func LoginPost(lu forms.Login, session sessions.Session, r render.Render, dbh *db.Dbh) { errs := ValidateLogin(&lu) if len(errs) > 0 { log.Printf("errors: %+v\n", errs) } user := dbh.GetUserByEmail(lu.Email) match := auth.MatchPassword(lu.Password, user.Password, user.Salt) if match { sessionkey := SessionKey(user.Email, user.Password, user.Salt) session.Set("loggedin", "true") session.Set("uid", user.Id) session.Set("email", user.Email) session.Set("key", sessionkey) dbh.CreateSession(models.UserSession{UserId: user.Id, SessionKey: sessionkey, Active: true, Timestamp: time.Now().Unix()}) r.Redirect(strings.Join([]string{utils.AppCfg.Url(), "albums"}, "/"), http.StatusFound) return } session.Set("flash", "Invalid Email or Password") r.Redirect(strings.Join([]string{utils.AppCfg.Url(), "login"}, "/"), http.StatusFound) }
func SetupAdminPost(sa forms.SetupAdmin, args martini.Params, session sessions.Session, r render.Render, res http.ResponseWriter, dbh *db.Dbh) { errs := Validate(&sa) if len(errs) > 0 { fmt.Printf("%+v\n", errs) } v := session.Get("setup") if v != "true" { http.Error(res, "Unauthorized", http.StatusUnauthorized) return } user := dbh.GetUserByEmail(sa.Email) if user.Id > 0 { fmt.Println("user already exists") session.Set("uid", user.Id) } if user.Id == 0 { fmt.Println("id: 0") hash, salt, err := auth.EncryptPassword(sa.Password) if err != nil { fmt.Println("hash err: ", err) } newuser := models.User{Name: sa.Name, Email: sa.Email, Password: hash, Salt: salt, Timestamp: time.Now().Unix()} dbh.InsertUser(newuser) session.Set("uid", newuser.Id) } uid := session.Get("uid") fmt.Println("uid: ", uid) genform := utils.GenerateForm(&sa, "/setup", "POST", errs) r.HTML(200, "setup", genform) }
func UploadImage(w http.ResponseWriter, upload models.ImageUpload, req *http.Request, r render.Render, dbh *db.Dbh) { ur := &models.UploadResult{} rEmail := upload.Email rAlbum := upload.Album rPrivateKey := upload.PrivateKey fiName := upload.File.Filename upload_time := time.Now().Unix() ur.SetCode(200) ur.SetResult("success") ur.SetName(fiName) tmp_file := utils.ImageCfg.Root() + ur.GetName() if Exists(tmp_file) { log.Println("Error: File exists. (" + tmp_file + ")") ur.SetCode(2) ur.SetResult("File exists") r.JSON(500, ur) return } out, err := os.Create(tmp_file) if err != nil { log.Println("Error: Unable to open file.") ur.SetCode(500) ur.SetResult("Failed to open the file for writing.") r.JSON(500, ur) return } defer out.Close() fi, err := upload.File.Open() if err != nil { log.Println("fi err: ", err) ur.SetCode(500) ur.SetResult(err.Error()) r.JSON(500, ur) return } defer fi.Close() _, err = io.Copy(out, fi) if err != nil { log.Println("Error: Failed to copy file.") ur.SetCode(500) ur.SetResult("Failed to copy file to new location.") r.JSON(500, ur) return } log.Printf("tmp_file: %s\n", tmp_file) // Add image uploader to database dbh.AddUploader(models.Uploader{Email: rEmail, Timestamp: upload_time}) // Setup hashid to create unique file name var hid models.HashID hid.Init(utils.AppCfg.SecretKey(), 10) // Get user id user := dbh.GetUserByEmail(rEmail) log.Println("user: "******"uploader user: "******"album: ", album) nAlbum := dbh.GetAlbum(rAlbum) // Add image image := dbh.AddImage(models.Image{ Name: fiName, Album: rAlbum, User: user.Id, AlbumId: nAlbum.Id, Timestamp: upload_time}) // Add image id to hashid - seg 3 hid.AddId(int(image.Id)) // Add upload time to hashid - seg 4 hid.AddId(int(upload_time)) // Get file extension and create new file name extension := filepath.Ext(fiName) nname := hid.Encrypt() + extension log.Printf("New name: %s\n", nname) image.HashId = nname dbh.UpdateImage(image) // Rename file to new name hash_name := utils.ImageCfg.Root() + nname os.Rename(tmp_file, hash_name) ur.SetName(utils.AppCfg.Url() + "/image/" + nname) // Create Thumb tname := utils.ImageCfg.Thumbs() + nname if !Exists(string(tname)) { okc := make(chan bool, 1) utils.CreateThumb(okc, hash_name, tname, 150, 150) <-okc } log.Printf("%# v\n", pretty.Formatter(album)) log.Printf("%# v\n", image) log.Printf("%# v\n", pretty.Formatter(ur)) r.JSON(200, ur) }