func login(w http.ResponseWriter, r *http.Request) error {
username := r.FormValue("username")
password := r.FormValue("password")
userLog.Info("Log in: %v/%v", username, password)
query := DB.QueryRow("SELECT id, username, password FROM users WHERE username = $1", username)
var user User
err := query.Scan(&user.Id, &user.Username, &user.password)
if err != nil {
web.FlashWarning(r, "No such user found")
http.Redirect(w, r, "/login", http.StatusFound)
return nil
}
if string(user.password) == password {
session := web.Session(r)
session.Values["userId"] = user.Id
web.FlashInfo(r, fmt.Sprintf("Logged in as %v", user.Username))
if dest, ok := session.Values["loginDestination"]; ok {
http.Redirect(w, r, dest.(string), http.StatusFound)
} else {
http.Redirect(w, r, "/user", http.StatusFound)
}
return nil
}
web.FlashWarning(r, "Incorrect username or password")
http.Redirect(w, r, "/login", http.StatusFound)
return nil
}
func logout(w http.ResponseWriter, r *http.Request) error {
session := web.Session(r)
delete(session.Values, "userId")
web.FlashInfo(r, "You have been logged out")
http.Redirect(w, r, "/login", http.StatusFound)
return nil
}
func (s Subject) SaveQuestions(r *http.Request, subject *Subject, form url.Values) error {
// Parse the form values into a map for each question
questionData := parseQuestionForm(form)
allQuestions, _ := s.Questions()
saver := questions.DataSaver{}
for _, question := range allQuestions {
data := questionData[int(question.Id)]
value, err := question.QuestionType().Parse(data)
if err != nil {
web.FlashError(r, fmt.Sprintf("Could not save %v: %v", question.Name, err))
continue
}
ToSave := questions.Data{subject.Id, question, value}
err = saver.SaveInstant(ToSave)
if err != nil {
web.FlashError(r, err.Error())
} else {
web.FlashInfo(r, fmt.Sprint(question.Name, value.Interface()))
}
}
return nil
}