func (this *RegistrationController) Register(login, password, email, role string) (result string, regId int) {
result = "ok"
salt := strconv.Itoa(int(time.Now().Unix()))
pass := utils.GetMD5Hash(password + salt)
passHasInvalidChars := false
for i := 0; i < len(password); i++ {
if strconv.IsPrint(rune(password[i])) == false {
passHasInvalidChars = true
break
}
}
if db.IsExists("users", []string{"login"}, []interface{}{login}) == true {
result = "loginExists"
} else if !utils.MatchRegexp("^[a-zA-Z0-9]{2,36}$", login) {
result = "badLogin"
} else if !utils.MatchRegexp("^.{6,36}$", password) || passHasInvalidChars {
result = "badPassword"
// } else if bad email {
} else {
token := utils.GetRandSeq(HASH_SIZE)
if !mailer.SendConfirmEmail(login, email, token) {
return "badEmail", -1
}
var userId int
this.GetModel("users").
LoadModelData(map[string]interface{}{
"login": login,
"pass": pass,
"salt": salt,
"role": role,
"token": token,
"enabled": false}).
QueryInsert("RETURNING id").
Scan(&userId)
var faceId int
this.GetModel("faces").
LoadModelData(map[string]interface{}{"user_id": userId}).
QueryInsert("RETURNING id").
Scan(&faceId)
this.GetModel("registrations").
LoadModelData(map[string]interface{}{"face_id": faceId, "event_id": 1, "status": false}).
QueryInsert("RETURNING id").
Scan(®Id)
return result, regId
}
return result, -1
}
func (this *UserController) ResetPassword() {
userId, err := this.CheckSid()
if err != nil {
http.Redirect(this.Response, this.Request, "/", http.StatusUnauthorized)
return
}
request, err := utils.ParseJS(this.Request, this.Response)
if err != nil {
utils.SendJSReply(err.Error(), this.Response)
return
}
pass := request["pass"].(string)
if !utils.MatchRegexp("^.{6,36}$", pass) {
utils.SendJSReply(map[string]interface{}{"result": "badPassword"}, this.Response)
return
}
var id int
if request["id"] == nil {
id = userId
} else {
id, err = strconv.Atoi(request["id"].(string))
if utils.HandleErr("[UserController::ResetPassword] strconv.Atoi: ", err, this.Response) {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
}
var enabled bool
salt := strconv.Itoa(int(time.Now().Unix()))
where := map[string]interface{}{"id": id}
user := this.GetModel("users")
user.LoadWherePart(where).
SelectRow([]string{"enabled"}).
Scan(&enabled)
params := map[string]interface{}{"enabled": enabled, "salt": salt, "pass": utils.GetMD5Hash(pass + salt)}
user.Update(this.isAdmin(), id, params, where)
utils.SendJSReply(map[string]interface{}{"result": "ok"}, this.Response)
}
func (this *RegistrationController) Login() {
data, err := utils.ParseJS(this.Request, this.Response)
if utils.HandleErr("[RegistrationController::Login]: ", err, this.Response) {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
login := data["login"].(string)
pass := data["password"].(string)
var id int
var enabled bool
var passHash, salt string
result := make(map[string]interface{}, 1)
if err = this.GetModel("users").
LoadWherePart(map[string]interface{}{"login": login}).
SelectRow([]string{"id", "pass", "salt", "enabled"}).
Scan(&id, &passHash, &salt, &enabled); err != nil {
result["result"] = "invalidCredentials"
} else if enabled == false {
result["result"] = "notEnabled"
} else if passHash != utils.GetMD5Hash(pass+salt) {
result["result"] = "badPassword"
} else {
result["result"] = "ok"
sid := utils.GetRandSeq(HASH_SIZE)
params := map[string]interface{}{"sid": sid, "enabled": true}
where := map[string]interface{}{"id": id}
this.GetModel("users").Update(this.isAdmin(), id, params, where)
sessions.SetSession(this.Response, map[string]interface{}{"sid": sid})
}
utils.SendJSReply(result, this.Response)
}