Exemplo n.º 1
0
func SettingsPost(w http.ResponseWriter, r *http.Request) {
	// /settings POST method handler.
	// Validates the form,

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)

	if username != "" {
		pass, _ := database.GetPassword(db, username)

		newPassword := r.FormValue("new")
		repeat := r.FormValue("repeat")
		oldPassword := r.FormValue("old")

		if password.Authenticate(oldPassword, pass) && len(newPassword) > 5 && newPassword == repeat {
			hashed := password.NewPassword(newPassword)
			database.ChangePassword(db, username, hashed)
			log.Printf("USER (%s) CHANGED PASSWORD\n", username)
		}
	}

	http.Redirect(w, r, "/login", http.StatusFound)
}
Exemplo n.º 2
0
func LoginPost(w http.ResponseWriter, r *http.Request) {
	// /login handler for POST request.
	// Tries to validate user.
	// If email / password is OK,
	// new sessionid cookie is set and user is redirected to / .

	db := database.GetConnection()

	username := r.FormValue("username")
	username = strings.ToLower(username)
	pass := r.FormValue("password")
	remember := r.FormValue("remember") == "1"
	hashed, _ := database.GetPassword(db, username)

	if password.Authenticate(pass, hashed) {
		// Valid password.
		sessionid := cookies.GenerateSessionId(username)
		cookies.SetSessionId(w, sessionid, remember)
		http.Redirect(w, r, "/", http.StatusFound)
		log.Printf("LOGGED IN (%s)\n", username)
	} else {
		context := loginContext{username, config.Config.Register, true}
		templates.Render(w, "login", context)
	}
}
Exemplo n.º 3
0
func RegisterPost(w http.ResponseWriter, r *http.Request) {
	// /register POST method handler.
	// Validates the form,
	// check's if username is availible,
	// and then creates a user and redirects to
	// /login .

	db := database.GetConnection()

	var user models.User
	// Model out of form data.
	user.Email = r.FormValue("email")
	user.Email = strings.ToLower(user.Email)
	user.Password = r.FormValue("password")
	user.Firstname = r.FormValue("firstname")
	if len(user.Firstname) > 0 {
		user.Firstname = strings.ToUpper(user.Firstname[0:1]) + strings.ToLower(user.Firstname[1:])
	}
	user.Lastname = r.FormValue("lastname")
	if len(user.Lastname) > 0 {
		user.Lastname = strings.ToUpper(user.Lastname[0:1]) + strings.ToLower(user.Lastname[1:])
	}

	repeat := r.FormValue("repeat")

	var old models.RegisterContext
	// Model for return form.
	// In case there the data wasn't valid
	old.Firstname = user.Firstname
	old.Lastname = user.Lastname
	old.Email = user.Email
	old.Flag = user.UserValidate(repeat)

	if old.Flag != "" {
		templates.Render(w, "register", old)
		return
	}

	pass, _ := database.GetPassword(db, user.Email)
	// Checks if user exists.
	if pass != "" {
		old.Flag = "Vartotojas su šiuo el. pašto adresu jau egzistuoja."
		templates.Render(w, "register", old)
		return
	}

	user.Password = password.NewPassword(user.Password)
	database.CreateUser(db, &user)
	// Creates a user in the db.
	http.Redirect(w, r, "/login", http.StatusFound)
	log.Printf("USER CREATED (%s)\n", user.Email)
}
Exemplo n.º 4
0
func AdminGet(w http.ResponseWriter, r *http.Request) {
	// /admin GET method handler.
	// Just render's the form.

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)
	_, is_admin := database.GetPassword(db, username)

	if !is_admin {
		http.Redirect(w, r, "/login/", http.StatusFound)
	} else {
		var F models.AdminContext
		F.OpenGames = database.GamesList(db, "open")
		F.NotFinish = database.GamesList(db, "finish")
		templates.Render(w, "admin", F)
	}
}
Exemplo n.º 5
0
func AdminPost(w http.ResponseWriter, r *http.Request) {
	// /admin POST method handler.

	db := database.GetConnection()

	sessionid := cookies.GetCookieVal(r, "sessionid")
	username := cookies.UsernameFromCookie(sessionid)
	_, is_admin := database.GetPassword(db, username)

	option := r.FormValue("sending")
	// Each html form has a hidden input which
	// is sent only when a specific form is submited.
	var F models.AdminContext
	F.CloseF = false
	F.EndF = false

	if is_admin {
		switch option {
		case "addGame":
			// Creating a game and sending it into db.
			var game models.Game
			var err error
			game.Team1 = r.FormValue("team1")
			game.Team2 = r.FormValue("team2")
			game.Starts, err = time.Parse("2006-01-02 15:04", r.FormValue("starts"))
			// Need to parse a string from request.

			if err != nil || !utils.HasShortName(game.Team1) || !utils.HasShortName(game.Team2) {
				// Checks if teams names are valid.
				http.Redirect(w, r, "/error", http.StatusFound)
			} else {
				database.CreateGame(db, &game)
				http.Redirect(w, r, "/admin", http.StatusFound)
				log.Printf("GAME [%s - %s] ADDED\n", game.Team1, game.Team2)
			}
			break

		case "close":
			// Closes a game. Nothing to check.
			pk := r.FormValue("close-game-id")
			database.CloseGame(db, pk)
			http.Redirect(w, r, "/admin", http.StatusFound)
			log.Printf("GAME (%s) CLOSED\n", pk)
			break

		case "rollback":
			confirm := r.FormValue("confirm") == "1"
			if confirm {
				database.RollBack(db)
			}
			http.Redirect(w, r, "/admin", http.StatusFound)
			break

		case "end":
			// Finishes a game.

			t1 := r.FormValue("team1")
			t2 := r.FormValue("team2")
			pk := r.FormValue("finish-game-id")
			n1, er1 := strconv.Atoi(t1)
			n2, er2 := strconv.Atoi(t2)
			intPk, er3 := strconv.Atoi(pk)
			if er1 != nil || er2 != nil || er3 != nil {
				// Checks form data.
				http.Redirect(w, r, "/error", http.StatusFound)
			} else {
				database.FinishGame(db, pk, n1, n2)
				database.CalcPoints(db, intPk, n1, n2)
				http.Redirect(w, r, "/admin", http.StatusFound)
				log.Printf("GAME (%s) FINISHED\n", pk)
			}
			break
		}
	} else {
		// Not an admin tried subminting data.
		http.Redirect(w, r, "/login/", http.StatusFound)
	}
}