// PostLogin performs login. func PostLogin(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") db := context.Get(r, "db").(*sqlx.DB) cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore) email := r.FormValue("Email") password := r.FormValue("Password") u := dal.NewUser(db) user, err := u.GetUserByEmailAndPassword(nil, email, password) if err != nil { libhttp.HandleErrorJson(w, err) return } session, _ := cookieStore.Get(r, "fpc-session") session.Values["user"] = user err = session.Save(r, w) if err != nil { libhttp.HandleErrorJson(w, err) return } http.Redirect(w, r, "/home", 302) }
func PostSignup(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") db := context.Get(r, "db").(*sqlx.DB) email := r.FormValue("Email") password := r.FormValue("Password") passwordAgain := r.FormValue("PasswordAgain") _, err := dal.NewUser(db).Signup(nil, email, password, passwordAgain) if err != nil { libhttp.HandleErrorJson(w, err) return } // Perform login PostLogin(w, r) }
func PutUsersID(w http.ResponseWriter, r *http.Request) { userId, err := getIdFromPath(w, r) if err != nil { libhttp.HandleErrorJson(w, err) return } db := context.Get(r, "db").(*sqlx.DB) cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore) session, _ := cookieStore.Get(r, "fpc-session") currentUser := session.Values["user"].(*dal.UserRow) if currentUser.ID != userId { err := errors.New("Modifying other user is not allowed.") libhttp.HandleErrorJson(w, err) return } email := r.FormValue("Email") password := r.FormValue("Password") passwordAgain := r.FormValue("PasswordAgain") u := dal.NewUser(db) currentUser, err = u.UpdateEmailAndPasswordById(nil, currentUser.ID, email, password, passwordAgain) if err != nil { libhttp.HandleErrorJson(w, err) return } // Update currentUser stored in session. session.Values["user"] = currentUser err = session.Save(r, w) if err != nil { libhttp.HandleErrorJson(w, err) return } http.Redirect(w, r, "/", 302) }