func changePass(w http.ResponseWriter, r *http.Request) {
page := NewPage()
page.File = "templates/change.html"
if r.Method != "POST" {
servePage(page, w, r)
return
}
err := r.ParseForm()
if err != nil {
serveErr(page, err, w, r)
return
}
user := r.Form.Get("user")
pass := r.Form.Get("pass")
new_pass := r.Form.Get("newpass")
confirm := r.Form.Get("confirm")
if new_pass != confirm {
err = fmt.Errorf("New passwords do not match.")
serveErr(page, err, w, r)
return
}
if !check_auth || !auth.Authenticate(user, pass) {
page.Msg = "Authentication failed."
page.ShowErr = true
servePage(page, w, r)
return
}
salt, hash := auth.HashPass(new_pass)
if len(salt) == 0 || len(hash) == 0 {
page.Msg = "Invalid password."
page.ShowErr = true
servePage(page, w, r)
return
}
err = dbChangePass(user, salt, hash)
if err != nil {
serveErr(page, err, w, r)
return
}
page.ShowMsg = true
page.Msg = "Password changed."
servePage(page, w, r)
}
func addUser(w http.ResponseWriter, r *http.Request) {
page := NewPage()
page.File = "templates/add.html"
if admin_user == "" {
err := fmt.Errorf("No administrative user specified.")
serveErr(page, err, w, r)
return
}
if r.Method != "POST" {
servePage(page, w, r)
return
}
err := r.ParseForm()
if err != nil {
serveErr(page, err, w, r)
return
}
user := r.Form.Get("user")
pass := r.Form.Get("pass")
if user != admin_user && !auth.Authenticate(user, pass) {
err = fmt.Errorf("Authentication failed.")
serveErr(page, err, w, r)
return
}
new_user := r.Form.Get("newuser")
new_pass := r.Form.Get("newpass")
salt, hash := auth.HashPass(new_pass)
if len(salt) == 0 || len(hash) == 0 {
page.Msg = "Invalid password."
page.ShowErr = true
servePage(page, w, r)
return
}
err = addUserToDb(new_user, salt, hash)
if err != nil {
serveErr(page, err, w, r)
} else {
page.Msg = "User added."
page.ShowMsg = true
servePage(page, w, r)
}
}
// Initialise security options
func initSecurity(cfgSec map[string]string) {
if cfgSec == nil {
return
}
for key, val := range cfgSec {
key = strings.ToLower(key)
switch key {
case "username":
Security.User.Name = val
case "password":
salt, hash := auth.HashPass(val)
Security.User.Salt = salt
Security.User.Hash = hash
case "lockview":
Security.AuthView = true
case "certfile":
Security.TLS.Cert = val
case "keyfile":
Security.TLS.Key = val
}
}
if Security.TLS.Key != "" && Security.TLS.Cert != "" {
Security.TLS.Enabled = true
}
if len(Security.User.Hash) != 0 && len(Security.User.Salt) != 0 {
Security.Enabled = true
Security.SessionStore = auth.CreateSessionStore(
"gowik_as",
Security.TLS.Enabled,
nil,
)
auth.LookupCredentials = authenticate
}
}