func (s *Server) changePassword(w http.ResponseWriter, r *http.Request) {
user, _ := getUser(r)
decoder := &decoders.NewPassword{}
if err := decoders.Decode(r, decoder); err != nil {
s.abort(w, r, err)
return
}
// validate old password first
if !user.CheckPassword(decoder.OldPassword) {
errors := decoders.Errors{
"oldPassword": "******",
}
s.abort(w, r, errors)
return
}
user.SetPassword(decoder.NewPassword)
if err := s.DB.Users.UpdatePassword(user.Password, user.ID); err != nil {
s.abort(w, r, err)
return
}
s.Render.Text(w, http.StatusOK, "password updated")
}
func (s *Server) recoverPassword(w http.ResponseWriter, r *http.Request) {
// generate a temp password
decoder := &decoders.RecoverPassword{}
if err := decoders.Decode(r, decoder); err != nil {
s.abort(w, r, err)
return
}
user, err := s.DB.Users.GetByNameOrEmail(decoder.Identifier)
if err != nil {
if err == sql.ErrNoRows {
errors := decoders.Errors{
"identifier": "No user found matching this email or name",
}
s.abort(w, r, errors)
return
}
s.abort(w, r, err)
return
}
tempPassword := generateRandomPassword(6)
user.SetPassword(tempPassword)
if err := s.DB.Users.UpdatePassword(user.Password, user.ID); err != nil {
s.abort(w, r, err)
return
}
data := map[string]string{
"name": user.Name,
"tempPassword": tempPassword,
"host": r.Host,
}
go func(to string, data map[string]string) {
err := s.Mailer.SendFromTemplate(
"*****@*****.**",
[]string{to},
"Your new password",
"recover_password.tmpl",
data,
)
if err != nil {
s.Log.Error(err)
}
}(user.Email, data)
s.Render.Text(w, http.StatusOK, "password sent")
}
func (s *Server) login(w http.ResponseWriter, r *http.Request) {
decoder := &decoders.Login{}
if err := decoders.Decode(r, decoder); err != nil {
s.abort(w, r, err)
return
}
user, err := s.DB.Users.GetByNameOrEmail(decoder.Identifier)
if err != nil {
if err == sql.ErrNoRows {
errors := decoders.Errors{
"identifier": "No user found matching this name or email",
}
s.abort(w, r, errors)
return
}
s.abort(w, r, err)
return
}
if !user.CheckPassword(decoder.Password) {
errors := decoders.Errors{
"password": "******",
}
s.abort(w, r, errors)
return
}
// get bookmarks & subscriptions
if user.Bookmarks, err = s.DB.Bookmarks.SelectByUserID(user.ID); err != nil {
s.abort(w, r, err)
return
}
if user.Subscriptions, err = s.DB.Subscriptions.SelectByUserID(user.ID); err != nil {
s.abort(w, r, err)
return
}
// login user
s.setAuthCookie(w, user.ID)
// tbd: no need to return user!
s.Render.JSON(w, http.StatusOK, user)
}
func (s *Server) signup(w http.ResponseWriter, r *http.Request) {
decoder := &decoders.Signup{}
if err := decoders.Decode(r, decoder); err != nil {
s.abort(w, r, err)
return
}
errors := make(decoders.Errors)
if exists, _ := s.DB.Users.IsEmail(decoder.Email, 0); exists {
errors["email"] = "This email address is taken"
}
if exists, _ := s.DB.Users.IsName(decoder.Name); exists {
errors["name"] = "This name is taken"
}
if len(errors) > 0 {
s.abort(w, r, errors)
return
}
// make new user
user := &models.User{
Name: decoder.Name,
Email: decoder.Email,
}
if err := user.SetPassword(decoder.Password); err != nil {
s.abort(w, r, err)
return
}
if err := s.DB.Users.Create(user); err != nil {
s.abort(w, r, err)
return
}
s.setAuthCookie(w, user.ID)
// tbd: no need to return user!
s.Render.JSON(w, http.StatusCreated, user)
}
func changeEmail(s *Server, w http.ResponseWriter, r *http.Request) error {
user, _ := getUser(r)
decoder := &decoders.NewEmail{}
if err := decoders.Decode(r, decoder); err != nil {
return err
}
// does this email exist?
if exists, _ := s.DB.Users.IsEmail(decoder.Email, user.ID); exists {
errors := decoders.Errors{
"email": "This email address is taken",
}
return errors
}
if err := s.DB.Users.UpdateEmail(decoder.Email, user.ID); err != nil {
return err
}
return s.Render.Text(w, http.StatusOK, "email updated")
}
func addChannel(s *Server, w http.ResponseWriter, r *http.Request) error {
decoder := &decoders.NewChannel{}
if err := decoders.Decode(r, decoder); err != nil {
return err
}
user, _ := getUser(r)
channel, err := s.DB.Channels.GetByURL(decoder.URL)
isNewChannel := false
if err != nil {
if isErrNoRows(err) {
isNewChannel = true
} else {
return err
}
}
tx, err := s.DB.Begin()
if err != nil {
return err
}
if isNewChannel {
channel = &models.Channel{
URL: decoder.URL,
}
if err := s.Feedparser.Fetch(channel); err != nil {
if err == feedparser.ErrInvalidFeed {
err = decoders.Errors{
"url": "Sorry, we were unable to handle this feed, or the feed did not appear to contain any podcasts.",
}
}
return err
}
if err := s.DB.Channels.Create(channel); err != nil {
return err
}
for _, p := range channel.Podcasts {
p.ChannelID = channel.ID
if err := s.DB.Podcasts.Create(p); err != nil {
return err
}
}
}
if err := s.DB.Subscriptions.Create(channel.ID, user.ID); err != nil {
return err
}
if err := tx.Commit(); err != nil {
return err
}
var status int
if isNewChannel {
status = http.StatusCreated
} else {
status = http.StatusOK
}
return s.Render.JSON(w, status, channel)
}