func postLogin(w http.ResponseWriter, r *http.Request, c *web.Context) { email, password := r.FormValue("email"), r.FormValue("password") user, ok := GetUser(email, password) if !ok || (user.Role != "employee" && user.Role != "admin") { c.SetFlash("alertError", "Incorrect email or password") http.Redirect(w, r, "/login", 303) return } employee, ok := GetEmployee(user.Id) if !ok { c.SetFlash("alertError", "Error finding user") http.Redirect(w, r, "/login", 303) return } c.Login(user.Role) c.SetSession(map[string]interface{}{ "emplyeeId": employee.Id, "email": employee.Email, }) if user.Role == "employee" { http.Redirect(w, r, "/employee/home", 303) return } if user.Role == "admin" { http.Redirect(w, r, "/admin/home", 303) return } return }
// Processes for data for signup and sends email to verify account func DoSignup(w http.ResponseWriter, r *http.Request) { r.ParseForm() vKey := make([]byte, 32) n, err := rand.Read(vKey) if n != len(vKey) || err != nil { log.Println("Could not successfully read from the system CSPRNG.") } validationKey := hex.EncodeToString(vKey) stmt, _ := db.Prepare("insert into signup(username, email, password, validationKey) values(?,?,?,?)") _, err = stmt.Exec(r.FormValue("username"), r.FormValue("email"), r.FormValue("password"), validationKey) if err != nil { // if a validation requests already exists resend email if strings.Contains(err.Error(), "1062") { log.Println("1062 error") stmt, _ := db.Prepare("select validationKey from signup where username=?") res := stmt.QueryRow(r.FormValue("username")) res.Scan(&validationKey) sendVerification(r.FormValue("email"), validationKey) http.Redirect(w, r, r.URL.Host+"/resendValidation", 302) } else { log.Print("Error creating signup record") log.Println(err) } } else { sendVerification(r.FormValue("email"), validationKey) http.Redirect(w, r, r.URL.Host+"/validationSent", 302) } }
func (h handler) ServeHTTP(rw http.ResponseWriter, req *http.Request) { if session.Store == nil { // server should not be started until Store is set! panic(session.ErrNoStore) } // login page should be allowed if req.URL.Path == LoginPage { h.Handler.ServeHTTP(rw, req) return } // check the cookie existance s, err := session.Store.Get(req) if err != nil { http.Redirect(rw, req, LoginPage+"?from="+url.QueryEscape(req.URL.String()), http.StatusFound) return } // check for cookie expiration if s.Expires.Before(time.Now()) { if err = session.Store.Del(req, rw); err != nil { http.Error(rw, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) return } http.Redirect(rw, req, LoginPage+"?from="+url.QueryEscape(req.URL.String()), http.StatusTemporaryRedirect) return } // refresh expiration and store new cookie s.Expires = time.Now().Add(session.MaxAge) session.Store.Put(req, rw, *s) h.Handler.ServeHTTP(rw, req) }
func login(c *api.Context, w http.ResponseWriter, r *http.Request) { if !CheckBrowserCompatability(c, r) { return } params := mux.Vars(r) teamName := params["team"] var team *model.Team if tResult := <-api.Srv.Store.Team().GetByName(teamName); tResult.Err != nil { l4g.Error("Couldn't find team name=%v, teamURL=%v, err=%v", teamName, c.GetTeamURL(), tResult.Err.Message) http.Redirect(w, r, api.GetProtocol(r)+"://"+r.Host, http.StatusTemporaryRedirect) return } else { team = tResult.Data.(*model.Team) } // If we are already logged into this team then go to home if len(c.Session.UserId) != 0 && c.Session.TeamId == team.Id { page := NewHtmlTemplatePage("home", "Home") page.Props["TeamURL"] = c.GetTeamURL() page.Render(c, w) return } // We still might be able to switch to this team because we've logged in before if multiCookie, err := r.Cookie(model.MULTI_SESSION_TOKEN); err == nil { multiToken := multiCookie.Value if len(multiToken) > 0 { tokens := strings.Split(multiToken, " ") for _, token := range tokens { if sr := <-api.Srv.Store.Session().Get(token); sr.Err == nil { s := sr.Data.(*model.Session) if !s.IsExpired() && s.TeamId == team.Id { w.Header().Set(model.HEADER_TOKEN, s.Token) sessionCookie := &http.Cookie{ Name: model.SESSION_TOKEN, Value: s.Token, Path: "/", MaxAge: model.SESSION_TIME_WEB_IN_SECS, HttpOnly: true, } http.SetCookie(w, sessionCookie) http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/channels/town-square", http.StatusTemporaryRedirect) return } } } } } page := NewHtmlTemplatePage("login", "Login") page.Props["TeamDisplayName"] = team.DisplayName page.Props["TeamName"] = team.Name page.Render(c, w) }
func index(res http.ResponseWriter, req *http.Request) { ctx := appengine.NewContext(req) id := getID(res, req) if req.Method == "POST" { src, _, err := req.FormFile("data") if err != nil { log.Errorf(ctx, "ERROR index req.FormFile: %s", err) // TODO: create error page to show user http.Redirect(res, req, "/", http.StatusSeeOther) return } err = uploadPhoto(src, id, req) if err != nil { log.Errorf(ctx, "ERROR index uploadPhoto: %s", err) // expired cookie may exist on client http.Redirect(res, req, "/logout", http.StatusSeeOther) return } } m, err := retrieveMemc(id, req) if err != nil { log.Errorf(ctx, "ERROR index retrieveMemc: %s", err) // expired cookie may exist on client http.Redirect(res, req, "/logout", http.StatusSeeOther) return } tpl.ExecuteTemplate(res, "index.html", m) }
// URL: /reply/{replyId}/delete // 删除回复,只有管理员可以删除 func deleteReplyHandler(w http.ResponseWriter, r *http.Request) { vars := mux.Vars(r) replyId := vars["replyId"] user, ok := currentUser(r) if !ok { http.Redirect(w, r, "/signin", http.StatusFound) return } if !user.IsSuperuser { message(w, r, "没用该权限", "对不起,你没有权限删除该回复", "error") return } c := db.C("replies") var reply Reply err := c.Find(bson.M{"_id": bson.ObjectIdHex(replyId)}).One(&reply) if err != nil { message(w, r, "该回复不存在", "不存在该回复", "error") return } err = c.Remove(bson.M{"_id": bson.ObjectIdHex(replyId)}) if err != nil { message(w, r, "该回复不存在", "不存在该回复", "error") return } c = db.C("topics") // 减少该主题的回复数量 c.Update(bson.M{"_id": reply.TopicId}, bson.M{"$inc": bson.M{"replycount": -1}}) var topic Topic c.Find(bson.M{"_id": reply.TopicId}).One(&topic) if topic.LatestReplyId == replyId { if topic.ReplyCount == 0 { // 如果删除后没有回复,设置最后回复id为空,最后回复时间为创建时间 c.Update(bson.M{"_id": topic.Id_}, bson.M{"$set": bson.M{"latestreplyid": "", "latestrepliedat": reply.CreatedAt}}) } else { // 如果删除的是该主题最后一个回复,设置主题的最新回复id,和时间 var latestReply Reply c = db.C("replies") c.Find(bson.M{"topicid": topic.Id_}).Sort("-createdat").Limit(1).One(&latestReply) c = db.C("topics") c.Update(bson.M{"_id": topic.Id_}, bson.M{"$set": bson.M{"latestreplyid": latestReply.Id_.Hex(), "latestrepliedat": latestReply.CreatedAt}}) } } c = db.C("status") var status Status c.Find(nil).One(&status) c.Update(bson.M{"_id": status.Id_}, bson.M{"$inc": bson.M{"replycount": -1}}) http.Redirect(w, r, "/t/"+reply.TopicId.Hex(), http.StatusFound) }
func handleContacts(w http.ResponseWriter, r *http.Request) { if r.Method != "POST" { http.Redirect(w, r, "/?error=noDirectAccess", http.StatusTemporaryRedirect) return } url, err := getProperDomainNameFromUrl(r.FormValue("url")) if err != nil { http.Redirect(w, r, "/?error=badUrl", http.StatusTemporaryRedirect) return } if !isUrlOnGoogleApp(w, r, url) { http.Redirect(w, r, "/?error=notOnGoogleApps", http.StatusTemporaryRedirect) return } ctx := appengine.NewContext(r) config.RedirectURL = fmt.Sprintf(`http://%s/contacts/export`, r.Host) x := AppState{url} url = config.AuthCodeURL(x.encodeState()) ctx.Infof("Auth: %v", url) http.Redirect(w, r, url, http.StatusTemporaryRedirect) }
func (n *node) adminLoginPostHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) { if err := r.ParseForm(); err != nil { http.Error(w, "cannot parse form", 422) return } usr := r.Form.Get("user") pass := r.Form.Get("pass") if usr == n.u.conf.AdminUser && pass == n.u.conf.AdminPass { s, err := n.sc.Start(w, r) if err != nil { // TODO fmt.Println(err) } defer s.Flush() s.Set("user", usr) s.Set("test", time.Now().Unix()) p, ok := s.Get("prevReq").(string) if ok && p != "" { http.Redirect(w, r, p, 302) return } http.Redirect(w, r, "/"+n.u.conf.AdminPathPrefix, 303) return } http.Error(w, "unauthorized", 401) }
// submitPage is the submission page served on "/submit/" func submitPage(w http.ResponseWriter, r *http.Request, t *template.Template) { if r.Method == "POST" { if r.FormValue("title") == "" || r.FormValue("content") == "" { http.Redirect(w, r, "/submit/", http.StatusFound) return } newEntry := &blog.BlogEntry{ Title: r.FormValue("title"), Content: r.FormValue("content"), Date: time.Now(), } blogState.AddEntry(newEntry) sort.Sort(blog.ByDate{blogState.Entries}) http.Redirect(w, r, "/", http.StatusFound) } else { err := t.Execute(w, nil) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } } }
func adminWrap(h AdminHandlerFunc) func(http.ResponseWriter, *http.Request, *Session) { return func(w http.ResponseWriter, r *http.Request, session *Session) { if !session.IsLoggedIn() { http.Redirect(w, r, "/login", 303) return } // revert login as another user if session.OriginalId != 0 { session.UserId = session.OriginalId session.OriginalId = 0 } // confirm session admin and also user still admin user := UserDetails(session.UserId) if !user.Admin || !session.Admin { http.Redirect(w, r, "/panel/dashboard", 303) return } var frameParams FrameParams if r.URL.Query()["message"] != nil { frameParams.Message.Text = r.URL.Query()["message"][0] if r.URL.Query()["type"] != nil { frameParams.Message.Type = r.URL.Query()["type"][0] } else { frameParams.Message.Type = "info" } } h(w, r, session, frameParams) } }
// Handles user login. If user is logged in, redirects to '/'. func LoginHandler(w http.ResponseWriter, r *http.Request) { if auth.LoggedIn(w, r, s) { http.Redirect(w, r, "/auth-check", 302) return } if r.Method == "GET" { t, err := template.ParseFiles("views/login.html") if err != nil { log.Println(err) return } t.Execute(w, nil) } else { // Get values from html form user := r.FormValue("user") pass := r.FormValue("password") // Attempt to validate user, if incorrect info, send user back to login page if auth.ValidateLogin(user, pass, db) { cookie, err := createCookie() if err != nil { log.Println(err) http.Redirect(w, r, "/login", 302) return } http.SetCookie(w, cookie) http.Redirect(w, r, "/auth-check", 302) } else { http.Redirect(w, r, "/login", 302) } } }
func Permissions(permissionName string) martini.Handler { return func(token oauth2.Tokens, w http.ResponseWriter, r *http.Request, c martini.Context) { if token == nil || token.Expired() { next := url.QueryEscape(r.URL.RequestURI()) http.Redirect(w, r, oauth2.PathLogin+"?next="+next, 302) return } id, err := GetId(token.Access()) if err != nil { log.Printf("Error getting player token id:", err.Error()) http.Redirect(w, r, "/error", 302) return } user := ols.GetUserDAO().GetUserFB(id) if user.LeagueId == 0 { next := url.QueryEscape(r.URL.RequestURI()) http.Redirect(w, r, "/register?next="+next, 302) } // TODO - fix this if !true { http.Redirect(w, r, "/error", 302) } c.Map(user) c.Next() } }
func (c *Controller) Upload() { fmt.Println("upload") err := c.R.ParseForm() if err != nil { fmt.Println("error parse form", err) http.Redirect(c.W, c.R, "/", http.StatusFound) return } file, header, err := c.R.FormFile("file") if err != nil { fmt.Println("error get file from request", err) http.Redirect(c.W, c.R, "/", http.StatusFound) return } defer file.Close() var lines []string scanner := bufio.NewScanner(file) for scanner.Scan() { lines = append(lines, scanner.Text()) } data := strings.Join(lines, "\n") err = c.U.SaveFile([]byte(data), header.Filename) if err != nil { fmt.Println("error save file", err) http.Redirect(c.W, c.R, "/", http.StatusFound) return } http.Redirect(c.W, c.R, "/open/"+header.Filename, http.StatusFound) }
func PostMetadata(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore) session, _ := cookieStore.Get(r, "resourcedmaster-session") currentClusterInterface := session.Values["currentCluster"] if currentClusterInterface == nil { http.Redirect(w, r, "/", 301) return } currentCluster := currentClusterInterface.(*dal.ClusterRow) key := r.FormValue("Key") data := r.FormValue("Data") db := context.Get(r, "db").(*sqlx.DB) _, err := dal.NewMetadata(db).CreateOrUpdate(nil, currentCluster.ID, key, []byte(data)) if err != nil { libhttp.HandleErrorJson(w, err) return } http.Redirect(w, r, "/metadata", 301) }
func (b *BouncerHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { reqParams := BouncerParamsFromValues(req.URL.Query()) if reqParams.Product == "" { http.Redirect(w, req, "http://www.mozilla.org/", 302) return } if reqParams.OS == "" { reqParams.OS = DefaultOS } if reqParams.Lang == "" { reqParams.Lang = DefaultLang } isWinXpClient := isWindowsXPUserAgent(req.UserAgent()) // If the client is not WinXP and attribution_code is set, redirect to the stub service if b.StubRootURL != "" && reqParams.AttributionCode != "" && reqParams.AttributionSig != "" && !isWinXpClient { stubURL := b.stubAttributionURL(reqParams) http.Redirect(w, req, stubURL, 302) return } // HACKS // If the user is coming from windows xp or vista, send a sha1 // signed product // HACKS if reqParams.OS == "win" && isWinXpClient { reqParams.Product = sha1Product(reqParams.Product) } url, err := b.URL(reqParams.Lang, reqParams.OS, reqParams.Product) if err != nil { http.Error(w, "Internal Server Error.", http.StatusInternalServerError) log.Println(err) return } if url == "" { http.NotFound(w, req) return } if b.CacheTime > 0 { w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%d", b.CacheTime/time.Second)) } // If ?print=yes, print the resulting URL instead of 302ing if reqParams.PrintOnly { w.Header().Set("Content-Type", "text/plain") w.Write([]byte(url)) return } http.Redirect(w, req, url, 302) }
func index(w http.ResponseWriter, r *http.Request) { r.ParseForm() switch { case r.Method == "POST": name, url := r.Form["name"][0], r.Form["url"][0] //Mapping[name] = url add_url(DB, name, url) http.Redirect(w, r, url, 302) case r.URL.Path == "/": name := r.Form["name"] if len(name) > 0 { http.Redirect(w, r, "/"+name[0], 302) } else { t, _ := template.ParseFiles("index.html") context := make(map[string]string) t.Execute(w, context) } case r.URL.Path == "/list": mapping := make(map[string]string) list_urls(DB, &mapping) for name, url := range mapping { fmt.Fprintf(w, "%s: %s", name, url) } default: name := r.URL.Path[1:] //url := Mapping[name] url, err := get_url(DB, name) if err != nil { fmt.Fprintf(w, "Name not found") } else { http.Redirect(w, r, url, 302) } } }
func login(c *api.Context, w http.ResponseWriter, r *http.Request) { if !CheckBrowserCompatability(c, r) { return } params := mux.Vars(r) teamName := params["team"] var team *model.Team if tResult := <-api.Srv.Store.Team().GetByName(teamName); tResult.Err != nil { l4g.Error("Couldn't find team name=%v, err=%v", teamName, tResult.Err.Message) http.Redirect(w, r, api.GetProtocol(r)+"://"+r.Host, http.StatusTemporaryRedirect) return } else { team = tResult.Data.(*model.Team) } // We still might be able to switch to this team because we've logged in before _, session := api.FindMultiSessionForTeamId(r, team.Id) if session != nil { w.Header().Set(model.HEADER_TOKEN, session.Token) http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/channels/town-square", http.StatusTemporaryRedirect) return } page := NewHtmlTemplatePage("login", "Login") page.Props["TeamDisplayName"] = team.DisplayName page.Props["TeamName"] = team.Name if team.AllowOpenInvite { page.Props["InviteId"] = team.InviteId } page.Render(c, w) }
func UpdatePage(w http.ResponseWriter, r *http.Request) { if r.Method != "POST" { http.Error(w, "Method Not Allowed", 405) return } user, err := currentUser(r) if err != nil { http.Redirect(w, r, "/signin", 301) return } vars := mux.Vars(r) page_id, err := strconv.Atoi(vars["id"]) if err != nil { http.Error(w, err.Error(), 400) return } page, err := models.FindPage(page_id) if err != nil { http.Error(w, err.Error(), 500) return } if page == nil { http.Redirect(w, r, "/newpage?title="+vars["title"], 301) return } r.ParseForm() page.Title = r.Form["title"][0] page.Body = r.Form["body"][0] validation_errors, err := page.ValidationErrors() if err != nil { http.Error(w, err.Error(), 500) return } if len(validation_errors) != 0 { pages := []models.Page{*page} //TODO Show all errors o := ViewObject{CurrentUser: user, Pages: &pages, Error: validation_errors[0]} render(w, "edit_pages", o) return } err = page.Update() if err != nil { http.Error(w, err.Error(), 500) return } setFlash(w, r, "Page has updated.") http.Redirect(w, r, "/pages/"+page.Title, 301) return }
func login(res http.ResponseWriter, req *http.Request) { ctx := appengine.NewContext(req) id, err := getID(res, req) if err != nil { log.Errorf(ctx, "ERROR index getID: %s", err) http.Error(res, err.Error(), http.StatusInternalServerError) return } if req.Method == "POST" && req.FormValue("password") == "secret" { m, err := retrieveMemc(id, req) if err != nil { log.Errorf(ctx, "ERROR index retrieveMemc: %s", err) // expired cookie may exist on client http.Redirect(res, req, "/logout", http.StatusSeeOther) return } m.State = true m.Name = req.FormValue("name") m.ID = id cookie, err := currentVisitor(m, req) if err != nil { log.Errorf(ctx, "ERROR login currentVisitor: %s", err) http.Redirect(res, req, `/?id=`+cookie.Value, http.StatusSeeOther) return } http.SetCookie(res, cookie) http.Redirect(res, req, `/?id=`+cookie.Value, http.StatusSeeOther) return } tpl.ExecuteTemplate(res, "login.html", nil) }
func (me *mainObject) ServeHTTP(w http.ResponseWriter, r *http.Request) { if r.URL.Path == "/wake_up.php" { r.ParseForm() id, err := strconv.Atoi(r.Form.Get("ID")) if err == nil { me.wol(id) } http.Redirect(w, r, "/index.php", 302) return } if r.URL.Path == "/netstat.php" { r.ParseForm() id, err := strconv.Atoi(r.Form.Get("ID")) if err == nil { me.netstat(w, id) } return } if r.URL.Path != "/index.php" { http.Redirect(w, r, "/index.php", 302) return } err := me.t.Execute(w, me.n) if err != nil { panic(err) } }
// signout Revokes access for the user and removes the associated credentials from the datastore. func signoutHandler(w http.ResponseWriter, r *http.Request) error { if r.Method != "POST" { return nil } c := appengine.NewContext(r) userId, err := userID(r) if err != nil { return fmt.Errorf("Unable to retrieve user ID: %s", err) } if userId == "" { http.Redirect(w, r, "/auth", http.StatusFound) return nil } t := authTransport(c, userId) if t == nil { http.Redirect(w, r, "/auth", http.StatusFound) return nil } client := urlfetch.Client(c) _, err = client.Get(fmt.Sprintf(revokeEndpointFmt, t.Token.RefreshToken)) if err != nil { return fmt.Errorf("Unable to revoke token: %s", err) } storeUserID(w, r, "") deleteCredential(c, userId) http.Redirect(w, r, "/", http.StatusFound) return nil }
// URL: /a/{articleId}/comment // 评论文章 func commentAnArticleHandler(w http.ResponseWriter, r *http.Request) { if r.Method == "POST" { vars := mux.Vars(r) articleId := vars["articleId"] user, ok := currentUser(r) if !ok { http.Redirect(w, r, "/a/"+articleId, http.StatusFound) return } content := r.FormValue("content") html := r.FormValue("html") html = strings.Replace(html, "<pre>", `<pre class="prettyprint linenums">`, -1) Id_ := bson.NewObjectId() now := time.Now() comment := Comment{ Id_: Id_, UserId: user.Id_, Markdown: content, Html: template.HTML(html), CreatedAt: now, } c := db.C("articles") c.Update(bson.M{"_id": bson.ObjectIdHex(articleId)}, bson.M{"$addToSet": bson.M{"comments": comment}}) http.Redirect(w, r, "/a/"+articleId, http.StatusFound) } }
func logout(res http.ResponseWriter, req *http.Request, _ httprouter.Params) { ctx := appengine.NewContext(req) cookie, err := req.Cookie("session") // cookie is not set if err != nil { http.Redirect(res, req, "/", 302) return } // clear memcache sd := memcache.Item{ Key: cookie.Value, Value: []byte(""), Expiration: time.Duration(1 * time.Microsecond), } memcache.Set(ctx, &sd) // clear the cookie cookie.MaxAge = -1 http.SetCookie(res, cookie) // redirect http.Redirect(res, req, "/", 302) }
// match request against registered handlers, server http func (self *Multiplexer) ServeHTTP(w http.ResponseWriter, r *http.Request) { for _, h := range self.handlers[r.Method] { if params, ok := h.parse(r.URL.Path); ok { if len(params) > 0 { r.URL.RawQuery = url.Values(params).Encode() + "&" + r.URL.RawQuery } h.ServeHTTP(w, r) return } } allowed := make([]string, 0, len(self.handlers)) for method, handlers := range self.handlers { if method == r.Method { continue } for _, h := range handlers { if _, ok := h.parse(r.URL.Path); ok { allowed = append(allowed, method) } } } if len(allowed) == 0 { http.Redirect(w, r, "/error/404", 303) return } w.Header().Add("Allow", strings.Join(allowed, ", ")) http.Redirect(w, r, "/error/405", 303) }
func HomeGet(w http.ResponseWriter, r *http.Request) { // / handler for GET method request. // Renders a page only for users with valid sessionid cookie. // All the rest are redirected to /login . db := database.GetConnection() sessionid := cookies.GetCookieVal(r, "sessionid") username := cookies.UsernameFromCookie(sessionid) tablesize := cookies.GetCookieVal(r, "tablesize") pk, is_admin := database.GetPkAdmin(db, username) if username == "" || pk == -1 { // Gorilla failed to decode it. // Or user is not in the db. http.Redirect(w, r, "/login/", http.StatusFound) } else if is_admin { // Admin needs to be redirected to // administration site. http.Redirect(w, r, "/admin/", http.StatusFound) } else { // Render home. if tablesize == "small" { drawSmall(w, db, pk) } else { drawFull(w, db, pk) } } }
func (ia *importerAcct) serveHTTPPost(w http.ResponseWriter, r *http.Request) { // TODO: XSRF token switch r.FormValue("mode") { case "": // Nothing. case "start": ia.start() case "stop": ia.stop() case "login": ia.setup(w, r) return case "delete": ia.stop() // can't hurt if err := ia.delete(); err != nil { http.Error(w, err.Error(), 500) return } http.Redirect(w, r, ia.im.URL(), http.StatusFound) return default: http.Error(w, "Unknown mode", 400) return } http.Redirect(w, r, ia.AccountURL(), http.StatusFound) }
func ControllerUpdateAsset(w http.ResponseWriter, r *http.Request) { auth.CheckAuthCookie(w, r) vars := mux.Vars(r) id, _ := strconv.ParseInt(vars["id"], 10, 32) if r.Method == "POST" { err := r.ParseForm() if err != nil { // ERROR: Unable to read form data. log.Print("ERROR: Bad form data\n") http.Redirect(w, r, "/", 302) } else { asset := new(Asset) err := formDecoder.Decode(asset, r.PostForm) if err == nil { asset.Id = &id _ = UpdateAsset(asset) } else { fmt.Printf("%s\n", r.PostForm) fmt.Printf("%s\n", err) } http.Redirect(w, r, "/assets", 302) } } else { http.Redirect(w, r, "/assets", 302) } }
func showValve(w http.ResponseWriter, r *http.Request) { valve, err := models.GetValveById(helpers.Int32ValueFrom(r.URL.Query().Get(":valveId"), -1)) if err != nil { log.Println(err) http.Redirect(w, r, "/", 302) return } if valve == nil { http.Redirect(w, r, "/", 302) return } schedules, err := models.GetSchedulesForValve(valve) if err != nil { log.Println(err) http.Redirect(w, r, "/", 302) } err = templates["showValve"].Execute(w, map[string]interface{}{ "Schedules": schedules, "Valve": valve, }) return }
//PageCreate handles /admin/new_page route func PageCreate(w http.ResponseWriter, r *http.Request) { tmpl := shared.Template(r) session := shared.Session(r) data := shared.DefaultData(r) if r.Method == "GET" { data["Title"] = "New page" data["Active"] = "pages" data["Flash"] = session.Flashes() session.Save(r, w) tmpl.Lookup("pages/form").Execute(w, data) } else if r.Method == "POST" { page := &models.Page{ Name: r.PostFormValue("name"), Content: r.PostFormValue("content"), Published: shared.Atob(r.PostFormValue("published")), } if err := page.Insert(); err != nil { session.AddFlash(err.Error()) session.Save(r, w) http.Redirect(w, r, "/admin/new_page", 303) return } http.Redirect(w, r, "/admin/pages", 303) } else { err := fmt.Errorf("Method %q not allowed", r.Method) log.Printf("ERROR: %s\n", err) w.WriteHeader(405) tmpl.Lookup("errors/405").Execute(w, shared.ErrorData(err)) } }
func handleOAuth2Callback(config *oauth2.Config, s sessions.Session, w http.ResponseWriter, r *http.Request) { providedState := extractPath(r.URL.Query().Get("state")) //fmt.Printf("Got state from request %s\n", providedState) //verify that the provided state is the state we generated //if it is not, then redirect to the error page originalState := s.Get(keyState) //fmt.Printf("Got state from session %s\n", originalState) if providedState != originalState { //http.Redirect(w, r, PathError, http.StatusFound) //return } //next := s.Get(keyNextPage).(string) //fmt.Printf("Got a next page from the session: %s\n", next) next := "" code := r.URL.Query().Get("code") t, err := config.Exchange(oauth2.NoContext, code) if err != nil { // Pass the error message, or allow dev to provide its own // error handler. fmt.Println("There is some error in the code exchange") http.Redirect(w, r, PathError, http.StatusFound) return } // Store the credentials in the session. val, _ := json.Marshal(t) s.Set(KeyToken, maskval(val)) http.Redirect(w, r, next, http.StatusFound) }