func SettingsPost(w http.ResponseWriter, r *http.Request) {
// /settings POST method handler.
// Validates the form,
db := database.GetConnection()
sessionid := cookies.GetCookieVal(r, "sessionid")
username := cookies.UsernameFromCookie(sessionid)
if username != "" {
pass, _ := database.GetPassword(db, username)
newPassword := r.FormValue("new")
repeat := r.FormValue("repeat")
oldPassword := r.FormValue("old")
if password.Authenticate(oldPassword, pass) && len(newPassword) > 5 && newPassword == repeat {
hashed := password.NewPassword(newPassword)
database.ChangePassword(db, username, hashed)
log.Printf("USER (%s) CHANGED PASSWORD\n", username)
}
}
http.Redirect(w, r, "/login", http.StatusFound)
}
func HomeGet(w http.ResponseWriter, r *http.Request) {
// / handler for GET method request.
// Renders a page only for users with valid sessionid cookie.
// All the rest are redirected to /login .
db := database.GetConnection()
sessionid := cookies.GetCookieVal(r, "sessionid")
username := cookies.UsernameFromCookie(sessionid)
tablesize := cookies.GetCookieVal(r, "tablesize")
pk, is_admin := database.GetPkAdmin(db, username)
if username == "" || pk == -1 {
// Gorilla failed to decode it.
// Or user is not in the db.
http.Redirect(w, r, "/login/", http.StatusFound)
} else if is_admin {
// Admin needs to be redirected to
// administration site.
http.Redirect(w, r, "/admin/", http.StatusFound)
} else {
// Render home.
if tablesize == "small" {
drawSmall(w, db, pk)
} else {
drawFull(w, db, pk)
}
}
}
func GuessesGet(w http.ResponseWriter, r *http.Request) {
// /guesses handler for GET method request.
// Renders a page only for users with valid sessionid cookie.
// All the rest are redirected to /login .
db := database.GetConnection()
sessionid := cookies.GetCookieVal(r, "sessionid")
username := cookies.UsernameFromCookie(sessionid)
pk, is_admin := database.GetPkAdmin(db, username)
if username == "" || pk == -1 {
// Gorilla failed to decode it.
// Or encoded username does not exist in db.
http.Redirect(w, r, "/login/", http.StatusFound)
} else if is_admin {
http.Redirect(w, r, "/admin/", http.StatusFound)
} else {
// Fetches users guesses from the db and gets data for
// result submit dropbox.
var F models.GuessContext
F.OpenGames = database.GamesList(db, "open")
F.Guesses = database.UsersGuesses(db, pk)
F.Error = false
templates.Render(w, "guesses", F)
}
}
func LoginPost(w http.ResponseWriter, r *http.Request) {
// /login handler for POST request.
// Tries to validate user.
// If email / password is OK,
// new sessionid cookie is set and user is redirected to / .
db := database.GetConnection()
username := r.FormValue("username")
username = strings.ToLower(username)
pass := r.FormValue("password")
remember := r.FormValue("remember") == "1"
hashed, _ := database.GetPassword(db, username)
if password.Authenticate(pass, hashed) {
// Valid password.
sessionid := cookies.GenerateSessionId(username)
cookies.SetSessionId(w, sessionid, remember)
http.Redirect(w, r, "/", http.StatusFound)
log.Printf("LOGGED IN (%s)\n", username)
} else {
context := loginContext{username, config.Config.Register, true}
templates.Render(w, "login", context)
}
}
func AutoGameClose() {
db := database.GetConnection()
toClose := database.GamesToClose(db)
if len(toClose) > 0 {
for _, pk := range toClose {
database.CloseGame(db, pk)
log.Printf("AUTO CLOSED %s\n", pk)
}
}
}
func GuessesPost(w http.ResponseWriter, r *http.Request) {
// /guesses POST method.
// Checks if user trying to submit is in valid.
db := database.GetConnection()
sessionid := cookies.GetCookieVal(r, "sessionid")
username := cookies.UsernameFromCookie(sessionid)
var guess models.Guess
guess.Userpk, _ = database.GetPkAdmin(db, username)
var F models.GuessContext
F.OpenGames = database.GamesList(db, "open")
F.Guesses = database.UsersGuesses(db, guess.Userpk)
F.Error = false
if username == "" || guess.Userpk < 0 {
// Gorilla failed to decode it.
http.Redirect(w, r, "/login/", http.StatusFound)
} else {
var nr int
var err error
//Extract data from request and check if form is valid.
if utils.ExtractResult(r.FormValue("result_2"), &guess.Result1, &guess.Result2) ||
utils.ExtractResult(r.FormValue("result_1"), &guess.Result1, &guess.Result2) {
if guess.Result1 < 0 || guess.Result2 < 0 {
F.Error = true
}
} else {
nr, err = fmt.Sscanf(r.FormValue("result_1"), "%d", &guess.Result1)
if nr != 1 || err != nil || guess.Result1 < 0 {
F.Error = true
}
nr, err = fmt.Sscanf(r.FormValue("result_2"), "%d", &guess.Result2)
if nr != 1 || err != nil || guess.Result2 < 0 {
F.Error = true
}
}
nr, err = fmt.Sscanf(r.FormValue("game-id"), "%d", &guess.Gamepk)
if nr != 1 || err != nil {
F.Error = true
}
if F.Error {
templates.Render(w, "guesses", F)
} else {
// Submit a guess.
database.GiveResult(db, &guess)
http.Redirect(w, r, "/guesses/", http.StatusFound)
log.Printf("GUESS BY (%d). GAME (%d)\n", guess.Userpk, guess.Gamepk)
}
}
}
func RegisterPost(w http.ResponseWriter, r *http.Request) {
// /register POST method handler.
// Validates the form,
// check's if username is availible,
// and then creates a user and redirects to
// /login .
db := database.GetConnection()
var user models.User
// Model out of form data.
user.Email = r.FormValue("email")
user.Email = strings.ToLower(user.Email)
user.Password = r.FormValue("password")
user.Firstname = r.FormValue("firstname")
if len(user.Firstname) > 0 {
user.Firstname = strings.ToUpper(user.Firstname[0:1]) + strings.ToLower(user.Firstname[1:])
}
user.Lastname = r.FormValue("lastname")
if len(user.Lastname) > 0 {
user.Lastname = strings.ToUpper(user.Lastname[0:1]) + strings.ToLower(user.Lastname[1:])
}
repeat := r.FormValue("repeat")
var old models.RegisterContext
// Model for return form.
// In case there the data wasn't valid
old.Firstname = user.Firstname
old.Lastname = user.Lastname
old.Email = user.Email
old.Flag = user.UserValidate(repeat)
if old.Flag != "" {
templates.Render(w, "register", old)
return
}
pass, _ := database.GetPassword(db, user.Email)
// Checks if user exists.
if pass != "" {
old.Flag = "Vartotojas su šiuo el. pašto adresu jau egzistuoja."
templates.Render(w, "register", old)
return
}
user.Password = password.NewPassword(user.Password)
database.CreateUser(db, &user)
// Creates a user in the db.
http.Redirect(w, r, "/login", http.StatusFound)
log.Printf("USER CREATED (%s)\n", user.Email)
}
func ForgotGet(w http.ResponseWriter, r *http.Request) {
forgotKey := r.URL.RawQuery
db := database.GetConnection()
if forgotKey == "" {
// A simple GET for the form.
templates.Render(w, "forgot", nil)
} else if database.CheckRecovery(db, forgotKey) {
// Render recover page.
templates.Render(w, "recover", forgotKey)
} else {
// Redirect to login.
http.Redirect(w, r, "/login/", http.StatusFound)
}
}
func AdminGet(w http.ResponseWriter, r *http.Request) {
// /admin GET method handler.
// Just render's the form.
db := database.GetConnection()
sessionid := cookies.GetCookieVal(r, "sessionid")
username := cookies.UsernameFromCookie(sessionid)
_, is_admin := database.GetPassword(db, username)
if !is_admin {
http.Redirect(w, r, "/login/", http.StatusFound)
} else {
var F models.AdminContext
F.OpenGames = database.GamesList(db, "open")
F.NotFinish = database.GamesList(db, "finish")
templates.Render(w, "admin", F)
}
}
func ForgotPost(w http.ResponseWriter, r *http.Request) {
forgotKey := r.URL.RawQuery
db := database.GetConnection()
if forgotKey == "" {
// Initial forgot submit.
email := r.FormValue("email")
pk, _ := database.GetPkAdmin(db, email)
if pk != -1 {
if !database.RecoveryExists(db, pk) {
// Send out an email.
key := utils.GenRecoveryKey()
msg := utils.Message{email,
"Slaptažodio atkūrimas",
fmt.Sprintf("Norėdami atkurti slaptažodį eikite į:\n\nhttp://futbolas.aivaras.in/forgot/?%s\n\nŠi nuoroda galios dvi dienas.", key)}
go recovery(db, msg, pk, key)
log.Printf("An email was sent to %s\n", email)
templates.Render(w, "forgot", nil)
} else {
// The recovery already exists.
templates.Render(w, "forgot", nil)
}
} else {
// User non existing.
templates.Render(w, "forgot", nil)
}
} else {
// Actual recovery.
newPassword := r.FormValue("new")
repeat := r.FormValue("repeat")
if len(newPassword) < 6 || newPassword != repeat {
// Bad password
templates.Render(w, "recover", forgotKey)
} else {
hashed := password.NewPassword(newPassword)
database.DoRecover(db, forgotKey, hashed)
http.Redirect(w, r, "/login", http.StatusFound)
log.Printf("KEY (%s) RESET PASSWORD\n", forgotKey)
}
}
}
func AdminPost(w http.ResponseWriter, r *http.Request) {
// /admin POST method handler.
db := database.GetConnection()
sessionid := cookies.GetCookieVal(r, "sessionid")
username := cookies.UsernameFromCookie(sessionid)
_, is_admin := database.GetPassword(db, username)
option := r.FormValue("sending")
// Each html form has a hidden input which
// is sent only when a specific form is submited.
var F models.AdminContext
F.CloseF = false
F.EndF = false
if is_admin {
switch option {
case "addGame":
// Creating a game and sending it into db.
var game models.Game
var err error
game.Team1 = r.FormValue("team1")
game.Team2 = r.FormValue("team2")
game.Starts, err = time.Parse("2006-01-02 15:04", r.FormValue("starts"))
// Need to parse a string from request.
if err != nil || !utils.HasShortName(game.Team1) || !utils.HasShortName(game.Team2) {
// Checks if teams names are valid.
http.Redirect(w, r, "/error", http.StatusFound)
} else {
database.CreateGame(db, &game)
http.Redirect(w, r, "/admin", http.StatusFound)
log.Printf("GAME [%s - %s] ADDED\n", game.Team1, game.Team2)
}
break
case "close":
// Closes a game. Nothing to check.
pk := r.FormValue("close-game-id")
database.CloseGame(db, pk)
http.Redirect(w, r, "/admin", http.StatusFound)
log.Printf("GAME (%s) CLOSED\n", pk)
break
case "rollback":
confirm := r.FormValue("confirm") == "1"
if confirm {
database.RollBack(db)
}
http.Redirect(w, r, "/admin", http.StatusFound)
break
case "end":
// Finishes a game.
t1 := r.FormValue("team1")
t2 := r.FormValue("team2")
pk := r.FormValue("finish-game-id")
n1, er1 := strconv.Atoi(t1)
n2, er2 := strconv.Atoi(t2)
intPk, er3 := strconv.Atoi(pk)
if er1 != nil || er2 != nil || er3 != nil {
// Checks form data.
http.Redirect(w, r, "/error", http.StatusFound)
} else {
database.FinishGame(db, pk, n1, n2)
database.CalcPoints(db, intPk, n1, n2)
http.Redirect(w, r, "/admin", http.StatusFound)
log.Printf("GAME (%s) FINISHED\n", pk)
}
break
}
} else {
// Not an admin tried subminting data.
http.Redirect(w, r, "/login/", http.StatusFound)
}
}