// PostLogin performs login. func PostLogin(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") db := context.Get(r, "db").(*sqlx.DB) cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore) email := r.FormValue("Email") password := r.FormValue("Password") u := dal.NewUser(db) user, err := u.GetUserByEmailAndPassword(nil, email, password) if err != nil { libhttp.HandleErrorJson(w, err) return } session, _ := cookieStore.Get(r, "fpc-session") session.Values["user"] = user err = session.Save(r, w) if err != nil { libhttp.HandleErrorJson(w, err) return } http.Redirect(w, r, "/home", 302) }
func PutUsersID(w http.ResponseWriter, r *http.Request) { userId, err := getIdFromPath(w, r) if err != nil { libhttp.HandleErrorJson(w, err) return } db := context.Get(r, "db").(*sqlx.DB) cookieStore := context.Get(r, "cookieStore").(*sessions.CookieStore) session, _ := cookieStore.Get(r, "fpc-session") currentUser := session.Values["user"].(*dal.UserRow) if currentUser.ID != userId { err := errors.New("Modifying other user is not allowed.") libhttp.HandleErrorJson(w, err) return } email := r.FormValue("Email") password := r.FormValue("Password") passwordAgain := r.FormValue("PasswordAgain") u := dal.NewUser(db) currentUser, err = u.UpdateEmailAndPasswordById(nil, currentUser.ID, email, password, passwordAgain) if err != nil { libhttp.HandleErrorJson(w, err) return } // Update currentUser stored in session. session.Values["user"] = currentUser err = session.Save(r, w) if err != nil { libhttp.HandleErrorJson(w, err) return } http.Redirect(w, r, "/", 302) }
func GetLoginWithoutSession(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") tmpl, err := template.ParseFiles("templates/users/login-signup-parent.html.tmpl", "templates/users/login.html.tmpl") if err != nil { libhttp.HandleErrorJson(w, err) return } tmpl.Execute(w, nil) }
func PostProduct(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") db := context.Get(r, "db").(*sqlx.DB) name := r.FormValue("Name") roastDate, err := time.Parse("2006-01-02 03:04", r.FormValue("RoastDate")) description := r.FormValue("Description") price, err := strconv.ParseFloat(r.FormValue("Price"), 64) if err != nil { libhttp.HandleErrorJson(w, err) return } _, err = dal.NewProduct(db).InsertNewProduct(nil, name, description, roastDate, price) if err != nil { libhttp.HandleErrorJson(w, err) return } http.Redirect(w, r, "/schedule", 302) }
func PostSignup(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") db := context.Get(r, "db").(*sqlx.DB) email := r.FormValue("Email") password := r.FormValue("Password") passwordAgain := r.FormValue("PasswordAgain") _, err := dal.NewUser(db).Signup(nil, email, password, passwordAgain) if err != nil { libhttp.HandleErrorJson(w, err) return } // Perform login PostLogin(w, r) }
func GetSchedule(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") db := context.Get(r, "db").(*sqlx.DB) p := dal.NewProduct(db) products, err := p.AllProducts(nil) data := struct { ProductRows []*dal.ProductRow }{ products, } tmpl, err := template.ParseFiles("templates/schedule.html.tmpl", "templates/home.html.tmpl") if err != nil { libhttp.HandleErrorJson(w, err) return } tmpl.Execute(w, data) }
func DeleteUsersID(w http.ResponseWriter, r *http.Request) { err := errors.New("DELETE method is not implemented.") libhttp.HandleErrorJson(w, err) return }