} else {
context := loginContext{username, config.Config.Register, true}
templates.Render(w, "login", context)
}
}
func RegisterPost(w http.ResponseWriter, r *http.Request) {
// /register POST method handler.
// Validates the form,
// check's if username is availible,
// and then creates a user and redirects to
// /login .
db := database.GetConnection()
var user models.User
// Model out of form data.
user.Email = r.FormValue("email")
user.Email = strings.ToLower(user.Email)
user.Password = r.FormValue("password")
user.Firstname = r.FormValue("firstname")
if len(user.Firstname) > 0 {
user.Firstname = strings.ToUpper(user.Firstname[0:1]) + strings.ToLower(user.Firstname[1:])
}
user.Lastname = r.FormValue("lastname")
if len(user.Lastname) > 0 {
user.Lastname = strings.ToUpper(user.Lastname[0:1]) + strings.ToLower(user.Lastname[1:])
}
repeat := r.FormValue("repeat")
var old models.RegisterContext
// Model for return form.
// In case there the data wasn't valid
old.Firstname = user.Firstname
old.Lastname = user.Lastname
old.Email = user.Email
old.Flag = user.UserValidate(repeat)
if old.Flag != "" {
templates.Render(w, "register", old)
return
}
pass, _ := database.GetPassword(db, user.Email)
// Checks if user exists.
if pass != "" {
old.Flag = "Vartotojas su šiuo el. pašto adresu jau egzistuoja."
templates.Render(w, "register", old)
return
}
user.Password = password.NewPassword(user.Password)
database.CreateUser(db, &user)
// Creates a user in the db.
http.Redirect(w, r, "/login", http.StatusFound)
log.Printf("USER CREATED (%s)\n", user.Email)
}
func AdminGet(w http.ResponseWriter, r *http.Request) {
// /admin GET method handler.
// Just render's the form.
db := database.GetConnection()
sessionid := cookies.GetCookieVal(r, "sessionid")
username := cookies.UsernameFromCookie(sessionid)
_, is_admin := database.GetPassword(db, username)
if !is_admin {
http.Redirect(w, r, "/login/", http.StatusFound)
} else {
var F models.AdminContext
F.OpenGames = database.GamesList(db, "open")
F.NotFinish = database.GamesList(db, "finish")
templates.Render(w, "admin", F)
}
}
func AdminPost(w http.ResponseWriter, r *http.Request) {
// /admin POST method handler.
db := database.GetConnection()
sessionid := cookies.GetCookieVal(r, "sessionid")
username := cookies.UsernameFromCookie(sessionid)
_, is_admin := database.GetPassword(db, username)
option := r.FormValue("sending")
// Each html form has a hidden input which
// is sent only when a specific form is submited.
var F models.AdminContext
F.CloseF = false
F.EndF = false
if is_admin {
switch option {
case "addGame":
// Creating a game and sending it into db.
var game models.Game
var err error
game.Team1 = r.FormValue("team1")
game.Team2 = r.FormValue("team2")
game.Starts, err = time.Parse("2006-01-02 15:04", r.FormValue("starts"))
// Need to parse a string from request.
if err != nil || !utils.HasShortName(game.Team1) || !utils.HasShortName(game.Team2) {
// Checks if teams names are valid.
http.Redirect(w, r, "/error", http.StatusFound)
} else {
database.CreateGame(db, &game)
http.Redirect(w, r, "/admin", http.StatusFound)
log.Printf("GAME [%s - %s] ADDED\n", game.Team1, game.Team2)
}
break
case "close":
// Closes a game. Nothing to check.
pk := r.FormValue("close-game-id")
database.CloseGame(db, pk)
http.Redirect(w, r, "/admin", http.StatusFound)
log.Printf("GAME (%s) CLOSED\n", pk)
break
case "rollback":
confirm := r.FormValue("confirm") == "1"
if confirm {
database.RollBack(db)
}
http.Redirect(w, r, "/admin", http.StatusFound)
break
case "end":
// Finishes a game.
t1 := r.FormValue("team1")
t2 := r.FormValue("team2")
pk := r.FormValue("finish-game-id")
n1, er1 := strconv.Atoi(t1)
n2, er2 := strconv.Atoi(t2)
intPk, er3 := strconv.Atoi(pk)
if er1 != nil || er2 != nil || er3 != nil {
// Checks form data.
http.Redirect(w, r, "/error", http.StatusFound)
} else {
database.FinishGame(db, pk, n1, n2)
database.CalcPoints(db, intPk, n1, n2)
http.Redirect(w, r, "/admin", http.StatusFound)
log.Printf("GAME (%s) FINISHED\n", pk)
}
break
}
} else {
// Not an admin tried subminting data.
http.Redirect(w, r, "/login/", http.StatusFound)
}
}