func (this *MainController) Register() { this.activeContent("user/register") if this.Ctx.Input.Method() == "POST" { flash := beego.NewFlash() u := user1{} if err := this.ParseForm(&u); err != nil { fmt.Println("cannot parse form") return } this.Data["User"] = u valid := validation.Validation{} if b, _ := valid.Valid(&u); !b { this.Data["Errors"] = valid.ErrorsMap return } if u.Password != u.Confirm { flash.Error("Passwords don't match") flash.Store(&this.Controller) return } h := pk.HashPassword(u.Password) //******** Save user info to database o := orm.NewOrm() o.Using("default") user := models.AuthUser{First: u.First, Last: u.Last, Email: u.Email} // Convert password hash to string user.Password = hex.EncodeToString(h.Hash) + hex.EncodeToString(h.Salt) // Add user to database with new uuid and send verification email key := uuid.NewV4() user.Reg_key = key.String() _, err := o.Insert(&user) if err != nil { flash.Error(u.Email + " already registered") flash.Store(&this.Controller) return } domainname := this.Data["domainname"] if !this.sendVerification(u.Email, key.String(), domainname.(string)) { flash.Error("Unable to send verification email") flash.Store(&this.Controller) return } flash.Notice("Your account has been created. You must verify the account in your email.") flash.Store(&this.Controller) this.Redirect("/notice", 302) } }
func (this *MainController) Reset() { this.activeContent("user/reset") flash := beego.NewFlash() u := this.Ctx.Input.Param(":uuid") o := orm.NewOrm() o.Using("default") user := models.AuthUser{Reset_key: u} err := o.Read(&user, "Reset_key") if err == nil { if this.Ctx.Input.Method() == "POST" { password := this.GetString("password") password2 := this.GetString("password2") valid := validation.Validation{} valid.MinSize(password, 6, "password") valid.Required(password2, "password2") if valid.HasErrors() { errormap := make(map[string]string) for _, err := range valid.Errors { errormap[err.Key] = err.Message } this.Data["Errors"] = errormap return } if password != password2 { flash.Error("Passwords don't match") flash.Store(&this.Controller) return } h := pk.HashPassword(password) // Convert password hash to string user.Password = hex.EncodeToString(h.Hash) + hex.EncodeToString(h.Salt) user.Reset_key = "" if _, err := o.Update(&user); err != nil { flash.Error("Internal error") flash.Store(&this.Controller) return } flash.Notice("Password updated.") flash.Store(&this.Controller) this.Redirect("/notice", 302) } } else { flash.Notice("Invalid key.") flash.Store(&this.Controller) this.Redirect("/notice", 302) } }
func (this *MainController) Profile() { this.activeContent("user/profile") //******** This page requires login sess := this.GetSession("acme") if sess == nil { this.Redirect("/user/login/home", 302) return } m := sess.(map[string]interface{}) flash := beego.NewFlash() //******** Read password hash from database var x pk.PasswordHash x.Hash = make([]byte, 32) x.Salt = make([]byte, 16) o := orm.NewOrm() o.Using("default") user := models.AuthUser{Email: m["username"].(string)} err := o.Read(&user, "Email") if err == nil { // scan in the password hash/salt if x.Hash, err = hex.DecodeString(user.Password[:64]); err != nil { fmt.Println("ERROR:", err) } if x.Salt, err = hex.DecodeString(user.Password[64:]); err != nil { fmt.Println("ERROR:", err) } } else { flash.Error("Internal error") flash.Store(&this.Controller) return } if this.Ctx.Input.Method() == "POST" { u := user2{} if err := this.ParseForm(&u); err != nil { fmt.Println("cannot parse form") return } this.Data["User"] = u valid := validation.Validation{} if b, _ := valid.Valid(&u); !b { this.Data["Errors"] = valid.ErrorsMap return } password := this.GetString("password") password2 := this.GetString("password2") if password != "" { valid.MinSize(password, 6, "password") valid.Required(password2, "password2") if valid.HasErrors() { errormap := make(map[string]string) for _, err := range valid.Errors { errormap[err.Key] = err.Message } this.Data["Errors"] = errormap return } if password != password2 { flash.Error("Passwords don't match") flash.Store(&this.Controller) return } h := pk.HashPassword(password) // Convert password hash to string user.Password = hex.EncodeToString(h.Hash) + hex.EncodeToString(h.Salt) } //******** Compare submitted password with database if !pk.MatchPassword(u.Current, &x) { flash.Error("Bad current password") flash.Store(&this.Controller) return } //******** Save user info to database user.First = u.First user.Last = u.Last user.Email = u.Email _, err := o.Update(&user) if err == nil { flash.Notice("Profile updated") flash.Store(&this.Controller) m["username"] = u.Email } else { flash.Error("Internal error") flash.Store(&this.Controller) return } } else { this.Data["User"] = user } }