Пример #1
0
func SignupActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	session, validAuth, httperr := auth.CheckSession(r)
	if !validAuth || !auth.ValidCSRF(r, session, false) || httperr != nil {
		http.Redirect(w, r, paths.SignupPath, http.StatusUnauthorized)
		return
	}

	ss := auth.GetSetSession(w, r, session)
	if ss == nil {
		views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError)
		return
	}

	reg := &Signup{
		First:  r.PostFormValue("_fname"),
		Last:   r.PostFormValue("_lname"),
		Email:  r.PostFormValue("_email"),
		School: r.PostFormValue("_school"),
		State:  r.PostFormValue("_state"),
	}

	if err := reg.validate(); err != nil {
		views.RenderTemplate(w, r, reload.Signup, http.StatusOK,
			&SignupData{
				ss.CSRFToken,
				err.Error(),
			})
		return
	}

	reg.Store()

	http.Redirect(w, r, paths.ThankYouPath, http.StatusFound)
}
Пример #2
0
// LogoutActionHandler handles POST requests to "/logout/"
func LogoutActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
	session, validAuth, httperr := auth.CheckSession(r)
	if httperr != nil {
		views.RenderTemplate(w, r, reload.ErrorPage, httperr.Status, httperr)
		return
	}

	if !validAuth || !auth.ValidCSRF(r, session, false) {
		http.Redirect(w, r, paths.LoginPath, http.StatusFound)
		return
	}

	if !auth.DestroySession(w, r) {
		glog.Errorln(auth.ErrUnableToLogOut)
		views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, auth.ErrUnableToLogOut)
		return
	}

	http.Redirect(w, r, paths.IndexPath, http.StatusFound)
}