示例#1
0
func (this *RegistrationController) Register(login, password, email, role string) (result string, regId int) {
	result = "ok"
	salt := strconv.Itoa(int(time.Now().Unix()))
	pass := utils.GetMD5Hash(password + salt)

	passHasInvalidChars := false
	for i := 0; i < len(password); i++ {
		if strconv.IsPrint(rune(password[i])) == false {
			passHasInvalidChars = true
			break
		}
	}

	if db.IsExists("users", []string{"login"}, []interface{}{login}) == true {
		result = "loginExists"

	} else if !utils.MatchRegexp("^[a-zA-Z0-9]{2,36}$", login) {
		result = "badLogin"

	} else if !utils.MatchRegexp("^.{6,36}$", password) || passHasInvalidChars {
		result = "badPassword"

		// } else if bad email {

	} else {
		token := utils.GetRandSeq(HASH_SIZE)

		if !mailer.SendConfirmEmail(login, email, token) {
			return "badEmail", -1
		}

		var userId int
		this.GetModel("users").
			LoadModelData(map[string]interface{}{
				"login":   login,
				"pass":    pass,
				"salt":    salt,
				"role":    role,
				"token":   token,
				"enabled": false}).
			QueryInsert("RETURNING id").
			Scan(&userId)

		var faceId int
		this.GetModel("faces").
			LoadModelData(map[string]interface{}{"user_id": userId}).
			QueryInsert("RETURNING id").
			Scan(&faceId)

		this.GetModel("registrations").
			LoadModelData(map[string]interface{}{"face_id": faceId, "event_id": 1, "status": false}).
			QueryInsert("RETURNING id").
			Scan(&regId)

		return result, regId
	}

	return result, -1
}
示例#2
0
func (this *UserController) ResetPassword() {
	userId, err := this.CheckSid()
	if err != nil {
		http.Redirect(this.Response, this.Request, "/", http.StatusUnauthorized)
		return
	}

	request, err := utils.ParseJS(this.Request, this.Response)
	if err != nil {
		utils.SendJSReply(err.Error(), this.Response)
		return
	}

	pass := request["pass"].(string)
	if !utils.MatchRegexp("^.{6,36}$", pass) {
		utils.SendJSReply(map[string]interface{}{"result": "badPassword"}, this.Response)
		return
	}

	var id int
	if request["id"] == nil {
		id = userId

	} else {
		id, err = strconv.Atoi(request["id"].(string))
		if utils.HandleErr("[UserController::ResetPassword] strconv.Atoi: ", err, this.Response) {
			utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
			return
		}
	}

	var enabled bool
	salt := strconv.Itoa(int(time.Now().Unix()))
	where := map[string]interface{}{"id": id}

	user := this.GetModel("users")
	user.LoadWherePart(where).
		SelectRow([]string{"enabled"}).
		Scan(&enabled)

	params := map[string]interface{}{"enabled": enabled, "salt": salt, "pass": utils.GetMD5Hash(pass + salt)}
	user.Update(this.isAdmin(), id, params, where)

	utils.SendJSReply(map[string]interface{}{"result": "ok"}, this.Response)
}
示例#3
0
func (this *RegistrationController) Login() {
	data, err := utils.ParseJS(this.Request, this.Response)
	if utils.HandleErr("[RegistrationController::Login]: ", err, this.Response) {
		utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)

		return
	}

	login := data["login"].(string)
	pass := data["password"].(string)

	var id int
	var enabled bool
	var passHash, salt string
	result := make(map[string]interface{}, 1)

	if err = this.GetModel("users").
		LoadWherePart(map[string]interface{}{"login": login}).
		SelectRow([]string{"id", "pass", "salt", "enabled"}).
		Scan(&id, &passHash, &salt, &enabled); err != nil {
		result["result"] = "invalidCredentials"

	} else if enabled == false {
		result["result"] = "notEnabled"

	} else if passHash != utils.GetMD5Hash(pass+salt) {
		result["result"] = "badPassword"

	} else {
		result["result"] = "ok"

		sid := utils.GetRandSeq(HASH_SIZE)
		params := map[string]interface{}{"sid": sid, "enabled": true}
		where := map[string]interface{}{"id": id}
		this.GetModel("users").Update(this.isAdmin(), id, params, where)
		sessions.SetSession(this.Response, map[string]interface{}{"sid": sid})
	}

	utils.SendJSReply(result, this.Response)
}