Пример #1
0
// TODO: Cache this!
func GetCurrentUser(r *http.Request) *models.User {
	session, _ := Store.Get(r, "sirsid")

	if session.Values["username"] == nil || session.Values["password"] == nil {
		return nil
	}
	err, current_user := models.AuthenticateUser(session.Values["username"].(string), session.Values["password"].(string))

	if err != nil {
		return nil
	}
	return current_user
}
Пример #2
0
func GetCurrentUser(r *http.Request) *models.User {
	cached := context.Get(r, "user")
	if cached != nil {
		return cached.(*models.User)
	}

	session, _ := GetCookieStore(r).Get(r, "sirsid")

	if session.Values["username"] == nil || session.Values["password"] == nil {
		return nil
	}
	err, current_user := models.AuthenticateUser(session.Values["username"].(string), session.Values["password"].(string))

	if err != nil {
		return nil
	}

	context.Set(r, "user", current_user)
	return current_user
}
Пример #3
0
func Login(w http.ResponseWriter, r *http.Request) {
	if utils.GetCurrentUser(r) != nil {
		http.Redirect(w, r, "/", http.StatusFound)
		return
	}

	if r.Method == "POST" {
		username := r.FormValue("username")
		password := r.FormValue("password")

		var error string
		err, _ := models.AuthenticateUser(username, password)
		if err != nil {
			error = "Invalid username or password"
		}

		if error != "" {
			utils.RenderTemplate(w, r, "login.html", map[string]interface{}{
				"error": error,
			})
			return
		}

		session, _ := utils.Store.Get(r, "sirsid")
		session.Values["username"] = username
		session.Values["password"] = password
		fmt.Println("[notice] Auth success!")

		err = session.Save(r, w)
		if err != nil {
			fmt.Printf("[error] Could not save session (%s)\n", err.Error())
		}

		http.Redirect(w, r, "/", http.StatusFound)
		return
	}

	utils.RenderTemplate(w, r, "login.html", nil)
}
Пример #4
0
func UserSettings(w http.ResponseWriter, r *http.Request) {
	enable_signatures, _ := config.Config.GetBool("gobb", "enable_signatures")

	user_id_str := mux.Vars(r)["id"]
	user_id, _ := strconv.Atoi(user_id_str)

	current_user := utils.GetCurrentUser(r)

	if current_user == nil || int64(user_id) != current_user.Id {
		http.NotFound(w, r)
		return
	}

	success := false
	var form_error string
	if r.Method == "POST" {
		db := models.GetDbSession()
		current_user.Avatar = r.FormValue("avatar_url")
		current_user.UserTitle = r.FormValue("user_title")
		current_user.StylesheetUrl = sql.NullString{
			Valid:  true,
			String: r.FormValue("stylesheet_url"),
		}
		if r.FormValue("signature") == "" {
			current_user.Signature = sql.NullString{
				Valid:  false,
				String: r.FormValue("signature"),
			}
		} else {
			current_user.Signature = sql.NullString{
				Valid:  true,
				String: r.FormValue("signature"),
			}
		}

		// Change hiding settings
		current_user.HideOnline = false
		if r.FormValue("hide_online") == "1" {
			current_user.HideOnline = true
		}

		// Update password?
		old_pass := r.FormValue("password_old")
		new_pass := r.FormValue("password_new")
		new_pass2 := r.FormValue("password_new2")
		if old_pass != "" {
			err, user := models.AuthenticateUser(current_user.Username, old_pass)
			if user == nil || err != nil {
				form_error = "Invalid password"
			} else if len(new_pass) < 5 {
				form_error = "Password must be greater than 4 characters"
			} else if new_pass != new_pass2 {
				form_error = "Passwords didn't match"
			} else {
				current_user.SetPassword(new_pass)
				session, _ := utils.GetCookieStore(r).Get(r, "sirsid")
				session.Values["password"] = new_pass
				session.Save(r, w)
			}
		}

		if form_error == "" {
			db.Update(current_user)
			success = true
		}
	}

	stylesheet := ""
	if current_user.StylesheetUrl.Valid {
		stylesheet = current_user.StylesheetUrl.String
	}
	signature := ""
	if current_user.Signature.Valid {
		signature = current_user.Signature.String
	}

	utils.RenderTemplate(w, r, "user_settings.html", map[string]interface{}{
		"error":             form_error,
		"success":           success,
		"user_stylesheet":   stylesheet,
		"user_signature":    signature,
		"enable_signatures": enable_signatures,
	}, nil)
}