// GetCookie retrieves and verifies the signed cookie value.
func GetCookie(r *http.Request, name string) string {
cookie, err := r.Cookie(name)
if err != nil {
return ""
}
return authcookie.Login(cookie.Value, secret)
}
func TeamMemberAccept(w http.ResponseWriter, r *http.Request, u *User) error {
// get the team name from the token
token := r.FormValue("token")
teamToken := authcookie.Login(token, secret)
teamId, err := strconv.Atoi(teamToken)
if err != nil || teamId == 0 {
return ErrInvalidTeamName
}
// get the team from the database
team, err := database.GetTeam(int64(teamId))
if err != nil {
return RenderError(w, err, http.StatusNotFound)
}
// add the user to the team.
// by default the user has write access to the team, which means
// they can add and manage new repositories.
if err := database.SaveMember(u.ID, team.ID, RoleWrite); err != nil {
return RenderError(w, err, http.StatusInternalServerError)
}
// send the user to the dashboard
http.Redirect(w, r, "/dashboard/team/"+team.Slug, http.StatusSeeOther)
return nil
}
func RegisterPost(w http.ResponseWriter, r *http.Request) error {
// verify the token and extract the username
token := r.FormValue("token")
email := authcookie.Login(token, secret)
if len(email) == 0 {
return RenderTemplate(w, "register.html", &struct{ Error string }{"Your registration email is expired."})
}
// set the email and name
user := NewUser(r.FormValue("name"), email)
// set the new password
password := r.FormValue("password")
if err := user.SetPassword(password); err != nil {
return RenderTemplate(w, "register.html", &struct{ Error string }{err.Error()})
}
// verify fields are correct
if err := user.Validate(); err != nil {
return RenderTemplate(w, "register.html", &struct{ Error string }{err.Error()})
}
// save to the database
if err := database.SaveUser(user); err != nil {
return err
}
// add the user to the session object
SetCookie(w, r, "_sess", user.Email)
// redirect the user to their dashboard
http.Redirect(w, r, "/dashboard", http.StatusSeeOther)
return nil
}
//判断cookie是否存在
func isCookieExist(w http.ResponseWriter, r *http.Request) bool {
cookie, err := r.Cookie(COOKIENAME)
if err == nil {
var cookieValue = cookie.Value
login := authcookie.Login(cookieValue, []byte(KEY))
if login != "" {
strBody, _ := setParams("/auth/login", 0, "ok", "")
w.Write(strBody)
return true
}
}
return false
}
func Read(ws *websocket.Conn) {
// get the name from the request
hash := ws.Request().FormValue("token")
// get the hash of the token
name := authcookie.Login(hash, secret)
// get the hub for the specified channel name
mu.RLock()
hub, ok := hubs[name]
mu.RUnlock()
// if hub not found, exit
if !ok {
ws.Close()
return
}
// internal representation of a connection
// maximum queue of 100000 messages
conn := &connection{
send: make(chan string, 100000),
ws: ws,
}
// register the connection with the hub
hub.register <- conn
defer func() {
go func() {
hub.unregister <- conn
}()
closed := <-hub.closed
// this will remove the hub when the connection is
// closed if the
if hub.autoClose && closed {
mu.Lock()
delete(hubs, name)
mu.Unlock()
}
}()
go conn.writer()
conn.reader()
}
// Wrap handler in complete context
func handleFunc(url string, handler func(*Context)) {
url = path.Join("/", url)
http.HandleFunc(
url,
func(w http.ResponseWriter, r *http.Request) {
if r.URL.Path != url {
http.NotFound(w, r)
return
}
q := &Context{
w: w,
r: r,
opt_db: make([]string, 0),
opt_dbmeta: make([]string, 0),
prefixes: make(map[string]bool),
myprefixes: make(map[string]bool),
protected: make(map[string]bool),
hasmeta: make(map[string]bool),
desc: make(map[string]string),
lines: make(map[string]int),
shared: make(map[string]string),
params: make(map[string]string),
}
// Maak verbinding met database
var err error
q.db, err = dbopen()
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
defer q.db.Close()
// Is de gebruiker ingelogd?
if auth, err := r.Cookie("paqu-auth"); err == nil {
s := strings.SplitN(authcookie.Login(auth.Value, []byte(getRemote(q)+Cfg.Secret)), "|", 2)
if len(s) == 2 {
q.user = s[1]
q.sec = s[0]
}
}
if q.user != "" {
rows, err := q.db.Query(fmt.Sprintf(
"SELECT SQL_CACHE `quotum` FROM `%s_users` WHERE `mail` = %q AND `sec` = %q", Cfg.Prefix, q.user, q.sec))
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
if !rows.Next() {
q.user = ""
} else {
err := rows.Scan(&q.quotum)
rows.Close()
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
q.auth = true
_, err = q.db.Exec(fmt.Sprintf("UPDATE `%s_users` SET `active` = NOW() WHERE `mail` = %q", Cfg.Prefix, q.user))
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
}
}
// Laad lijsten van corpora
q.ignore = make(map[string]bool)
if q.auth {
rows, err := q.db.Query(fmt.Sprintf("SELECT `prefix` FROM `%s_ignore` WHERE `user` = %q", Cfg.Prefix, q.user))
if err != nil {
http.Error(q.w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
for rows.Next() {
var s string
err := rows.Scan(&s)
if err != nil {
http.Error(q.w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
q.ignore[s] = true
}
}
s := "\"Z\""
where := ""
o := "2"
if q.auth {
s = fmt.Sprintf("IF(`i`.`owner` = \"none\", \"A\", IF(`i`.`owner` = %q, \"B\", \"C\"))", q.user)
where = fmt.Sprintf(" OR `c`.`user` = %q", q.user)
o = "7, 2"
}
rows, err := q.db.Query(fmt.Sprintf(
"SELECT SQL_CACHE `i`.`id`, `i`.`description`, `i`.`nline`, `i`.`owner`, `i`.`shared`, `i`.`params`, "+s+", `i`.`protected`, `i`.`hasmeta` "+
"FROM `%s_info` `i`, `%s_corpora` `c` "+
"WHERE `c`.`enabled` = 1 AND "+
"`i`.`status` = \"FINISHED\" AND `i`.`id` = `c`.`prefix` AND ( `c`.`user` = \"all\"%s ) "+
"ORDER BY "+o,
Cfg.Prefix,
Cfg.Prefix,
where))
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
var id, desc, owner, shared, params, group string
var zinnen, protected, hasmeta int
for rows.Next() {
err := rows.Scan(&id, &desc, &zinnen, &owner, &shared, ¶ms, &group, &protected, &hasmeta)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
if group == "C" {
if !q.ignore[id] {
q.opt_db = append(q.opt_db, fmt.Sprintf("C%s %s \u2014 %s \u2014 %s zinnen", id, desc, displayEmail(owner), iformat(zinnen)))
q.prefixes[id] = true
if hasmeta > 0 {
q.opt_dbmeta = append(q.opt_dbmeta, fmt.Sprintf("C%s %s \u2014 %s \u2014 %s zinnen",
id, desc, displayEmail(owner), iformat(zinnen)))
}
}
} else if q.auth || owner == "none" {
q.opt_db = append(q.opt_db, fmt.Sprintf("%s%s %s \u2014 %s zinnen", group, id, desc, iformat(zinnen)))
q.prefixes[id] = true
if hasmeta > 0 {
q.opt_dbmeta = append(q.opt_dbmeta, fmt.Sprintf("%s%s %s \u2014 %s zinnen", group, id, desc, iformat(zinnen)))
}
}
q.desc[id] = desc
q.lines[id] = zinnen
q.shared[id] = shared
q.params[id] = params
q.protected[id] = protected > 0
if hasmeta > 0 {
q.hasmeta[id] = true
}
if q.auth && owner == q.user {
q.myprefixes[id] = true
}
}
// Verwerk input
switch r.Method {
case "GET":
err = r.ParseForm()
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
case "POST":
if url != "/corsave" {
reader, err := r.MultipartReader()
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
q.form, err = reader.ReadForm(10 * 1024 * 1024)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
logerr(err)
return
}
}
default:
http.Error(w, "Methode "+r.Method+" is niet toegestaan", http.StatusMethodNotAllowed)
return
}
// Update login-cookies
setcookie(q)
handler(q)
})
}