trantor/lib/user.go

package trantor

import (
	log "github.com/cihub/seelog"
	"gitlab.com/trantor/trantor/lib/database"

	"net/http"
)

func loginHandler(h handler) {
	if h.sess.User != "" {
		http.Redirect(h.w, h.r, "/dashboard/", http.StatusFound)
		return
	}

	var data statusData
	data.S = GetStatus(h)
	data.S.Title = "Login -- " + data.S.Title
	h.load("login", data)
}

func loginPostHandler(h handler) {
	user := h.r.FormValue("user")
	pass := h.r.FormValue("pass")
	if h.db.ValidPassword(user, pass) {
		log.Info("User ", user, " log in")
		h.sess.LogIn(user)
		h.sess.Notify("Successful login!", "Welcome "+user, "success")
	} else {
		log.Warn("User ", user, " bad user or password")
		h.sess.Notify("Invalid login!", "user or password invalid", "error")
	}
	h.sess.Save(h.w, h.r)
	http.Redirect(h.w, h.r, h.r.Referer(), http.StatusFound)
}

func createUserHandler(h handler) {
	pass := h.r.FormValue("pass")
	confirmPass := h.r.FormValue("confirmPass")
	if pass != confirmPass {
		h.sess.Notify("Registration error!", "Passwords don't match", "error")
	} else {
		user := h.r.FormValue("user")
		err := h.db.AddUser(user, pass)
		if err == nil {
			h.sess.Notify("Account created!", "Welcome "+user+". Now you can login", "success")
		} else {
			h.sess.Notify("Registration error!", "There was some database problem, if it keeps happening please inform me", "error")
		}
	}
	h.sess.Save(h.w, h.r)
	http.Redirect(h.w, h.r, h.r.Referer(), http.StatusFound)
}

func dashboardHandler(h handler) {
	if h.sess.User == "" {
		notFound(h)
		return
	}

	lists, err := h.db.GetListsByUser(h.sess.User)
	if err != nil {
		log.Error("Error loading user ", h.sess.User, " lists: ", err)
	}

	var data dashboardData
	data.S = GetStatus(h)
	data.S.Title = "Dashboard -- " + data.S.Title
	data.S.Dasboard = true
	data.Lists = lists
	h.load("dashboard", data)
}

type dashboardData struct {
	S     Status
	Lists []database.BookList
}

func settingsHandler(h handler) {
	if h.sess.User == "" {
		notFound(h)
		return
	}
	if h.r.Method == "POST" {
		current_pass := h.r.FormValue("currpass")
		pass1 := h.r.FormValue("password1")
		pass2 := h.r.FormValue("password2")
		switch {
		case !h.db.ValidPassword(h.sess.User, current_pass):
			h.sess.Notify("Password error!", "The current password given don't match with the user password. Try again", "error")
		case pass1 != pass2:
			h.sess.Notify("Passwords don't match!", "The new password and the confirmation password don't match. Try again", "error")
		default:
			err := h.db.SetPassword(h.sess.User, pass1)
			if err != nil {
				log.Warn("Can't update password for user ", h.sess.User, ": ", err)
				h.sess.Notify("Password error!", "An error has ocurred updating the password in the database. Sorry.", "error")
			} else {
				h.sess.Notify("Password updated!", "Your new password is correctly set.", "success")
			}
		}
		h.sess.Save(h.w, h.r)
	}

	var data statusData
	data.S = GetStatus(h)
	data.S.Title = "Settings -- " + data.S.Title
	h.load("settings", data)
}

func userAdminHandler(h handler) {
	if !h.sess.IsAdmin() {
		notFound(h)
		return
	}

	users, err := h.db.ListUsers()
	if err != nil {
		log.Error("Something went wrong listing users: ", err)
		notFound(h)
		return
	}

	var data userAdminData
	data.S = GetStatus(h)
	data.S.Title = "Users admin -- " + data.S.Title
	data.Users = users
	h.load("user_admin", data)
}

func userAdminPostHandler(h handler) {
	if !h.sess.IsAdmin() {
		notFound(h)
		return
	}

	username := h.r.FormValue("username")
	password := h.r.FormValue("password")
	role := h.r.FormValue("role")
	if password != "" {
		err := h.db.SetPassword(username, password)
		if err != nil {
			h.sess.Notify("An error ocurred!", err.Error(), "error")
		} else {
			h.sess.Notify("Password updated!", "", "success")
		}
	} else if role != "" {
		err := h.db.SetRole(username, role)
		if err != nil {
			h.sess.Notify("An error ocurred!", err.Error(), "error")
		} else {
			h.sess.Notify("Role updated!", "", "success")
		}
	}

	userAdminHandler(h)
}

func addUserHandler(h handler) {
	if !h.sess.IsAdmin() {
		notFound(h)
		return
	}

	username := h.r.FormValue("username")
	password := h.r.FormValue("password")
	role := h.r.FormValue("role")
	err := h.db.AddUser(username, password)
	if err != nil {
		h.sess.Notify("An error ocurred!", err.Error(), "error")
	} else {
		err := h.db.SetRole(username, role)
		if err != nil {
			h.sess.Notify("An error ocurred!", err.Error(), "error")
		} else {
			h.sess.Notify("User created!", "", "success")
		}
	}

	userAdminHandler(h)
}

type userAdminData struct {
	S     Status
	Users []database.User
}
Move all the code to a lib folder 2016-05-02 21:36:49 -04:00			`package trantor`
Back the login to html if no javascript 2013-09-03 14:02:54 +02:00
			`import (`
Normalize includes 2014-08-30 13:17:50 -05:00			`log "github.com/cihub/seelog"`
Add user management interface 2018-04-08 10:55:13 +00:00			`"gitlab.com/trantor/trantor/lib/database"`
Normalize includes 2014-08-30 13:17:50 -05:00
Back the login to html if no javascript 2013-09-03 14:02:54 +02:00			`"net/http"`
			`)`

Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`func loginHandler(h handler) {`
Add dashboard 2014-02-19 11:59:16 +01:00			`if h.sess.User != "" {`
			`http.Redirect(h.w, h.r, "/dashboard/", http.StatusFound)`
			`return`
			`}`

Back the login to html if no javascript 2013-09-03 14:02:54 +02:00			`var data statusData`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`data.S = GetStatus(h)`
Use diferent titles per page * Related: #7 2016-01-28 18:13:26 -05:00			`data.S.Title = "Login -- " + data.S.Title`
Refactor template loading around the handler 2017-06-06 14:18:47 +00:00			`h.load("login", data)`
Back the login to html if no javascript 2013-09-03 14:02:54 +02:00			`}`

Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`func loginPostHandler(h handler) {`
			`user := h.r.FormValue("user")`
			`pass := h.r.FormValue("pass")`
[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`if h.db.ValidPassword(user, pass) {`
Refactor database 2014-06-29 19:41:29 -05:00			`log.Info("User ", user, " log in")`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.LogIn(user)`
			`h.sess.Notify("Successful login!", "Welcome "+user, "success")`
Back the login to html if no javascript 2013-09-03 14:02:54 +02:00			`} else {`
Refactor database 2014-06-29 19:41:29 -05:00			`log.Warn("User ", user, " bad user or password")`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.Notify("Invalid login!", "user or password invalid", "error")`
Back the login to html if no javascript 2013-09-03 14:02:54 +02:00			`}`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.Save(h.w, h.r)`
			`http.Redirect(h.w, h.r, h.r.Referer(), http.StatusFound)`
Back the login to html if no javascript 2013-09-03 14:02:54 +02:00			`}`
Add user creation 2013-09-03 14:15:30 +02:00
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`func createUserHandler(h handler) {`
			`pass := h.r.FormValue("pass")`
			`confirmPass := h.r.FormValue("confirmPass")`
Add user creation 2013-09-03 14:15:30 +02:00			`if pass != confirmPass {`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.Notify("Registration error!", "Passwords don't match", "error")`
Add user creation 2013-09-03 14:15:30 +02:00			`} else {`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`user := h.r.FormValue("user")`
			`err := h.db.AddUser(user, pass)`
Add user creation 2013-09-03 14:15:30 +02:00			`if err == nil {`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.Notify("Account created!", "Welcome "+user+". Now you can login", "success")`
Add user creation 2013-09-03 14:15:30 +02:00			`} else {`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.Notify("Registration error!", "There was some database problem, if it keeps happening please inform me", "error")`
Add user creation 2013-09-03 14:15:30 +02:00			`}`
			`}`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.Save(h.w, h.r)`
			`http.Redirect(h.w, h.r, h.r.Referer(), http.StatusFound)`
Add user creation 2013-09-03 14:15:30 +02:00			`}`
Check change of password by javascript 2013-09-03 14:43:55 +02:00
Add dashboard 2014-02-19 11:59:16 +01:00			`func dashboardHandler(h handler) {`
			`if h.sess.User == "" {`
			`notFound(h)`
			`return`
			`}`

Add book lists to dashboard 2018-04-09 10:49:10 +00:00			`lists, err := h.db.GetListsByUser(h.sess.User)`
			`if err != nil {`
			`log.Error("Error loading user ", h.sess.User, " lists: ", err)`
			`}`

			`var data dashboardData`
Add dashboard 2014-02-19 11:59:16 +01:00			`data.S = GetStatus(h)`
Use diferent titles per page * Related: #7 2016-01-28 18:13:26 -05:00			`data.S.Title = "Dashboard -- " + data.S.Title`
Add dashboard 2014-02-19 11:59:16 +01:00			`data.S.Dasboard = true`
Add book lists to dashboard 2018-04-09 10:49:10 +00:00			`data.Lists = lists`
Refactor template loading around the handler 2017-06-06 14:18:47 +00:00			`h.load("dashboard", data)`
Check change of password by javascript 2013-09-03 14:43:55 +02:00			`}`

Add book lists to dashboard 2018-04-09 10:49:10 +00:00			`type dashboardData struct {`
			`S Status`
			`Lists []database.BookList`
			`}`

Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`func settingsHandler(h handler) {`
			`if h.sess.User == "" {`
			`notFound(h)`
Check change of password by javascript 2013-09-03 14:43:55 +02:00			`return`
			`}`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`if h.r.Method == "POST" {`
			`current_pass := h.r.FormValue("currpass")`
			`pass1 := h.r.FormValue("password1")`
			`pass2 := h.r.FormValue("password2")`
Check change of password by javascript 2013-09-03 14:43:55 +02:00			`switch {`
[WIP] migration to psql TODO: [ ] stats [ ] indexes 2016-07-30 07:10:33 -04:00			`case !h.db.ValidPassword(h.sess.User, current_pass):`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.Notify("Password error!", "The current password given don't match with the user password. Try again", "error")`
Check change of password by javascript 2013-09-03 14:43:55 +02:00			`case pass1 != pass2:`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.Notify("Passwords don't match!", "The new password and the confirmation password don't match. Try again", "error")`
Check change of password by javascript 2013-09-03 14:43:55 +02:00			`default:`
Fix setting password We were not acting on the error returning, and the sql sintax was wrong. 2018-02-22 09:57:37 +00:00			`err := h.db.SetPassword(h.sess.User, pass1)`
			`if err != nil {`
			`log.Warn("Can't update password for user ", h.sess.User, ": ", err)`
			`h.sess.Notify("Password error!", "An error has ocurred updating the password in the database. Sorry.", "error")`
			`} else {`
			`h.sess.Notify("Password updated!", "Your new password is correctly set.", "success")`
			`}`
Check change of password by javascript 2013-09-03 14:43:55 +02:00			`}`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`h.sess.Save(h.w, h.r)`
Check change of password by javascript 2013-09-03 14:43:55 +02:00			`}`

Add dashboard 2014-02-19 11:59:16 +01:00			`var data statusData`
Merge branch 'master' into user Conflicts: admin.go template.go trantor.go 2013-09-24 10:53:51 +02:00			`data.S = GetStatus(h)`
Use diferent titles per page * Related: #7 2016-01-28 18:13:26 -05:00			`data.S.Title = "Settings -- " + data.S.Title`
Refactor template loading around the handler 2017-06-06 14:18:47 +00:00			`h.load("settings", data)`
Check change of password by javascript 2013-09-03 14:43:55 +02:00			`}`
Add user management interface 2018-04-08 10:55:13 +00:00
			`func userAdminHandler(h handler) {`
			`if !h.sess.IsAdmin() {`
			`notFound(h)`
			`return`
			`}`

			`users, err := h.db.ListUsers()`
			`if err != nil {`
			`log.Error("Something went wrong listing users: ", err)`
			`notFound(h)`
			`return`
			`}`

			`var data userAdminData`
			`data.S = GetStatus(h)`
			`data.S.Title = "Users admin -- " + data.S.Title`
			`data.Users = users`
			`h.load("user_admin", data)`
			`}`

			`func userAdminPostHandler(h handler) {`
			`if !h.sess.IsAdmin() {`
			`notFound(h)`
			`return`
			`}`

			`username := h.r.FormValue("username")`
			`password := h.r.FormValue("password")`
			`role := h.r.FormValue("role")`
			`if password != "" {`
			`err := h.db.SetPassword(username, password)`
			`if err != nil {`
			`h.sess.Notify("An error ocurred!", err.Error(), "error")`
			`} else {`
			`h.sess.Notify("Password updated!", "", "success")`
			`}`
			`} else if role != "" {`
			`err := h.db.SetRole(username, role)`
			`if err != nil {`
			`h.sess.Notify("An error ocurred!", err.Error(), "error")`
			`} else {`
			`h.sess.Notify("Role updated!", "", "success")`
			`}`
			`}`

			`userAdminHandler(h)`
			`}`

Admin is now able to add users 2018-04-08 11:11:27 +00:00			`func addUserHandler(h handler) {`
			`if !h.sess.IsAdmin() {`
			`notFound(h)`
			`return`
			`}`

			`username := h.r.FormValue("username")`
			`password := h.r.FormValue("password")`
			`role := h.r.FormValue("role")`
			`err := h.db.AddUser(username, password)`
			`if err != nil {`
			`h.sess.Notify("An error ocurred!", err.Error(), "error")`
			`} else {`
			`err := h.db.SetRole(username, role)`
			`if err != nil {`
			`h.sess.Notify("An error ocurred!", err.Error(), "error")`
			`} else {`
			`h.sess.Notify("User created!", "", "success")`
			`}`
			`}`

			`userAdminHandler(h)`
			`}`

Add user management interface 2018-04-08 10:55:13 +00:00			`type userAdminData struct {`
			`S Status`
			`Users []database.User`
			`}`