func SignupActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
session, validAuth, httperr := auth.CheckSession(r)
if !validAuth || !auth.ValidCSRF(r, session, false) || httperr != nil {
http.Redirect(w, r, paths.SignupPath, http.StatusUnauthorized)
return
}
ss := auth.GetSetSession(w, r, session)
if ss == nil {
views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, database.ErrInternalServerError)
return
}
reg := &Signup{
First: r.PostFormValue("_fname"),
Last: r.PostFormValue("_lname"),
Email: r.PostFormValue("_email"),
School: r.PostFormValue("_school"),
State: r.PostFormValue("_state"),
}
if err := reg.validate(); err != nil {
views.RenderTemplate(w, r, reload.Signup, http.StatusOK,
&SignupData{
ss.CSRFToken,
err.Error(),
})
return
}
reg.Store()
http.Redirect(w, r, paths.ThankYouPath, http.StatusFound)
}
// LogoutActionHandler handles POST requests to "/logout/"
func LogoutActionHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
session, validAuth, httperr := auth.CheckSession(r)
if httperr != nil {
views.RenderTemplate(w, r, reload.ErrorPage, httperr.Status, httperr)
return
}
if !validAuth || !auth.ValidCSRF(r, session, false) {
http.Redirect(w, r, paths.LoginPath, http.StatusFound)
return
}
if !auth.DestroySession(w, r) {
glog.Errorln(auth.ErrUnableToLogOut)
views.RenderTemplate(w, r, reload.ErrorPage, http.StatusInternalServerError, auth.ErrUnableToLogOut)
return
}
http.Redirect(w, r, paths.IndexPath, http.StatusFound)
}