示例#1
0
func (c Account) RetrieveAccount(email string) r.Result {

	models.ValidateUserEmail(c.Validation, email).Key("email")

	if c.Validation.HasErrors() {
		c.Validation.Keep()
		c.FlashParams()
		c.Flash.Error("Account recovery failed.")
		return c.Redirect(routes.Account.Recover())
	}

	profile := c.getProfileByEmailAddress(email)

	if profile == nil {
		// Return a false positive response to requestors at this point
		c.Flash.Success("A password reset request has been sent to " + email + ".")
		return c.Redirect(routes.Application.Index())
	}

	err := c.sendAccountRecoverEmail(profile.User)

	if err != nil {
		panic(err)
	}

	c.Flash.Success("A password reset request has been sent to " + email + ".")
	return c.Redirect(routes.Account.Login())
}
示例#2
0
func (c Account) LoginAccount(account, password string, remember bool) r.Result {

	var profile *models.Profile

	// If account is a valid email address, retrieve account by email
	// otherwise, retrieve account by username
	models.ValidateUserEmail(c.Validation, account).Key("account")

	if c.Validation.HasErrors() {
		c.Validation.Clear()
		profile = c.getProfileByUserName(account)
	} else {
		profile = c.getProfileByEmailAddress(account)
	}

	if profile != nil {
		err := bcrypt.CompareHashAndPassword(profile.User.HashedPassword, []byte(password))
		if err == nil {
			c.DoLogin(profile.User, remember)
			c.Flash.Success("Welcome back, " + profile.Name)
			return c.Redirect(routes.Profile.Show(profile.UserName))
		}
	}

	c.Flash.Error("Sign In failed.")
	return c.Redirect(routes.Account.Login())
}
示例#3
0
func (c Profile) UpdateSettings(username string, profile *models.Profile, verifyPassword string) r.Result {
	existingProfile := c.connected()
	if existingProfile == nil || existingProfile.UserName != username {
		c.Flash.Error("You must log in to access your account")
		return c.Redirect(routes.Account.Logout())
	}

	email := profile.User.Email

	// Step 1: Validate data

	if email != existingProfile.User.Email {
		// Validate email
		models.ValidateUserEmail(c.Validation, profile.User.Email).Key("profile.User.Email")
	}

	if profile.User.Password != "" || verifyPassword != "" {
		models.ValidateUserPassword(c.Validation, profile.User.Password).Key("profile.User.Password")

		// Additional password verification
		c.Validation.Required(profile.User.Password != profile.User.Email).Message("Password cannot be the same as your email address").Key("profile.User.Password")
		c.Validation.Required(verifyPassword).Message("Password verification required").Key("verifyPassword")
		c.Validation.Required(verifyPassword == profile.User.Password).Message("Provided passwords do not match").Key("verifyPassword")
	}

	// Validate profile components
	models.ValidateProfileUserName(c.Validation, profile.UserName).Key("profile.UserName")
	models.ValidateProfileName(c.Validation, profile.Name).Key("profile.Name")
	models.ValidateProfileSummary(c.Validation, profile.Summary).Key("profile.Summary")
	models.ValidateProfileDescription(c.Validation, profile.Description).Key("profile.Description")

	if c.Validation.HasErrors() {
		c.Validation.Keep()
		c.FlashParams()
		c.Flash.Error("Profile could not be updated")
		return c.Redirect(routes.Profile.Settings(username))
	}

	// Step 2: Commit data

	if email != existingProfile.User.Email {
		userExists := c.getProfileByEmailAddress(email)

		if userExists != nil {
			c.Flash.Error("Email address is already registered to another account")
			return c.Redirect(routes.Profile.Settings(username))
		}

		// Re-send email confirmation
		existingProfile.User.Email = email
		existingProfile.User.Confirmed = false

		// FIXME
		/*// Send out confirmation email
		eErr := c.sendAccountConfirmEmail(existingProfile.User)

		if eErr != nil {
			c.Flash.Error("Could not send confirmation email")
		} else {*/

		// Update email address in database
		_, err := c.Txn.Exec("update User set Email = ?, Confirmed = ? where UserId = ?",
			email, 0, existingProfile.User.UserId)
		if err != nil {
			panic(err)
		}

		// Update session value
		c.Session["userEmail"] = email

		//}

	}

	profile.UserName = strings.ToLower(profile.UserName)

	// Update username?
	if profile.UserName != existingProfile.UserName {
		userExists := c.getProfileByUserName(profile.UserName)

		if userExists != nil {
			c.Flash.Error("User name is already registered to another account")
			return c.Redirect(routes.Profile.Settings(username))
		}

		// Change username
		existingProfile.UserName = profile.UserName
	}

	// Update password?
	if profile.User.Password != "" || verifyPassword != "" {
		c.CommitPassword(existingProfile.User, profile.User.Password)
	}

	// Update other profile components
	existingProfile.Name = profile.Name
	existingProfile.Summary = profile.Summary
	existingProfile.Description = profile.Description

	_, err := c.Txn.Update(existingProfile)
	if err != nil {
		c.Flash.Error("Profile could not be updated")
		return c.Redirect(routes.Profile.Settings(username))
	}

	c.Flash.Success("Profile has been updated")
	return c.Redirect(routes.Profile.Show(existingProfile.UserName))
}
示例#4
0
func (c Account) SaveUser(user models.User, username, name string) r.Result {

	// Lower case username
	username = strings.ToLower(username)
	lcPass := strings.ToLower(user.Password)

	// Validate User components
	models.ValidateUserEmail(c.Validation, user.Email).Key("user.Email")
	models.ValidateUserPassword(c.Validation, user.Password).Key("user.Password")

	// Additional user components verification
	c.Validation.Required(user.Password != user.Email).Message("Password cannot be the same as your email address").Key("user.Password")
	c.Validation.Required(lcPass != username).Message("Password cannot be the same as your user name").Key("user.Password")

	// Validate Profile components
	models.ValidateProfileUserName(c.Validation, username).Key("username")
	models.ValidateProfileName(c.Validation, name).Key("name")

	if c.Validation.HasErrors() {
		c.Validation.Keep()
		c.FlashParams()
		c.Flash.Error("Registration failed.")
		return c.Redirect(routes.Account.Register())
	}

	userExists := c.getProfileByEmailAddress(user.Email)

	if userExists != nil {
		c.Validation.Keep()
		c.FlashParams()
		c.Flash.Error("Email '" + user.Email + "' is already registered.")
		return c.Redirect(routes.Account.Register())
	}

	userExists = c.getProfileByUserName(username)

	if userExists != nil {
		c.Validation.Keep()
		c.FlashParams()
		c.Flash.Error("User name '" + username + "' is already taken.")
		return c.Redirect(routes.Account.Register())
	}

	user.HashedPassword, _ = bcrypt.GenerateFromPassword([]byte(user.Password), bcrypt.DefaultCost)

	user.Created = time.Now()

	user.Confirmed = false

	err := c.Txn.Insert(&user)
	if err != nil {
		panic(err)
	}

	// Create profile (and assign correct UserId)
	profile := &models.Profile{0, user.UserId, username, name, "", "", "", 0, 0, &user}

	// Get Gravatar Icon
	emailHash := gr.EmailHash(user.Email)
	gravatarUrl := gr.GetAvatarURL("https", emailHash, gr.DefaultIdentIcon, 128)

	if gravatarUrl != nil {
		profile.PhotoUrl = gravatarUrl.String()
	}

	err = c.Txn.Insert(profile)
	if err != nil {
		panic(err)
	}

	// Send out confirmation email
	err = c.sendAccountConfirmEmail(&user)

	if err != nil {
		c.Flash.Error("Could not send confirmation email")
		fmt.Println(err.Error())
	}

	c.Session["userEmail"] = string(user.Email)
	c.Flash.Success("Welcome, " + profile.Name)
	return c.Redirect(routes.Profile.Show(profile.UserName))
}